[CentOS] change sudoers remotely
natxo asenjo
natxo.asenjo at gmail.com
Tue Jul 9 09:36:46 UTC 2013
On 07/08/2013 10:32 PM, Tim Dunphy wrote:
> hello list,
>
> I've been asked to give someone sudo rights across an entire environment
> without the benefit of something like puppet or chef or cfengine et al.
another option is using ldap, so you can specify who can do what in the
ldap tree.
The IPA project (included in centos as ipa-server and ipa-client) fixes
all this for you:
https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Identity_Management_Guide/index.html
https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Identity_Management_Guide/sudo.html
Having said this, the question to manage an environment without
management tools is peculiar. You need to have a way to introduce
changes in a safe, tested, repetitive way. Denying you the possibility
of doing this is not best practices and you should point this a a risk
in your project.
--
groet,
natxo
More information about the CentOS
mailing list