[sudo-users] /etc/sudoers versus /etc/sudoers.d
Michael Ströder
michael at stroeder.com
Wed Sep 12 12:04:43 MDT 2018
On 2018-09-12 01:34, John Adams wrote:
> Someone pointed out to me today that we could decompose our
> /etc/sudoers files into one large standard body and many smaller
> configuration files in /etc/sudoers.d.
Did "someone" tell you why he wants to do that?
> We've got a little over a hundred machines and not a lot of
> variation
> among them. I see the value of doing this and also wonder whether the
> value
> is worth the gain in complexity.
>
> What do you think? And is there any other recent new feature I
> should
> think about using?
One advantage of /etc/sudoers.d/ is that different OS packages (RPM,
Debian, etc.) or configuration management modules can independently add
sudoers rules.
Ciao, Michael.
More information about the sudo-users
mailing list