[sudo-users] Mailing list update and enhancement request
Matthew.Stier at fujitsu.com
Matthew.Stier at fujitsu.com
Mon Apr 1 10:40:32 MDT 2024
Ditto.
Automated management is much easier, when it is adding/deleting files from a directory, rather than modifying a single text file.
The only issue I've encountered is using the same name being defined in /etc/sudoers, and a file in /etc/sudoers.d/.
I get around this, by requiring all entries in /etc/sudoers to use User_Aliases and all User_Aliases must be capital letters. All entries in /etc/sudoers.d/<accountname> are simply their lowercase account names. No User_, Host_ or Command_ Aliases.
-----Original Message-----
From: sudo-users <sudo-users-bounces at sudo.ws> On Behalf Of Grant Taylor via sudo-users
Sent: Monday, April 1, 2024 11:00 AM
To: sudo-users at sudo.ws
Subject: Re: [sudo-users] Mailing list update and enhancement request
On 3/30/24 10:12 AM, Todd C. Miller via sudo-users wrote:
> The intented use of /etc/sudoers.d was for packages to be able to
> create files there for specific accounts created as part of the
> package installation.
What constitutes "packages" in this context?
I've found that I place site local sudo configurations files in that directory as it's much easier to make things more modular therein. No need to use a monolithic (/etc/)sudoers file and mange change aggregation when it's easy to place things in /etc/sudoers.d.
I do suggest a naming convention so that files in the /etc/sudoers.d directory don't conflict. I use <company-name>-<module>.
--
Grant. . . .
unix || die
____________________________________________________________
sudo-users mailing list <sudo-users at sudo.ws>
For list information, options, or to unsubscribe, visit:
https://www.sudo.ws/mailman/listinfo/sudo-users
More information about the sudo-users
mailing list