[sudo-users] Sudoers Web Interface

Eric S. Johansson esj at harvee.org
Wed May 30 14:21:49 EDT 2007


Brian Gupta wrote:
>> LDAP should not be that hard to implement, though I have never used it.
>> I'll have to add this as the research to do list. Though that probably
>> would be a great solution cause I would not have to build a screen to
>> populate the data just export it from an existing DB and let the admin
>> add it though his normal Ldap screen.
> 
> I ask because many people keep their sudo data in LDAP.

Brian makes a very good point.  LDAP seems to be the repository of choice for 
authentication information.  we may have two or three usage cases here depending 
on what number of users makes it worthwhile to switch to LDAP.  a small number 
of users on a single system should be a flat file.  A medium number (30-100) a 
stand-alone database, by the same as you get to shared authentication data 
across multiple machines or any other condition requiring the use of an LDAP 
backend, then you want to go LDAP.

The big challenge for small to medium size is is the install time.  If it takes 
me more than 15 minutes to install and I've got a single machine with a  limited 
  number of users (i.e. under 50), then doing it the old-fashioned way is easier.

Personally, I think that any application that takes longer than 15-30 minutes to 
install and get the basic configuration right is not packaged correctly.  Heck, 
getting NaturallySpeaking working halfway right takes 20 minutes with training 
and that's a very complex application.  on the other hand, I do use Emacs and no 
matter how many years you use it, the configuration is never completely right. 
  you just tolerate how far you've gotten so far. :-)

---eric


-- 
Speech-recognition in use.  It makes mistakes, I correct some.



More information about the sudo-users mailing list