[sudo-users] Distributed sudoers updates

Bob Hall shaezyra at yahoo.com
Wed Feb 13 16:19:17 EST 2008

This may sound a little unorthodox from a security
perspective, but we would like to be able to perform
standardized updates of the sudoers file across
multiple platforms and multiple OS's. One issue that
has arisen is that some vendors do not use a
standardized installation, so that the sudoers file
may appear in locations other than under /etc. (An
example is the HP-UX ixSudo bundle, which loads the
sudoers file under /opt/iexpress/sudo/etc/.) This
wouldn't be a problem for us if there was a
command-line equivalent to visudo.

Has anybody come up with a decent solution to this
problem? We could possibly set the 'enveditor Default'
in the sudoers file, allowing us to perform the edits
using EDITOR=ex. But as the man page for visudo points
out, this would open up a security hole.

Thank you!


Looking for last minute shopping deals?  
Find them fast with Yahoo! Search.  http://tools.search.yahoo.com/newsearch/category.php?category=shopping

More information about the sudo-users mailing list