[sudo-users] JSON import to sudoers

Michael Ströder michael at stroeder.com
Tue Nov 18 01:12:19 MST 2014

In general every new format requires a syntax and a schema for the semantics.
It's always much work to get it right.

Tim Bradshaw wrote:
> One thing I thought about was that, it looks to me as if the LDAP sudoers
> thing is probably easier to generate reliably than the text one, although
> that obviously involves having an LDAP server.  For my masterplan that's
> probably a fair trade: I'd be happy to say to my client that if they want
> to use my tool they need to use LDAP -- apart from anything else it solves
> the whole distribute-the-file-around-a-million-hosts problem.

Well, you could express sudo-ldap entries also as LDIF entry records (RFC
2849) and distribute the LDIF files. Not sure whether sudo-ldap schema
supports everything you can define in a normal sudoers file though.

Ciao, Michael.

More information about the sudo-users mailing list