[sudo-users] Grouping Cmnd_Alias commands into one file?
Leam Hall
leamhall at gmail.com
Thu Oct 6 08:10:08 MDT 2016
Thanks to Matthew for helping me get over the first issue. On to the
next task!
Is it "best practice" or "bad idea" to put all Cmnd_Alias commands into
one file, say /etc/sudoers.d/cmnd_alias? Then you put each role's (user,
group, etc) allowed commands in their own file.
The reason would be to manage larger numbers of servers and not having
to worry about a Cmnd_Alias already being defined elsewhere. So far this
works on my test box, but I don't know how well it will scale. The end
goal is a very minimal /etc/sudoers file and standard /etc/sudoers.d/*
files.
More information about the sudo-users
mailing list