[sudo-users] Grouping Cmnd_Alias commands into one file?

Leam Hall leamhall at gmail.com
Thu Oct 6 08:10:08 MDT 2016

Thanks to Matthew for helping me get over the first issue. On to the 
next task!

Is it "best practice" or "bad idea" to put all Cmnd_Alias commands into 
one file, say /etc/sudoers.d/cmnd_alias? Then you put each role's (user, 
group, etc) allowed commands in their own file.

The reason would be to manage larger numbers of servers and not having 
to worry about a Cmnd_Alias already being defined elsewhere. So far this 
works on my test box, but I don't know how well it will scale. The end 
goal is a very minimal /etc/sudoers file and standard /etc/sudoers.d/* 

More information about the sudo-users mailing list