Re: semi secure sudo script to allow restricted copy ability

Can you write a script for every admin task? adduser, deluser, ..., web_server [start|stop|clean_logs|...], etc. Then you can use sudo's configuration file to enable only those commands.

Comment on Re: semi secure sudo script to allow restricted copy ability Select or Download Code

Replies are listed 'Best First'.
Re^2: semi secure sudo script to allow restricted copy ability by 5mi11er (Deacon) on May 06, 2008 at 18:21 UTC
That's sort of the direction I'm headed. My real world problem set ATM is this: o Nearly 100 servers, and growing fast due to virtual machines o I'm still implementing LDAP authentication across them all o adduser and the like not needed, auto create home directories on first login. o removing user home directories will become a problem eventually o Recently added ldap replication, need to add this new server the ldap.conf files o Recently added a local yum repository, need to fix the yum repository files o want modified standard config files like ntp.conf, /etc/profile.d/colorls.sh for instance -Scott	[reply]

Replies are listed 'Best First'.

Re^2: semi secure sudo script to allow restricted copy ability
by 5mi11er (Deacon) on May 06, 2008 at 18:21 UTC

My real world problem set ATM is this:

 o Nearly 100 servers, and growing fast due to virtual machines
 o I'm still implementing LDAP authentication across them all
    o adduser and the like not needed, auto create home directories on first login.
    o removing user home directories will become a problem eventually
 o Recently added ldap replication, need to add this new server the ldap.conf files
 o Recently added a local yum repository, need to fix the yum repository files
 o want modified standard config files like ntp.conf, /etc/profile.d/colorls.sh for instance

[reply]