There is also this thing added in 1975 called groups. By 1979 it was fairly
trivial to create a group, add users, chown and chmod files you wanted the
group to edit, and then have a beer.
This lets groups of people edit sets of files using whatever editor they
want all without ever having root.
Still works.
Michael
On Thu, Mar 1, 2018 at 9:18 AM Paul de Weerd <weerd@weirdnet.nl> wrote:
> Hi Nick, others,
>
> On Thu, Mar 01, 2018 at 08:15:57AM -0500, Nick Holland wrote:
> | On 03/01/18 06:50, Solène Rapenne wrote:
> | > What you said mimics visudo (to edit sudo configuration file), not
> | > sudoedit which is documented in sudo(8) :
> | >
> | > 1.Temporary copies are made of the files to be edited with the owner
> | > set to the invoking user.
> | > 2.The editor specified by the policy is run to edit the temporary
> | > files. The sudoers policy uses the SUDO_EDITOR, VISUAL and EDITOR
> | > environment variables (in that order). If none of SUDO_EDITOR,
> | > VISUAL or EDITOR are set, the first program listed in the editor
> | > sudoers(5) option is used.
> | > 3.If they have been modified, the temporary files are copied back to
> | > their original location and the temporary versions are removed.
> |
> | what is the reason for your obsession with sudoedit or visudo or
> | anything other than just editing the $%&^& file, saving your change and
> | testing them on another terminal window? Like is done on almost every
> | other config file in a Unix environment?
> |
> | There is no pfconfedit, daily.localedit, virc.conf, dhcpd.confedit, and
> | we do just fine without it.
>
> crontab -e! :-)
>
> Anywho .. sudoedit has its place: you can grant users the right to
> edit specific files, and the editing itself is done without
> privileges. And, miraculously, there's already a tool for doing
> exactly that availble just one pkg_add away!
>
> Really people, there's no shame in installing packages. The porters
> and package builders put *A LOT* of effort in generating these. If
> you need their functionality because it's not in base - go ahead and
> use the fruit of their hard labour! Some functionality is *NOT* in
> base for a reason.
>
> Paul 'WEiRD' de Weerd
>
> --
> >++++++++[<++++++++++>-]<+++++++.>+++[<------>-]<.>+++[<+
> +++++++++++>-]<.>++[<------------>-]<+.--------------.[-]
> http://www.weirdnet.nl/
>
>
No comments:
Post a Comment