sudoers

[Tamas Papp]

On 05/16/2014 04:02 PM, Luis Mondesi wrote:
>> On May 16, 2014, at 9:54, Tamas Papp <tompos at martos.bme.hu> wrote:
>>
>>
>> On 05/16/2014 03:50 PM, Luis Mondesi wrote:
>>>> On May 16, 2014, at 4:23, Tamas Papp <tompos at martos.bme.hu> wrote:
>>>>
>>>>
>>>>> On 05/16/2014 09:19 AM, Andrea Corbellini wrote:
>>>>> Actually, you are supposed to create a new file in /etc/sudoers.d for
>>>>> custom rules. You shouldn't edit /etc/sudoers directly; this will
>>>>> ensure that package upgrades can happen without asking you any
>>>>> question about the changes you made to that file.
>>>> If you edit sudoers via visudo there is a syntax checking.
>>>> If you do something wrong in /etc/sudoers.d/a, there is no syntax
>>>> checking and the your user gets locked out:
>>>>
>>>> $ sudo -i
>>>>>>> /etc/sudoers.d/a: syntax error near line 1 <<<
>>>> sudo: parse error in /etc/sudoers.d/a near line 1
>>>> sudo: no valid sudoers sources found, quitting
>>>> sudo: unable to initialize policy plugin
>>> Ugh? Then use visudo to change sudoers so you learn the proper syntax and copy/paste to /etc/sudoers.d/a. After doing one file you should be able to remember the syntax ...
>> Yes, there are _workarounds_ to make visudo pointless.
>>
>> tamas
> Then a patch to visudo is due so it knows about files in /etc/sudoers.d and to also allow you to save "partials" to that location... **hint**

If the goal an intact default configuration file, keep it under /usr and
use #include.
IMHO:)

tamas