comments in /eetc/passwd and group

Shawn Badger badger.shawn at gmail.com
Thu Feb 4 11:52:38 MST 2010 

I am the primary sys admin of the box, but the problem is that there is
other sys admins that say I have to do things this way, I am trying to say
we need to be doing it this way.
I would love to say that will be done my way, but without some sort of
justifcation as to whe this way is better than that way I can't get them to
change.

I'm sure I'm not the only one that has had to play these office politics
games before to get some one else to come to see what the current best
practices are. Yes, it is sad that you have to do these things, but that is
the world I work in.



On Thu, Feb 4, 2010 at 11:37 AM, Eric Shubert <ejs at shubes.net> wrote:

> If you're the sysadmin for the host, then you should call the shots, and
> do what you think best. When the system breaks as a result of doing
> this, whose neck is on the line?
>
> How did they get the idea that someone could edit this file, let alone
> put comments in it? It's a rather absurd idea imo.
>
> I think this is probably simply the wrong solution to some problem. I
> don't believe you've told us what the problem is. If you do, perhaps
> someone here would think of a more appropriate solution.
>
> Shawn Badger wrote:
> > I agree that editing them by hand is a very bad idea, but I have some
> > people that insist on it and they above me in the Org chart.
> >
> > That being said some of those people want to include comments and such
> > in the files. I can not how ever just say no that is a stupid idea
> > without first having something to say why that is a stupid idea.
> >
> > I am working on the comments and blank lines first and then after they
> > get used to that I can work on the hand editing portion, but for now I
> > just need something solid other than poor practice.
> >
> >
> >
> > On Thu, Feb 4, 2010 at 10:46 AM, Craig White <craigwhite at azapple.com
> > <mailto:craigwhite at azapple.com>> wrote:
> >
> >     On Thu, 2010-02-04 at 10:03 -0700, Shawn Badger wrote:
> >      > Somebody did mention security to me as well, but when I asked them
> to
> >      > elaborate on it they couldn't.
> >      > I agree you can maintain a separate file for the comments, but I
> am
> >      > looking for something that would say if you have blank line lines
> in
> >      > in the /etc/passwd or /etc/group file this can happen. And if you
> >     have
> >      > #comments in them this can happen, but so far I have not been able
> to
> >      > find anything like that.
> >      >
> >      > In order to defend my stance, I need to be able to say this will
> >      > happen if you do that.
> >     ----
> >     It seems to me that beyond...
> >
> >     # Do NOT hand edit these files under penalties that might include
> >     # death, getting your hands chopped off or just termination.
> >
> >     seems to be unnecessary as hand editing passwd/group/shadow files is
> >     fraught with potentially devastating possibilities and so many tools
> are
> >     available to handle the job.
> >
> >     Not to mention that a system like LDAP is entirely capable of
> handling
> >     comments.
> >
> >     But in fairness, I think there is a lot of context that you are not
> >     sharing with us that would probably be meaningful to the discussion.
> >
> >     Craig
> >
> >
> >     --
> >     This message has been scanned for viruses and
> >     dangerous content by MailScanner, and is
> >     believed to be clean.
> >
> >     ---------------------------------------------------
> >     PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
> >     <mailto:PLUG-discuss at lists.plug.phoenix.az.us>
> >     To subscribe, unsubscribe, or to change your mail settings:
> >     http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
> >
> >
>
>
> --
> -Eric 'shubes'
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.PLUG.phoenix.az.us/pipermail/plug-discuss/attachments/20100204/d418e218/attachment.htm

More information about the PLUG-discuss mailing list