On 7/23/14, 3:29 PM, Dimitris Papastamos wrote: > Are these scripts somewhere publicly available? I'd like to have a > look if possible.
No, but I'll clean them up a little later this week. They're really nothing special; all my machines run Linux, so it's just useradd/usermod/userdel and some fluff. Also, an hourly script that checks getent passwd against the master for non-system accounts, and emails me when there's a problem. I was going to try to use cfengine, but after ten minutes of trying to find even the most basic information, I just hacked some shell scripts together instead. You could do the same as or better than me in half an hour. I copy SSH public keys when a new account is created/machine is added; beyond that, users are responsible for handling themselves. I thought about creating per-machine access lists, but then I stopped thinking about it because I didn't need it. Sorry.
signature.asc
Description: OpenPGP digital signature
