On Tue, Aug 16, 2011 at 5:36 AM, Neil Watson wrote: > > If Cfengine or similar is maintaining both the sudoers file and the target > scripts that will be sudoed then I think you can reasonable trust them > provided they have gone through enough testing.
I just wanted to share that I put sudoers under CFEngine control, and I had to add insert_type => "preserve_block" to my insert_lines promise, otherwise once in a while I saw an intermittent "user not in sudoers list, this incident will be reported". This was with a multiline insert_lines promise. Not sure what exactly went wrong but adding the insert_type attribute, I haven't had any problems since. Aleksey _______________________________________________ Help-cfengine mailing list Help-cfengine@cfengine.org https://cfengine.org/mailman/listinfo/help-cfengine
