11 Jun
2009
11 Jun
'09
3 p.m.
On Thu, 2009-06-11 at 11:39 -0500, Daniel Seagraves wrote:
The next line is the important one. All my users and
passwords come
via the network. Root's mail gets sent to another account on another
machine. The installer wants me to make a LOCAL user to sudo and etc
but I want to use my REMOTE for that. For that I do the initial setup
as root and then disable it. If I do things Debian's way I have to set
up root and user passwords, log in as the user, sudo to set up the
machine, make my remote user able to sudo, redirect root's mail, then
remove the local user and hunt through the entire system looking for
anywhere that username may have been referenced and remove it. (or
leave the local user there as a time bomb to come back and kill me
later WHEN (not IF) someone hacks it)
If you're rolling out *that* many boxes that use some sort of common
auth system, you might be better creating a suitably tweaked installer.
That way you have a common image that you push to the box, maybe even
netbooting it, and you don't have to worry about footering around with
the config after - you can even include the packages you want that
aren't installed by default.
As someone said once before, the sequence goes "repetition, boredom,
complacency, horrible accident, 'Jeeez I wish I was still bored'..."
Gordon