I am the primary sys admin of the box, but the problem is that there is other sys admins that say I have to do things this way, I am trying to say we need to be doing it this way.
I would love to say that will be done my way, but without some sort of justifcation as to whe this way is better than that way I can't get them to change.
I'm sure I'm not the only one that has had to play these office politics games before to get some one else to come to see what the current best practices are. Yes, it is sad that you have to do these things, but that is the world I work in.
If you're the sysadmin for the host, then you should call the shots, and
do what you think best. When the system breaks as a result of doing
this, whose neck is on the line?
How did they get the idea that someone could edit this file, let alone
put comments in it? It's a rather absurd idea imo.
I think this is probably simply the wrong solution to some problem. I
don't believe you've told us what the problem is. If you do, perhaps
someone here would think of a more appropriate solution.
Shawn Badger wrote:
> I agree that editing them by hand is a very bad idea, but I have some
> people that insist on it and they above me in the Org chart.
>
> That being said some of those people want to include comments and such
> in the files. I can not how ever just say no that is a stupid idea
> without first having something to say why that is a stupid idea.
>
> I am working on the comments and blank lines first and then after they
> get used to that I can work on the hand editing portion, but for now I
> just need something solid other than poor practice.
>
>
>
> On Thu, Feb 4, 2010 at 10:46 AM, Craig White <craigwhite@azapple.com
> <mailto:PLUG-discuss@lists.plug.phoenix.az.us>> <mailto:craigwhite@azapple.com>> wrote:
>
> On Thu, 2010-02-04 at 10:03 -0700, Shawn Badger wrote:
> > Somebody did mention security to me as well, but when I asked them to
> > elaborate on it they couldn't.
> > I agree you can maintain a separate file for the comments, but I am
> > looking for something that would say if you have blank line lines in
> > in the /etc/passwd or /etc/group file this can happen. And if you
> have
> > #comments in them this can happen, but so far I have not been able to
> > find anything like that.
> >
> > In order to defend my stance, I need to be able to say this will
> > happen if you do that.
> ----
> It seems to me that beyond...
>
> # Do NOT hand edit these files under penalties that might include
> # death, getting your hands chopped off or just termination.
>
> seems to be unnecessary as hand editing passwd/group/shadow files is
> fraught with potentially devastating possibilities and so many tools are
> available to handle the job.
>
> Not to mention that a system like LDAP is entirely capable of handling
> comments.
>
> But in fairness, I think there is a lot of context that you are not
> sharing with us that would probably be meaningful to the discussion.
>
> Craig
>
>
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:--
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>
>
-Eric 'shubes'
---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss