On 31. 10. 23, 18:21, Andrei Borzenkov wrote:
On 31.10.2023 18:12, Joe Salmeri wrote:
On 10/31/23 07:01, Otto Hollmann wrote:
Thank you for questions.
Sudo will use the first file it found. So if /etc/sudoers file exists, /usr/etc/sudoers file will be ignored.
However this does not apply for included files. At the end of sudoers file we have the following lines: @includedir /usr/etc/sudoers.d @includedir /etc/sudoers.d So by default we will read from both locations.
This also corresponds with our recommendation (guids written by our doc team) to don't modify directly sudoers file but rather create your own file(s) in /etc/sudoers.d. If it's done this way, host-specific configuration files can coexist together with our distribution provided files.
Do we still have a problem or is this an acceptable solution?
Otto
Hi Otto,
Will existing TW installs be migrated to this or do we have to do it manually ?
For example, if a system has not modified /etc/sudoers ( the current location the install creates it ) when TW is updated to the build that includes this change will that file be removed since it was not overridden letting the system use the default in the new default location of /usr/etc/sudoers ?
If file is removed from package, that file will be removed after update. I am not sure whether backup will be created for unmodified configuration file, I think not.
Depends if it is marked as %config and with noreplace, right? And /etc/sudoers is both. So edited /etc/sudoers should be kept. Untouched /etc/sudoers should be deleted. -- js suse labs