Fwd: Re: System administration utility

bpmedley at 4321.tv bpmedley at 4321.tv
Mon Aug 20 22:05:30 EDT 2001 

On Mon, 20 Aug 2001, Derek D. Martin wrote:

> > Why not just use RCS (or CVS)?  Then you also get revision control
> > and change history, as well as file locking.
>
> Actually we use both.  IIRC the problem here is that generally, in
> order to edit most config files, you need to be effectively root.  If
> you check out a file as root, the lock is "owned" by root, and it's
> impossible to tell who has the file locked without running around
> yelling "who's got the aliases file locked?!?" or some such thing.  If
> you've got a large enough group spread out over a fairly large area
> (as was the case at one job I worked at) this is a very inefficient
> way to determine who is working on a file.
>
> This utility will (in most cases) circumvent that problem, by trying
> to figure out who the real user who ran the program was.  The only
> time it fails is when the user logged in as root to start with... IOW
> if you su to root or use sudo to run the program, or use some other
> suid wrapper, it will be able to figure out who you really are.

This sounds useful.  Does anyone know howto configure RCS to do something
similar?

> Some files also aren't well suited to source control, like the
> passwd file.  Users can change their own password, but if the
> passwd file isn't checked out, their changes will be overwritten next
> time someone checks it out.  And users typically can't check out the
> passwd file for editing...

This makes sense.  Thanx for the summary.

~'`^`'~=-.,__,.-=~'`^`'~=-.,__,.-=~'`^`'~=-., \|/  (___)  \|/ _,.-=~'`^`
                          Brian Medley         @~./'O o`\.~@
"Knowledge is Power" brian.medley at verizon.net /__( \___/ )__\  *PPPFFBT!*
  -- Francis Bacon                               `\__`U_/'
 _,.-=~'`^`'~=-.,__,.-=~'`^`'~=-.,__,.-=~'`^`'~= <____|'  ^^`'~=-.,__,.-=
~`'^`'~=-.,__,.-=~'`^`'~=-.,__,.-=~'`^`'~=-.,__,.-==--^'~=-.,__,.-=~'`^`

-
Subcription/unsubscription/info requests: send e-mail with
"subscribe", "unsubscribe", or "info" on the first line of the
message body to discuss-request at blu.org (Subject line is ignored).

More information about the Discuss mailing list