1 |
On 21.05.2015 15:10, Alan McKinnon wrote: |
2 |
|
3 |
> I didn't realize you want to deploy keys for root. Is that root on your |
4 |
> local machine, or root on the remote machines? |
5 |
|
6 |
both ... mixed and grown setup |
7 |
|
8 |
> Either way, that part *does* need some thinking through. |
9 |
|
10 |
yes! I knew it ;-) |
11 |
|
12 |
> For automation involving root permissions, I prefer to use a remote |
13 |
> system (non-root) account and give it the needed permissions in |
14 |
> /etc/sudoers, being careful to disallow sudo -i, sudo su, and friends |
15 |
|
16 |
hm. so much work all around. |