Re: multihost master.passwd sync
From: Michael Collette (metrol_at_metrol.net)
To: FreeBSD Security <FreeBSD-Security@FreeBSD.org> Date: Tue, 27 May 2003 12:38:27 -0700
On Tuesday 27 May 2003 12:31 pm, Andy Harrison wrote:
> On 27-May-2003, Eric Anderson wrote message "Re: multihost master.passwd
> sync" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> >> Because we don't allow root login remotely, mandated from above.
> > so you scp the file to a directory owned by a user designated to only do
> > this function.. then have a cron job that fires up every so often that
> > snags that file and updates the running master.passwd file..
> Root can't scp a file from one host to another where remote root login is
> not allowed.
That's not what Eric was suggesting. You use a non-root user account to do
the xfer. You then have a root owned cron job that puts the xfer'd file in
Root never moves anything across the network.
-- "Always listen to experts. They'll tell you what can't be done, and why. Then do it." - Robert A. Heinlein _______________________________________________ firstname.lastname@example.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "email@example.com"