Since forever I wish i could specify a path to the sudoers file to be managed by vgptool.
We want to enforce the contents of /etc/sudoers - which we can't if vgptool writes to this file.
We would like to specify in vgptool config a path of /etc/sudoers.d/vgptool which then could be completly managed by vgptool.
The problem we have with the way it is right now is that once a user had root rights he could add his own sudo rules to /etc/sudoers which then won't be purged. Of course it's not allowed to do so - but if you have hundreds of servers and many application owners which can order temporary root rights its better to have things enforced.
If we can manage the /etc/sudoers completly we can enforce the content and vgptool can enforce the content for it's part of the config.
Is this just melooking for such an option?
Right now we're looking into do a ugly workaround by changing the path the vgptool script and adding a visudo wrapper which calls "visudo -f /etc/sudoers.d/vgptool". Works but I really think vgptool should provide the option the specify a path.