kudos/sudo_controls
2
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity
43 Commits 2 Branches 0 Tags
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Patrick Van der Veken 1c0d1139aa ksh88 + whitespace fix
2021-01-11 16:05:54 +01:00
LICENSE
Initial commit
2015-05-20 14:43:04 +02:00
logo.png
Doc update
2018-11-03 16:59:35 +01:00
manage_sudo.conf
* Added support to specify @group values for the --targets parameter and in the targets file(s)
2018-11-03 16:35:59 +01:00
manage_sudo.sh
ksh88 + whitespace fix
2021-01-11 16:05:54 +01:00
README.md
* added support for SELinux (CentOS/RHEL 8.x)
2020-12-30 19:23:11 +01:00
update_sudo.conf
Various updates
2015-08-18 07:59:22 +02:00
update_sudo.pl
* added support for SELinux (CentOS/RHEL 8.x)
2020-12-30 19:23:11 +01:00

README.md

SUDO Controls Logo

What's new

📢 30/12/2020:

  • added support for SELinux (CentOS/RHEL 8.x)
  • various fixes

About

SUDO Controls is a light-weight SUDO fragments/rules distribution & management framework which:

  • uses a desired state model: SUDO Controls pushes fragments from a master (or slave) server onto client host(s) and applies them according to the central configuration.

  • uses SSH as transport mechanism: SUDO Controls connects to client hosts through the secure path of SSH.

  • supports a Master→Slave→Client model so that information can be propagated within more complex LAN set-ups.

  • performs operations with least privileges: copy/distribute operations are performed with a low-privileged account. Only the actual snippet updates requires super-user privileges.

  • uses a two-stage approach to activate SUDO fragments: copy (or distribute) and apply. Fragments are first copied into a temporary location on each client hosts - the holding directory - and not applied automatically. Applying or activating fragments on a client host is a separate operation which can be triggered either locally or remotely (from the SUDO master)

  • allows the use of (nested) groups in the master configuration: fragments and hosts can be grouped in the SUDO master configuration files to allow a simplified configuration. Nesting of groups is allowed up to 5 levels deep.

  • allows the use of (nested) groups in the specification of the push targets. Either via the --targets command-line parameter or via the targets configuration file.

  • can discover SSH host public keys to (re)create known_hosts file(s) for a large amount of hosts

  • requires no client agent component and is stateless: SUDO Controls performs operations by pushing fragments or commands to client hosts. Update processes on the client hosts will only be started on-demand. If the SUDO master is - for whatever reason - unavailable then active fragments on a client host remain in place.

  • is easy to configure and maintain (command-line based): the configuration is stored in a limited number of flat files and be easily updated. A very rudimentary syntax checking facility is also available to check the consistency of the most important (master) configuration files.

More documentation can be found at http://www.kudos.be/Projects/SUDO_Controls.html

Logo created with Free Logo Maker

Description
A light-weight SUDO fragments/rules distribution & management framework
https://www.kudos.be/sudo_controls/
Readme GPL-3.0 134 KiB
Languages
Shell 72.2%
Perl 27.8%