[quote=“etxeberrizahar”]Tu as dû escamoter la ligne en l’éditant.
Cette subtilité m’échappe …
* edit *
Je n’ai rien dit.
[23:44:40][root@domaine] ~ # cat /etc/sudoers
[23:44:44][root@domaine] ~ #
[quote=“man sudoers”] Including other files from within sudoers
It is possible to include other sudoers files from within the sudoers file currently being parsed using the #include and #includedir directives.
This can be used, for example, to keep a site-wide sudoers file in addition to a local, per-machine file. For the sake of this example the site-wide sudoers will be
/etc/sudoers and the per-machine one will be /etc/sudoers.local. To include /etc/sudoers.local from within /etc/sudoers we would use the following line in
When sudo reaches this line it will suspend processing of the current file (/etc/sudoers) and switch to /etc/sudoers.local. Upon reaching the end of
/etc/sudoers.local, the rest of /etc/sudoers will be processed. Files that are included may themselves include other files. A hard limit of 128 nested include files
is enforced to prevent include file loops.
If the path to the include file is not fully-qualified (does not begin with a /), it must be located in the same directory as the sudoers file it was included from.
For example, if /etc/sudoers contains the line:
the file that will be included is /etc/sudoers.local.
The file name may also include the %h escape, signifying the short form of the host name. I.e., if the machine's host name is "xerxes", then
will cause sudo to include the file /etc/sudoers.xerxes.
The #includedir directive can be used to create a sudo.d directory that the system package manager can drop sudoers rules into as part of package installation.
sudo will read each file in /etc/sudoers.d, skipping file names that end in ~ or contain a . character to avoid causing problems with package manager or editor
temporary/backup files. Files are parsed in sorted lexical order. That is, /etc/sudoers.d/01_first will be parsed before /etc/sudoers.d/10_second. Be aware that
because the sorting is lexical, not numeric, /etc/sudoers.d/1_whoops would be loaded after /etc/sudoers.d/10_second. Using a consistent number of leading zeroes in
the file names can be used to avoid such problems.
Note that unlike files included via #include, visudo will not edit the files in a #includedir directory unless one of them contains a syntax error. It is still
possible to run visudo with the -f flag to edit the files directly.
Je recherche une traduction viable …