On Fri, Aug 17, 2018 at 02:48:56PM -0300, Joao Roscoe wrote:
>Right, that's best practice.
>
>But, what if I need to include a user who is defined in NIS in lp or ttyS0
>group? Would going into /etc/group in *every* machine be unavoidable?
That's one option. Another would be to create new centrally-managed
groups and give those groups permissions to do what is needed across the
environment. A third option would be to give people certain permissions
when they log in. There are any number of solutions, all of which will
be more reliable than trying to centrally manage system groups. The best
option really depends on what you're trying to accomplish.
Mike Stone