adamgreig
commented
9 years ago We should remove sudo from ssh's allowgroups, leaving it as just users, then have it add sudo members to both users and adm. The method I already have for adding sudo members to users only works if there's a users group in pillar (it can be empty), so we should find a way to deal with that too.
...thereby allowing access to log files without having to sudo all the time.