Why? This lets admins log in as themselves (leaving an auditable trail) with access to their own dotfiles to debug and analyze on the fly. Even with ex. Ansible for managing and ex. Nagios for monitoring, being able to use a shell to diagnose and fix novel issues is invaluble. If you've got a better solution, please do share. (Sincerely: if you can make my job easier, I'm happy to listen)
Using Emacs config files as an example, what's the issue with storing config files on a server? Even if it's a 'production' server it's not like they contain much in the way of sensitive information. Does it matter if others have access to a list of keybindings, aliases, colour schemes, plugins, etc...?
What if their contracts with their customers state everything that deployed is from an audited source in order to leave no loopholes in the event of a data breach?
And if there is a serious data breach you better be able to prove that you never installed anything malicious or dodgy on there.
> What if their contracts with their customers state everything that deployed is from an audited source in order to leave no loopholes in the event of a data breach?
Just delete the configs after you're done?
I place all my dotfiles in a directory, usually in ~/mgmnt/. Then I have a little shell script, which backs up all the dotfiles I need found in ~/ and symlinks the ones from the directory. It's .zshrc, .bashrc, .tmux.conf, .gitconfig, .emacs.d, and probably a couple of other config files. I only needed to do this a couple of times, but reverting such "installation" is as easy as a couple of rm/mv commands so I didn't even feel the need to write a script for this.
