[sudo-users] ldap sudoRunAs groups
Joe Sokhn
joe_sokhn at hotmail.com
Mon Feb 26 22:06:31 EST 2007
Hi ,
It seams that sudoRunas doesn't handle group or net group like sudoUsers .
Is there any workaround in order not to declare all the users one by one in sudoRunAs.
I need to do a sudoers rules in ldap that allow all the users in %wheel to do only a kill to processes of all users in %wheel.
here is my actual config
bash$ ldaplist -l sudoersdn: cn=defaults, ou=SUDOers, dc=fr,dc=dmc,dc=com sudoRunAs: user1 sudoRunAs: user2 sudoRunAs: user3 sudoCommand: /opt/SUNWspro/bin/dbx sudoCommand: /usr/bin/kill sudoCommand: /usr/bin/pstack sudoCommand: /usr/bin/ls sudoUser: %wheel sudoOption: ignore_local_sudoers sudoHost: ALL objectClass: top objectClass: sudoRole cn: defaults description: Default sudoOption's go here
dn: cn=root, ou=sudoers, dc=fr,dc=dmc,dc=com sudoUser: root objectClass: top objectClass: sudoRole sudoCommand: (ALL) ALL cn: root sudoHost: ALL
i would like to do it like that
bash$ ldaplist -l sudoersdn: cn=defaults, ou=SUDOers, dc=fr,dc=dmc,dc=com sudoRunAs: %wheel
sudoCommand: /opt/SUNWspro/bin/dbx sudoCommand: /usr/bin/kill sudoCommand: /usr/bin/pstack sudoCommand: /usr/bin/ls sudoUser: %wheel sudoOption: ignore_local_sudoers sudoHost: ALL objectClass: top objectClass: sudoRole cn: defaults description: Default sudoOption's go here
dn: cn=root, ou=sudoers, dc=fr,dc=dmc,dc=com sudoUser: root objectClass: top objectClass: sudoRole sudoCommand: (ALL) ALL cn: root sudoHost: ALL
Thank for your help
J.
_________________________________________________________________
Check out some new online services at Windows Live Ideas—so new they haven’t even been officially released yet.
http://ideas.live.com
More information about the sudo-users
mailing list