[sudo-users] sudo + ldap - nisNetgroupTriple
Jr Aquino
jr.aquino at citrixonline.com
Tue May 25 17:07:12 EDT 2010
I am writing the mailing list in hopes that someone has information
regarding the use of sudo for 'hostgroups' without having to use the
nisNetgroupTriple attributes.
I would like to be able to utilize sudo with ldap entries that sanely
list the hostnames under a 'host:' attribute ideally.
I've spoken to several of the nss_ldap developers and they have
strongly cautioned me against leveraging nisNetgroup's for storing my
hosts because of various rfc schema enforcements present in various
ldap server implementations. (Not being able to modify/add/remove a
nisNetgroupTriple without fully removing and readding all
nisNetgroupTriple's from an object being one of the major
disadvantages...)
Can anyone on the sudo list answer this question?
I'd like to know if I would have to go down the path of modifying the
sudo source in order for sudo to support a more general sense of
hostgroup similar to its support of 'usergroups' not requring the nis
components.
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Jr Aquino | Information Security Specialist
Citrix Online Division
Citrix Systems, Inc.
7408 Hollister Avenue
Goleta, CA 93117 USA
www.citrixonline.com
Desk: 805-690-3478
Email: jr.aquino at citrixonline.com
www.gotomypc.com | Access Your PC from Anywhere
www.gotomeeting.com | Online Meetings Made Easy
www.gotoassist.com | Remote Support Made Easy
More information about the sudo-users
mailing list