Sudo + LDAP
as at insight.rr.com
Mon Oct 13 11:05:50 EDT 2003
The patch was released to Todd friday (10/10/03). I am hoping he will
redistribute when he gets a chance.
The LDAP patch makes it really nice on several hundred unix boxes. It can
be configure to not use /etc/sudoers at all. Since there is no
/etc/sudoers, there is no longer a need for visudo, so depending on the
installation it is possible for a single executable deployment.
Sudo with the LDAP patch does use the shared config file /etc/ldap.conf
This file is used to locate the LDAP server and is also used by pam_ldap &
nss_ldap on various unix's.
> In the sudo-users archives, I found some references to work you did on
> integrating an LDAP directory as a replacement for the /etc/sudoers file.
> Is this code in a usable state, and if so, is it publically available? I
> administer sudo on a large and growing cluster of linux boxes and
> centralized configuration management would be a boon.
> Thanks for your time.
> Kevin Murphy
More information about the sudo-users