sudo groups in PAM LDAP
as at insight.rr.com
Fri Feb 20 16:34:12 EST 2004
It looks like you almost have it right.
Try LDFLAGS="-L/opt/symas/lib" instead.
> Greetings and thanks for the information.
> I tried to compile the source and I get the following. I am not a
> programmer so I really don't know what this means.
> I did set these variables since I had a bunch of other messages without
> bash-2.03# CPPFLAGS="-I/opt/symas/include"; export CPPFLAGS
> bash-2.03# LDFLAGS="-L/opt/symas/include"; export LDFLAGS
> sudoers\" -D_PATH_SUDOERS_TMP=\"/etc/sudoers.tmp\" -DSUDOERS_UID=0
> -DSUDOERS_GID=0 -DSUDOERS_MODE=0440 getprogname.c
> gcc -o sudo check.o env.o getspwuid.o goodpath.o fileops.o find_path.o
> interfaces.o logging.o parse.o set_perms.o sudo.o sudo_edit.o tgetpass.o
> zero_bytes.o ldap.o sudo_auth.o pam.o sudo.tab.o lex.yy.o alloc.o
> defaults.o err.o fnmatch.o closefrom.o snprintf.o getprogname.o
> -L/opt/symas/include -lpam -ldl -lldap -lsocket -lnsl
> Undefined first referenced
> symbol in file
> ldap_initialize ldap.o
> ld: fatal: Symbol referencing errors. No output written to sudo
> collect2: ld returned 1 exit status
> make: *** [sudo] Error 1
> Any ideas?
> On Wed, 2004-02-18 at 15:33, Aaron Spangler wrote:
>> If you use Sudo 1.6.8 or higher, you can have it lookup sudo privileges
>> through LDAP. (instead of or in addition to /etc/sudoers).
>> You can group your users through UNIX groups or Netgroups. If you are
>> NSS_LDAP then your groups & netgroups can be stored in LDAP. (See RFC
>> Currently this version of sudo can only be got from CVS. (See the sudo
>> page on how to download the code through CVS).
>> Also when you configure sudo, do it like this
>> ./configure --with-pam --with-ldap
>> Make sure to view the 'README.LDAP' file and let me know if you have any
>> - Aaron
>> On Wednesday 18 February 2004 11:09 pm, Ezsra McDonald wrote:
>> > I have gotten sudo compiled and it seems to work with
>> > pam ldap.
>> > BUT, I use groups to give different levels of access
>> > to users. Does sudo use the ldap groups?
>> > I can only get it to work with the local group file.
>> > --Ezsra
>> > __________________________________
>> > Do you Yahoo!?
>> > Yahoo! Mail SpamGuard - Read only the mail you want.
>> > http://antispam.yahoo.com/tools
>> > ____________________________________________________________
>> > sudo-users mailing list <sudo-users at sudo.ws>
>> > For list information, options, or to unsubscribe, visit:
>> > http://www.sudo.ws/mailman/listinfo/sudo-users
More information about the sudo-users