sudo groups in PAM LDAP
Ezsra McDonald
Ezsra_McDonald at yahoo.com
Thu Feb 26 11:22:22 EST 2004
Aaron,
I grabbed 1.6.8 from the CVS last week and compiled it. I read the
README.LDAP file. I really did not want to store my sudoers file in
LDAP. I just want to have sudo use the unix groups I have stored in
LDAP.
Do I have to have the sudoers file stored in LDAP? I have tried using
just my Unix groups but sudo still seems to be ignoring the ones in
LDAP.
--Ezsra
On Wed, 2004-02-18 at 15:33, Aaron Spangler wrote:
> If you use Sudo 1.6.8 or higher, you can have it lookup sudo privileges
> through LDAP. (instead of or in addition to /etc/sudoers).
> You can group your users through UNIX groups or Netgroups. If you are using
> NSS_LDAP then your groups & netgroups can be stored in LDAP. (See RFC 2307)
>
> Currently this version of sudo can only be got from CVS. (See the sudo web
> page on how to download the code through CVS).
>
> Also when you configure sudo, do it like this
> ./configure --with-pam --with-ldap
>
> Make sure to view the 'README.LDAP' file and let me know if you have any
> problems.
>
> - Aaron
>
>
> On Wednesday 18 February 2004 11:09 pm, Ezsra McDonald wrote:
> > I have gotten sudo compiled and it seems to work with
> > pam ldap.
> >
> > BUT, I use groups to give different levels of access
> > to users. Does sudo use the ldap groups?
> >
> > I can only get it to work with the local group file.
> >
> > --Ezsra
> >
> > __________________________________
> > Do you Yahoo!?
> > Yahoo! Mail SpamGuard - Read only the mail you want.
> > http://antispam.yahoo.com/tools
> > ____________________________________________________________
> > sudo-users mailing list <sudo-users at sudo.ws>
> > For list information, options, or to unsubscribe, visit:
> > http://www.sudo.ws/mailman/listinfo/sudo-users
>
More information about the sudo-users
mailing list