sudo groups in PAM LDAP
Todd C. Miller
Todd.Miller at courtesan.com
Thu Feb 26 13:50:24 EST 2004
In message <1077812541.8300.6.camel at brianv.ink.org>
so spake Ezsra McDonald (Ezsra_McDonald):
> I grabbed 1.6.8 from the CVS last week and compiled it. I read the
> README.LDAP file. I really did not want to store my sudoers file in
> LDAP. I just want to have sudo use the unix groups I have stored in
> LDAP.
This sounds like an OS config problem. Sudo doesn't do anything
special to get at group info--it just uses the standard getgrnam()
function. My guess is that your /etc/nsswitch.conf is incorrect,
but I don't actually use LDAP so I can't say for sure.
If you have something like:
group: files ldap
you might try reversing that order so that ldap is first.
- todd
More information about the sudo-users
mailing list