sudo groups in PAM LDAP
Todd C. Miller
Todd.Miller at courtesan.com
Thu Feb 26 17:13:52 EST 2004
In message <1077832465.4093.9.camel at brianv.ink.org>
so spake Ezsra McDonald (Ezsra_McDonald):
> I switched the order in my nsswitch.conf file for group to "group: ldap
> files". Now it works!! Thanks. Why does the order need to change? Could
> it be because there is a empty group 'wheel' in the /etc/group file and
> also a group 'wheel' also in LDAP? (In my test the sudo user has to be a
> member of the group 'wheel'.)
getgrnam() must be just taking the first wheel group it finds.
Previously this was the empty one.
More information about the sudo-users