sudoers file - can group name have spaces?
Aaron Spangler
aaron at spangler.ods.org
Tue May 4 22:20:36 EDT 2004
Here is another workaround:
Use the LDAP feature of sudo. You can setup Active Directory to store the
sudoers information. You extend the schema with ADSIEdit.
The nice part about the LDAP feature is that in theory you can have a
group name that contains a space in it. You would just set the 'sudoUser'
attribute to contain the value '%Domain Admins'. (No quotes '' require)
The % sign means that sudo should include the group instead of a user.
The + sign means that sudo should include a netgroup.
Let me know how it goes. Let me know if you need help.
Since the latest sudo does not yet have a version number, you will need to
pull the source code down from Sudo's CVS server. (use the cvs software
to download the latest snapshot from the web site).
-Aaron
> Thanks, Todd.
>
> Paulo suggested:
>
> "If you create a new group and make this as a member of "Domain Admins"
> and
> put the new group in suoders file, maybe solve.
> Just an idea."
> - Paulo R. Vieira Jr
>
> So, what I've done is created another group on the server with the same
> members as Domain Admins, but called it DomainAdmins;
>
> it works...not the most elegant solution, but it works...
>
> Kevin
>
> -----Original Message-----
> From: Todd C. Miller [mailto:Todd.Miller at courtesan.com]
> Sent: May 4, 2004 12:37 PM
> To: Kevin Weslowski
> Cc: sudo-users at sudo.ws
> Subject: Re: sudoers file - can group name have spaces?
>
> No, a group cannot have spaces in it. There is no workaround...
>
> - todd
>
> ____________________________________________________________
> sudo-users mailing list <sudo-users at sudo.ws>
> For list information, options, or to unsubscribe, visit:
> http://www.sudo.ws/mailman/listinfo/sudo-users
>
More information about the sudo-users
mailing list