[sudo-users] secondary groups not honoured

martin f krafft madduck at madduck.net
Thu Oct 28 17:47:55 EDT 2004

also sprach Todd C. Miller <Todd.Miller at courtesan.com> [2004.10.28.2340 +0200]:
> Does your nsswitch.conf specify multiple group file sources?  If
> so, getgrnam(3) (which sudo uses to get the members of a group)
> may be returning info only for the first one listed...

Yes, LDAP is being used.

Why does it work for the primary group? Is there any way to make it
work for the secondary group too?

Why does sudo not work with libnss instead?

martin;              (greetings from the heart of the sun.)
  \____ echo mailto: !#^."<*>"|tr "<*> mailto:" net at madduck
invalid/expired pgp subkeys? use subkeys.pgp.net as keyserver!
spamtraps: madduck.bogus at madduck.net
"the unexamined life is not worth living" 
                                                             -- platon
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: </pipermail/sudo-users/attachments/20041028/861c3b85/attachment.bin>

More information about the sudo-users mailing list