[sudo-users] store sudo config in LDAP with NDS 6.1 on HPUX 11i

[Mark Benschop]

Hi All,

I'm running a HPUX 11i server with Netscape Directory Server 6.1 and
the following HPUX client software :
4269AA   B.03.10  LDAP-UX Integration
This contains all the PAM and NSS modules and ldapclient to connect to an
LDAPserver.

I've compiled sudo 1.6.8p8 with pam and ldap support.
(I've attached the compilation options below in the email.)

It's all running fine, i can run sudo as a user that's stored in LDAP and
everything.

What I want to do next is store sudo's configuration in LDAP.

I'm using NetscapeDirectoryServer 6.1 also supplied by HP by the way.
I successfully loaded the 'Iplanet'sudo-schema that comes with the sudo
sources.

Now in the README.LDAP it says that I have to add :
sudoers_base   ou=SUDOers,dc=example,dc=com
to the /etc/ldap.conf file.

The thing is there's no /etc/ldap.conf file on my system.
Apparently the LDAPUX software doesn't use one.

Does anyone know where the sudoers_base line must be put on my HPUX 11i
system ?

Thanks for your answer,
Mark

Compilation :
==============

./configure --with-pam \
--with-ldap=/opt/ldapux/source/mozilla/directory/c-sdk/ldap

in order for it to compile properly I had to adapt the Makefile as follows :
SUDO_LIBS =  -lsec -lpam -ldap  $(LIBS) $(NET_LIBS)
changed to
SUDO_LIBS =  -lsec -lpam -lldapssl30  $(LIBS) $(NET_LIBS)
This since the 'LDAPUX software' that comes with HPUX 11i and contains the
neccesary PAM and NSS modules and some lib's and binaries has no library
named 'libldap' but it's named libldapssl30.

After I linked the following
ln -s /opt/ldapux/lib/libssl30.sl /usr/lib/libssl30.sl

I could compile as follows :
gmake LDFLAGS="-L/opt/ldapux/lib"

and did a gmake install.

this resulted in a properly working sudo, where I can run sudo as a user
that exists in LDAP using /etc/sudoers.