[sudo-users] store sudo config in LDAP with NDS 6.1 on HPUX 11i
mark at mbfk.net
Thu Jun 2 11:58:07 EDT 2005
I'm running a HPUX 11i server with Netscape Directory Server 6.1 and
the following HPUX client software :
4269AA B.03.10 LDAP-UX Integration
This contains all the PAM and NSS modules and ldapclient to connect to an
I've compiled sudo 1.6.8p8 with pam and ldap support.
(I've attached the compilation options below in the email.)
It's all running fine, i can run sudo as a user that's stored in LDAP and
What I want to do next is store sudo's configuration in LDAP.
I'm using NetscapeDirectoryServer 6.1 also supplied by HP by the way.
I successfully loaded the 'Iplanet'sudo-schema that comes with the sudo
Now in the README.LDAP it says that I have to add :
to the /etc/ldap.conf file.
The thing is there's no /etc/ldap.conf file on my system.
Apparently the LDAPUX software doesn't use one.
Does anyone know where the sudoers_base line must be put on my HPUX 11i
Thanks for your answer,
./configure --with-pam \
in order for it to compile properly I had to adapt the Makefile as follows :
SUDO_LIBS = -lsec -lpam -ldap $(LIBS) $(NET_LIBS)
SUDO_LIBS = -lsec -lpam -lldapssl30 $(LIBS) $(NET_LIBS)
This since the 'LDAPUX software' that comes with HPUX 11i and contains the
neccesary PAM and NSS modules and some lib's and binaries has no library
named 'libldap' but it's named libldapssl30.
After I linked the following
ln -s /opt/ldapux/lib/libssl30.sl /usr/lib/libssl30.sl
I could compile as follows :
and did a gmake install.
this resulted in a properly working sudo, where I can run sudo as a user
that exists in LDAP using /etc/sudoers.
More information about the sudo-users