[sudo-users] Solaris 8, NISPLUS and netgroups

Tom Powers ferragus at sff.net
Tue Jun 28 13:41:24 EDT 2005

NIS+ and Sudo on Solaris 8

I've been handed a system that used to work and asked to make it work again.

There is a group in NIS+, support, that should have NOPASSWD access to run a
command alias, Cmnd_Alias SUSUP = /usr/bin/su - support

down the end of the sudoers file is the entry that makes this work
+support  ALL=(root) NOPASSWD: SUSUP

now recently some consolidation was done and the server was moved from one NIS+
server to another, this is when the trouble started.

However all other NIS+ functions seem to be working, and there are other systems
on that server that authenticate correctly and allow the expected access.

I've turned on pam debugging, and there's nothing happening at all during the
transaction! The sudo version is 1.6.6 and it's the same build in both cases.

I ran truss on both processes and there's too many differences for me to make
heads or tails of what's going on.

I'd greatly appreciate it if anyone has any pointers to share on this.


More information about the sudo-users mailing list