[sudo-users] sudoCommand and LDAP
mark at mbfk.net
Mon Apr 10 10:02:09 EDT 2006
I've set it up like this on HPUX :
First I create a sudoRole.
Then I add all the commands I want to give to the role as a seperate
Then I either add all the users I want to give the role to as a sudoUser
attribute or I add a unix group as sudoUser attribute which contains all
the users already. Note that the notation of a unixgroup is like this :
In the end the entry is going to look something like this :
description 'your description'
sudoHost ALL || name_of_netgroup
My groups are also in ldap, but they can also be groups in /etc/group.
Hope this helps...
Make install - not war
stebo stebo raaskalde het volgende mijn kant op :
> Hi all,
> I've setup an environment with Sudo, Ldap and netgroup, works great.
> Now, I do not seem to get things running with Ldap groups in Sudo.
> What I really want is somthing like:
> sudocommand = sysAdminCommands (a Ldap-group of commands)
> sudohost = sysAdminHosts (a netgroup)
> sudouser = sysAdminUser (a Ldap-group of users)
> Does it matter where in the directory tree these groups are created.
> Have anyone done this before?
> sudo-users mailing list <sudo-users at sudo.ws>
> For list information, options, or to unsubscribe, visit:
More information about the sudo-users