[sudo-users] "Run As" doesn't work with LDAP?
Todd C. Miller
Todd.Miller at courtesan.com
Thu Aug 30 09:24:31 EDT 2007
In message <430150.81508.qm at web52005.mail.re2.yahoo.com>
so spake Mike Watz (elan_mbx2):
> I've heard rumors of this.... does anyone know for certain what the
> scoop is on the "Run As" functionality with regards to LDAP
> integration?
It works, though the sudoers2ldif script did not convert
RunAs entries until sudo 1.6.9.
For instance, I have the following in LDAP:
# %wheel, SUDOers, courtesan.com
dn: cn=%wheel,ou=SUDOers,dc=courtesan,dc=com
objectClass: top
objectClass: sudoRole
cn: %wheel
sudoUser: %wheel
sudoRunAs: ALL
sudoHost: ALL
sudoCommand: ALL
sudoOption: !authenticate
Note the sudoRunAs entry.
- todd
More information about the sudo-users
mailing list