[sudo-users] Host alias in ldap
Mike Watz
elan_mbx2 at yahoo.com
Fri Sep 14 18:25:45 EDT 2007
--- Andreas Hasenack <ahasenack at terra.com.br> wrote:
> I know the README.LDAP file says that aliases are not supported via
> ldap, but I'm starting to get myself into a situation where I could
> greatly benefit from something equivalent.
>
> For example, I have a cluster of machines where several sudo commands
> can be executed. Everytime I add a new machine to the cluster, I need to
> list it in all sudoRole entries with sudoHost. Is there some other way?
> I didn't quite understand what README.LDAP had to say about netgroups.
Andreas - definitely look into setting up netgroups in LDAP. We use them in
our LDAP environment and they work a treat. Then you need only add the new
host to the netgroup (using the nisnetgrouptriple attribute) and in your
sudoHost object you have the attribute +<netgroup>
Hope that helps,
-Mike-
____________________________________________________________________________________
Fussy? Opinionated? Impossible to please? Perfect. Join Yahoo!'s user panel and lay it on us. http://surveylink.yahoo.com/gmrs/yahoo_panel_invite.asp?a=7
More information about the sudo-users
mailing list