[sudo-users] Host alias in ldap
Andreas Hasenack
ahasenack at terra.com.br
Mon Sep 17 20:54:12 EDT 2007
Em Sex, 2007-09-14 às 15:25 -0700, Mike Watz escreveu:
> --- Andreas Hasenack <ahasenack at terra.com.br> wrote:
>
> > I know the README.LDAP file says that aliases are not supported via
> > ldap, but I'm starting to get myself into a situation where I could
> > greatly benefit from something equivalent.
> >
> > For example, I have a cluster of machines where several sudo commands
> > can be executed. Everytime I add a new machine to the cluster, I need to
> > list it in all sudoRole entries with sudoHost. Is there some other way?
> > I didn't quite understand what README.LDAP had to say about netgroups.
>
> Andreas - definitely look into setting up netgroups in LDAP. We use them in
> our LDAP environment and they work a treat. Then you need only add the new
> host to the netgroup (using the nisnetgrouptriple attribute) and in your
> sudoHost object you have the attribute +<netgroup>
Hi,
thanks a lot, that worked just fine :)
More information about the sudo-users
mailing list