[sudo-users] sudo -l needing password

Edward Capriolo edlinuxguru at gmail.com
Mon Jun 2 17:51:33 EDT 2008

I am running cent-os-5 X86_64. I recently build sudo from the latest
stable release. sudo 1.6.9p16. I had to do this because the vendor
supplied packages would not connect to LDAPS. We are storing our psudo
information in an LDAP . Everything is working well, except I have a
strange problem:

I have a user specified in the local passwd file 'localuser'. I am
trying to grant the user permission to run some commands. Which is
working fine.
sudoOption: !authenticate
sudoCommand: /sbin/service mysql.server stop
sudoCommand: /sbin/service mysql.server start
sudoUser: localuser

This user logs in through an SSH key and has no password.

The only default option in ldap is 'ignore_local_sudoers'.

The problem I am having is 'localuser' cannot run 'sudo -l'. 'sudo -V'
works 'sudo -L' works. I would like the user to be able to run 'sudo
-l'  without a password.

I think this issue more related to the user not being in LDAP, or not
having a password, but if anyone can think of a workaround or a
solution , it is a hard issue to search.

More information about the sudo-users mailing list