[sudo-users] 1.7.0rc1 interesting tests

Patrick Spinler spinler.patrick at mayo.edu
Thu Jun 12 14:23:52 EDT 2008


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Todd C. Miller wrote:
| In message <484C7E25.1080004 at mayo.edu>
| 	so spake Patrick Spinler (spinler.patrick):
|
|> On SuSE enterprise 9.4, rc1 sudoedit works like a champ.
|>
|> Some problems with ldap sudoers, though.
|>
|
| I don't recall whether this was resolved or not.  If not, try
| commenting out the:
|
|     #define HAVE_LDAP_CREATE 1
|
| line in config.h and see if that makes any difference.
|
|  - todd

Nope.  Still has the same LDAP connect error.

pjs11 at mr-dzl01:~/sudo-1.7.0rc1> ./sudo -l
LDAP Config Summary
===================
host             ha-unixhead2.mayo.edu ei-unixhead2.mayo.edu
nssmail.mayo.edu
port             -1
ldap_version     3
sudoers_base     ou=sudoers,dc=nss,dc=mayo,dc=edu
binddn           (anonymous)
bindpw           (anonymous)
ssl              start_tls
===================
sudo: ldap_init(ha-unixhead2.mayo.edu ei-unixhead2.mayo.edu
nssmail.mayo.edu, 389)
sudo: ldap_set_option: debug -> 0
sudo: ldap_set_option: ldap_version -> 3
sudo: ldap_start_tls_s(): Connect error


I had to leave this for a couple of days.  I forget, where did we leave
all this at?

If I recall, here's where I left stuff at.  Please correct me where I
forget:

			Tests
OS		Arch	sudoedit 	ldap sudoers
- ----------	-----	--------	------------
redhat 4.6 	intel	ok		ok
redhat 5.2 	intel	fail (1) 	ok
suse 10.1 	s390x	ok		ok
suse 9.4 	s390x	ok		fail (2)
solaris 10	sparc	ok		fail (3)

(1) redhat 5.2 intel sudoedit failure

Still having this issue.  Don't recall any suggestions to how to
approach this.

(2) suse 9.4 ldap sudoers, ldap_start_tls_s connect error.  See error above.

(3) solaris 10

Fixed some compile errors confusing openldap installation with native
ldap libraries.  sudoedit works now.

Now I need to work on a /etc/ldap.conf that'll work on solaris

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFIUWm4NObCqA8uBswRAkaxAKCL9W/dUfCyWkXr41STwMju4ufy7ACfYbwn
knLQ716C9kVEmq6UZxyku8o=
=cace
-----END PGP SIGNATURE-----



More information about the sudo-users mailing list