[sudo-users] 1.7.0rc1 interesting tests
spinler.patrick at mayo.edu
Thu Jun 12 21:51:40 EDT 2008
-----BEGIN PGP SIGNED MESSAGE-----
Todd C. Miller wrote:
| In message <485169B8.1080507 at mayo.edu>
| so spake Patrick Spinler (spinler.patrick):
|> (1) redhat 5.2 intel sudoedit failure
|> Still having this issue. Don't recall any suggestions to how to
| I'm not sure what the issue is here, since it works fine for me on
| RedHat 5.1. You could try the following:
| env EDITOR="strace -o/tmp/trace.out /bin/vi" /usr/local/bin/sudoedit
| and send me the resulting /tmp/trace.out file.
/tmp/trace.out is not created. The EDITOR never appears to be invoked.
However, I've attached output from "/usr/bin/sudo strace ./sudoedit
|> (2) suse 9.4 ldap sudoers, ldap_start_tls_s connect error. See error
| At this point I'm going to lay blame with the suse openldap libs
| or an ldap.conf issue. You should be able to use the same ldap.conf
| as in the working suse 10. I suppose you could try using a single
| LDAP server instead of a list of servers and turning on LDAP debugging
| (something like "debug 9" in ldap.conf).
Ah ha ! That helped. It was a setting in ldap.conf, specifically, I
had a certificate error. Works now. Thanks for putting up with my
It's interesting that "normal" ldap functions (e.g. pam_ldap, nssldap)
continued to work in the face of that, yet sudo choked.
That means my little testing grid looks like this:
OS Arch sudoedit ldap sudoers
- ---------- ----- -------- ------------
redhat 4.6 intel ok ok
redhat 5.2 intel fail ok
suse 10.1 s390x ok ok
suse 9.4 s390x ok ok
solaris 10 sparc ok fail
And the solaris failure is in my court to mess around with ldap.conf
I'm also off to try this on AIX 5.3 tonight.
Thanks again, Todd. I appreciate your patience with me.
- -- Pat
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 44440 bytes
Desc: not available
More information about the sudo-users