[sudo-users] How to use Cmnd_Alias in ldap container
Ahmed Karoumi
akaroumi at yahoo.com
Fri Feb 20 06:42:41 EST 2009
Hello,
I am using sudo with rules stored in a directory LDAP.
How to write a group of command in ldap container like Cmnd_Alias in /etc/sudoers ?
Example, currently I have this rules:
cn=sudorules,cn=SUDOers,ou=unix,dc=example,dc=com
cn=sudorules
objectclass=top
objectclass=sudoRole
sudoCommand=!/bin/sh
sudoCommand=!/usr/bin/sh
sudoCommand=!/bin/bsh
sudoCommand=!/usr/bin/bsh
sudoCommand=!/bin/csh
sudoCommand=!/usr/bin/csh
sudoCommand=!/bin/dsh
sudoCommand=!/usr/bin/dsh
sudoCommand=!/bin/ksh
sudoCommand=!/usr/bin/ksh
sudoCommand=!/bin/msh
sudoCommand=!/usr/bin/msh
sudoCommand=!/bin/psh
sudoCommand=!/usr/bin/psh
sudoCommand=!/bin/rsh
sudoCommand=!/usr/bin/rsh
sudoCommand=!/bin/Rsh
sudoCommand=!/usr/bin/Rsh
sudoCommand=!/bin/tsh
sudoCommand=!/usr/bin/tsh
sudoCommand=!/usr/local/bin/tcsh
sudoCommand=!/usr/local/bin/zsh
sudoCommand=!/usr/bin/su *root*
sudoCommand=!/usr/bin/su ""
sudoCommand=!/usr/bin/su -
sudoCommand=ALL
sudoHost=ALL
sudooption=!authenticate
sudoUser=ALL
how to codify in ldap container a group of sudoCommand which I can use inside an other rules ?
Regards,
Ahmed.
More information about the sudo-users
mailing list