[sudo-users] Transforming /etc/sudoers to LDAP/AD

Pidugu Vijaya Vijaya.Pidugu at sig.com
Tue Jan 27 16:45:44 EST 2009 

Well, if we lose network connectivity the system is useless anyway.  If we have NFS issues we got bigger issues to deal with than sudo.

Ofcourse, for situations like this we always have the root password and adminis do it available.  Sudo is mostly to provide root level access to someone who is not part of admin group.

We use Network appliance for NFS shares and the uptimes on them typically are 500+ days, so I am really not that concerned.
They are cluster and use RAID4-DP, so it is unlikely that we will run into those situations.



-----Original Message-----
From: Russell Van Tassell [mailto:russell+sudo-users at loosenut.com]
Sent: Tuesday, January 27, 2009 3:02 PM
To: Pidugu Vijaya
Cc: Manjunatha, Jamuna; Suj; Radesh_Singh at ml.com; sudo-users at sudo.ws
Subject: Re: [sudo-users] Transforming /etc/sudoers to LDAP/AD

On Tue, Jan 27, 2009 at 02:49:20PM -0500, Pidugu Vijaya wrote:
> not sure if you resolved this.... we actually use an nfs share where we put our sudoers file.
>
> We tested using Active Directory for user authentication.  In AD we had to put some kind of sudo object to make it work though!

What happens if you lose network connectivity / nfs and you need
to be able to use sudo (eg. system crash/restart)?

Guess you'll need the root password, anyway (eg. failed fsck).

Or perhaps worse, the NFS server has some sort of issue and the share
disappears or becomes unresponsive?


--
Russell M. Van Tassell
russell at loosenut.com

In Tennessee, it is illegal to shoot any game other than whales from a
moving automobile.

IMPORTANT: The information contained in this email and/or its attachments is confidential. If you are not the intended recipient, please notify the sender immediately by reply and immediately delete this message and all its attachments. Any review, use, reproduction, disclosure or dissemination of this message or any attachment by an unintended recipient is strictly prohibited. Neither this message nor any attachment is intended as or should be construed as an offer, solicitation or recommendation to buy or sell any security or other financial instrument. Neither the sender, his or her employer nor any of their respective affiliates makes any warranties as to the completeness or accuracy of any of the information contained herein or that this message or any of its attachments is free of viruses.

More information about the sudo-users mailing list