[sudo-users] Sudo in LDAP appears to auth everything
eric.freeman at tbwachiat.com
Fri Jul 10 13:38:25 EDT 2009
Below is the output from my sudo debug. I am 99% sure Idon¹t have the lastb
command in the LDAP container. I am not sure why this is being allowed. I am
not sure if this is a clue (sudoUser=ALL)) I don¹t have the LDAP use in the
I am not sure why I am able to run sudo commands. I can also run sudo dmesg
and I know that is not in LDAP.
Any help would be appreciated. Thanks
# sudo -V
Sudo version 1.7.0
Running on HP-UX 11.11
[:/etc] sudo lastb
LDAP Config Summary
sudo: ldap_set_option(LDAP_OPT_HOST_NAME, 10.20.2.165)
sudo: ldap_set_option: debug -> 0
sudo: ldap_set_option: ldap_version -> 3
sudo: ldap_set_option: timelimit -> 30
sudo: ldap_set_option(LDAP_OPT_NETWORK_TIMEOUT, 30)
sudo: ldap_sasl_bind_s() ok
sudo: ldap sudoOption: 'logfile=/var/adm/syslog/sudo.log'
sudo: ldap sudoOption: 'log_year'
sudo: ldap search
sudo: ldap search 'sudoUser=+*'
This e-mail is intended only for the named person or entity to which it is addressed and contains valuable
business information that is proprietary, privileged, confidential and/or otherwise protected from disclosure.
If you received this e-mail in error, any review, use, dissemination, distribution or copying of this e-mail
is strictly prohibited. Please notify us immediately of the error via e-mail to disclaimer at tbwachiat.com and
please delete the e-mail from your system, retaining no copies in any media. We appreciate your cooperation.
More information about the sudo-users