[sudo-users] Sudo + ldap + netgroups

JR Aquino JR.Aquino at citrix.com
Fri Dec 24 20:03:00 EST 2010

I recently found that the Sudo ldap implementation requires that the linux nisdefaultdomain be set in order to pass a nisnetgrouptriple check that contains a domain entry.

My question to the community:
If you are utilizing ldap to hold the nis data and you are not actually using a nis/yp server client setup, how are you setting the nisdefaultdomain at boot time?

So far, it looks like most Linux systems use ypbind init scripts to set it.  If you don't need/have nis/yp services setup, is the only answer to use rc.local?

Thanks for reading.

Hope someone has found a more elegant solution.

Jr Aquino
Info. Security Specialist
Citrix Online
<mailto:Jr.Aquino at citrixonline.com>Jr.Aquino at citrixonline.com<mailto:Jr.Aquino at citrixonline.com>

More information about the sudo-users mailing list