[sudo-users] New SUDO Schema Expantion
Todd C. Miller
Todd.Miller at courtesan.com
Mon Jan 31 09:38:20 EST 2011
On Sun, 30 Jan 2011 21:42:43 EST, Dmitri Pal wrote:
> How you envision people to migrate from the current version to the one
> that supports order attribute?
> Having order attribute for a subset of entries during gradual slow
> migration can lead to unpredictable results on the clients.
> Do you expect people to reload their SUDO rules if they want to take
> advantage of the feature so that all the entries get the order
> attribute? But then it should be mandatory, right?
People who wish to take advantage of sudoOrder need to update their
entries in LDAP. Ordering is really only important when there are
overlapping rules which is likely to only affect a subset of the
rules.
- todd
More information about the sudo-users
mailing list