[sudo-users] ldap user in multiple sudoRole

Todd C. Miller Todd.Miller at courtesan.com
Sun Oct 30 07:27:28 EDT 2011

On Fri, 28 Oct 2011 08:29:01 PDT, Dawei Wang wrote:

> I would someone to clarify the behavior of ldap user in multiple
> sudoRole defined on ldapserver. Turn sudoers_debug on shows that
> sudo only queries the default and acknowledge(check and verify) the
> first sudoRole entry returned back by ldap query from sudoer_base.

What version of sudo are you running?  If the sudoRole denies the
command then no more sudoRoles will be checked but if the sudoRole
simply doesn't match sudo should continue checking the returned

 - todd

More information about the sudo-users mailing list