[sudo-users] AIX SUDO with LDAP

Todd C. Miller Todd.Miller at courtesan.com
Mon Sep 23 13:54:41 MDT 2013

On Mon, 23 Sep 2013 13:17:59 -0600, Harold Gutierrez wrote:

> Actually SUDO with LDAP in AIX  use OpenLDAP not the base libraries. We
> already have SUDO LDAP version 1.6.9 working in AIX. But we need to upgrade
> to version 1.7 at least because sudoOrder was implemented in this version.

Actually, sudo's LDAP support can use either OpenLDAP or the
IBM/Tivoli LDAP libraries.

You should be able to build your own SUDO LDAP packages using the
mkpkg script that comes with sudo as long as you have a C compiler
and a few other development tools.

For example:

./mkpkg --flavor=ldap --with-aixauth --platform=rpm \
    --with-incpath=/opt/openldap/include --with-libpath=/opt/openldap/lib

would built an rpm packages that uses AIX authentication and OpenLDAP
libraries and includes installed under /opt/openldap (adjust the
path as needed).  If you want to use PAM instead just replace the
--with-aixauth with --with-pam.

 - todd

More information about the sudo-users mailing list