[sudo-users] Sudo + sssd + active directory + netgroup (nisNetgroupTriple) different behavior in different sudo versions

Jan Rendos jan.rendos at qnective.com
Fri Nov 11 01:20:40 MST 2016


I can confirm that sudo 1.8.18-2 fixes both issues


Many thanks Todd.


Jan

________________________________
From: Todd C. Miller <Todd.Miller at courtesan.com>
Sent: 10 November 2016 16:48
To: Jan Rendos
Cc: sudo-users at sudo.ws
Subject: Re: [sudo-users] Sudo + sssd + active directory + netgroup (nisNetgroupTriple) different behavior in different sudo versions

On Thu, 10 Nov 2016 15:40:22 +0000, Jan Rendos wrote:

> It might be the same bug.
>
> but when I edit the SUDOrole object and add !fqdn to sudoOption it has no
> effect. It still tries to compare FQDN with the nisNetgroupTriple.
>
>
> And what about the other issue that sudo tries to compare the user in the
> triple as well? I think it should match when the user part of triple is empty
> since the user matches the SUDOrole already.

That was also fixed in 1.8.18.  You can try the sudo 1.8.18p1
packages for Ubuntu 16.04 at https://www.sudo.ws/download.html#binary

 - todd


More information about the sudo-users mailing list