[sudo-users] Sudo + sssd + active directory + netgroup (nisNetgroupTriple) different behavior in different sudo versions
jan.rendos at qnective.com
Fri Nov 11 01:20:40 MST 2016
I can confirm that sudo 1.8.18-2 fixes both issues
Many thanks Todd.
From: Todd C. Miller <Todd.Miller at courtesan.com>
Sent: 10 November 2016 16:48
To: Jan Rendos
Cc: sudo-users at sudo.ws
Subject: Re: [sudo-users] Sudo + sssd + active directory + netgroup (nisNetgroupTriple) different behavior in different sudo versions
On Thu, 10 Nov 2016 15:40:22 +0000, Jan Rendos wrote:
> It might be the same bug.
> but when I edit the SUDOrole object and add !fqdn to sudoOption it has no
> effect. It still tries to compare FQDN with the nisNetgroupTriple.
> And what about the other issue that sudo tries to compare the user in the
> triple as well? I think it should match when the user part of triple is empty
> since the user matches the SUDOrole already.
That was also fixed in 1.8.18. You can try the sudo 1.8.18p1
packages for Ubuntu 16.04 at https://www.sudo.ws/download.html#binary
More information about the sudo-users