[sudo-workers] sudo ldap: handle multiple roles with same name
Siem Korteweg
Siem.Korteweg at qnh.nl
Wed Apr 28 07:13:56 EDT 2010
Hi,
sudoers2ldiff assigns (as documented) the same dn to all entries for a single
user/group.
The following diff assigns unique dn's by adding a sequence number when a
user/group appears again in the input:
[root at centos53 sudo]# diff ./sudoers2ldif ./sudo-1.7.2p5/sudoers2ldif
26d25
< my %DN; # Hold index for each cn.
82,92c81
< my $cn=$users[ 0 ];
< if ( $DN{ $cn } ) # cn already processed?
< {
< $cn = sprintf( "%s_%d", $users[ 0 ], $DN{ $users[ 0 ] } );
< $DN{ $users[0] } += 1; # indicate next index for this cn
< }
< else
< {
< $DN{ $users[0] } = 1; # indicate next index for this cn
< }
< print "dn: cn=$cn,$base\n";
---
> print "dn: cn=$users[0],$base\n";
95c84
< print "cn: $cn\n";
---
> print "cn: $users[0]\n";
This is a crude approach. However, it avoids errors during the import.
regards,
Siem Korteweg
More information about the sudo-workers
mailing list