[sudo-workers] sudo and pam_winbind
Phil Lello
phil at dunlop-lello.uk
Thu Jul 23 04:44:16 MDT 2015
Hi all,
I'm currently experimenting with samba4 as an AD DC controller, and am
using pam_winbind for local user authentication.
For a samba4 account, id returns:
uid=3000020(DUNLOP-LELLO\phil) gid=100(users) groups=100(users)
/etc/group currently contains:
sudo:x:27:phil,DUNLOP-LELLO\phil
id phil returns:
uid=3000020(DUNLOP-LELLO\phil) gid=100(users)
groups=100(users),4(adm),24(cdrom),27(sudo),30(dip),46(plugdev),113(libvirtd),114(lpadmin),115(sambashare)
Oddly, just id (loggen in as phil via ssh) returns:
uid=3000020(DUNLOP-LELLO\phil) gid=100(users) groups=100(users)
Does this point at misconfiguration (e.g. something missing in Ubuntu
14.04's /etc/pam.d), a samba bug, a sudo bug, or an opportunity to write a
sudo plugin that plays nicely with winbind?
I'm happy to work on a fix for sudo in either of the latter 2 cases,
although would a pam_winbind plugin be better handled under the sudo or
samba4 projects?
Phil
More information about the sudo-workers
mailing list