[sudo-workers] sudo and pam_winbind

Phil Lello phil at dunlop-lello.uk
Thu Jul 23 04:44:16 MDT 2015

Hi all,

I'm currently experimenting with samba4 as an AD DC controller, and am
using pam_winbind for local user authentication.

For a samba4 account, id returns:
uid=3000020(DUNLOP-LELLO\phil) gid=100(users) groups=100(users)

/etc/group currently contains:

id phil returns:
uid=3000020(DUNLOP-LELLO\phil) gid=100(users)

Oddly, just id (loggen in as phil via ssh) returns:
uid=3000020(DUNLOP-LELLO\phil) gid=100(users) groups=100(users)

Does this point at misconfiguration (e.g. something missing in Ubuntu
14.04's /etc/pam.d), a samba bug, a sudo bug, or an opportunity to write a
sudo plugin that plays nicely with winbind?

I'm happy to work on a fix for sudo in either of the latter 2 cases,
although would a pam_winbind plugin be better handled under the sudo or
samba4 projects?


More information about the sudo-workers mailing list