[sudo-workers] Match_group_by_gid issue
Todd C. Miller
Todd.Miller at courtesan.com
Tue Apr 11 16:58:16 MDT 2017
On Mon, 10 Apr 2017 06:15:11 -0400, Tomas Sykora wrote:
> We'd like to note this as a known issue at least, but I'm not sure which docu
> ment or manual page would be the best for it.
> Will sudoers.ldap be enough? And as it is also an unsolvable issue in upstrea
> m, will you also note that
> somewhere in upstream manual pages?
I'm not sure that sudoers.ldap is the correct place for this since
match_group_by_gid should have no effect on LDAP sudoers, though
it will make a difference with the SSSD backend.
I've just committed the following in an attempt to make it clear
that when match_group_by_gid is enabled groups are looked up by
name instead of by ID.
https://www.sudo.ws/repos/sudo/rev/fe3bfca4fcce
- todd
More information about the sudo-workers
mailing list