Hi, I have wiki'd my sudo setup <a href="http://wiki.unixcraft.com/display/MainPage/Sudo+in+Centos+Directory+Server">http://wiki.unixcraft.com/display/MainPage/Sudo+in+Centos+Directory+Server</a> <div class="gmail_quote">2008/12/1 Rich Megginson <<a href="mailto:rmeggins@redhat.com">rmeggins@redhat.com</a>> <blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"> Erling Ringen Elvsrud wrote: <blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"> I try to add the schema for sudoers from README.LDAP in the srpm-file of sudo-1.6.8p12. I assume the iPlanet-version will work best, but get this problem when I restart directory server: [root@testserver schema]# service dirsrv restart Shutting down dirsrv: testserver... [ OK ] Starting dirsrv: testserver...[27/Nov/2008:10:37:31 +0100] - Entry "cn=schema attributeTypes: ( 1.3.6.1.4.1.15953.9.1.1 NAME 'sudoUser' DESC 'User(s) who may run sudo' EQUALITY caseExactIA5Match SUBSTR caseE" required attribute "objectclass" missing </blockquote> The sudo schema is now in CVS HEAD and will be part of the next release of Fedora DS: <a href="http://cvs.fedoraproject.org/viewvc/ldapserver/ldap/schema/60sudo.ldif?revision=1.1&root=dirsec&view=markup" target="_blank">http://cvs.fedoraproject.org/viewvc/ldapserver/ldap/schema/60sudo.ldif?revision=1.1&root=dirsec&view=markup</a> You can go ahead and download and use this file with any version of Fedora DS. <blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"> [ OK ] [root@testserver schema]# cat 99sudoers.ldif dn: cn=schema attributeTypes: ( 1.3.6.1.4.1.15953.9.1.1 NAME 'sudoUser' DESC 'User(s) who may run sudo' EQUALITY caseExactIA5Match SUBSTR caseE xactIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 X-ORIGIN 'SUDO' ) attributeTypes: ( 1.3.6.1.4.1.15953.9.1.2 NAME 'sudoHost' DESC 'Host(s) who may run sudo' EQUALITY caseExactIA5Match SUBSTR caseEx actIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 X-ORIGIN 'SUDO' ) attributeTypes: ( 1.3.6.1.4.1.15953.9.1.3 NAME 'sudoCommand' DESC 'Command(s) to be executed by sudo' EQUALITY caseExactIA5Match S YNTAX 1.3.6.1.4.1.1466.115.121.1.26 X-ORIGIN 'SUDO' ) attributeTypes: ( 1.3.6.1.4.1.15953.9.1.4 NAME 'sudoRunAs' DESC 'User(s) impersonated by sudo' EQUALITY caseExactIA5Match SYNTAX 1 .3.6.1.4.1.1466.115.121.1.26 X-ORIGIN 'SUDO' ) attributeTypes: ( 1.3.6.1.4.1.15953.9.1.5 NAME 'sudoOption' DESC 'Options(s) followed by sudo' EQUALITY caseExactIA5Match SYNTAX 1 .3.6.1.4.1.1466.115.121.1.26 X-ORIGIN 'SUDO' ) objectClasses: ( 1.3.6.1.4.1.15953.9.2.1 NAME 'sudoRole' SUP top STRUCTURAL DESC 'Sudoer Entries' MUST ( cn ) MAY ( sudoUser $ sud oHost $ sudoCommand $ sudoRunAs $ sudoOption $ description ) X-ORIGIN 'SUDO' ) Any help to get the schema for sudo correctly added is appreciated. Thanks, Erling -- Fedora-directory-users mailing list <a href="mailto:Fedora-directory-users@redhat.com" target="_blank">Fedora-directory-users@redhat.com</a> <a href="https://www.redhat.com/mailman/listinfo/fedora-directory-users" target="_blank">https://www.redhat.com/mailman/listinfo/fedora-directory-users</a> </blockquote> -- Fedora-directory-users mailing list <a href="mailto:Fedora-directory-users@redhat.com">Fedora-directory-users@redhat.com</a> <a href="https://www.redhat.com/mailman/listinfo/fedora-directory-users" target="_blank">https://www.redhat.com/mailman/listinfo/fedora-directory-users</a> </blockquote></div>