[Fedora-directory-users] Sudo and Ldap
Kashif Ali
snake007uk at gmail.com
Thu Sep 11 13:20:20 UTC 2008
I have now updated my wiki covering the sudo setup, I hope it makes it
simpler for others to understand.
http://wiki.unixcraft.com/display/MainPage/Sudo+in+Centos+Directory+Server
2008/9/10 Kashif Ali <snake007uk at gmail.com>
> I am currently in the process of documenting the schema install into the DS
> server, as well as adding the sudoers into ldap.
>
> 2008/9/10 Malcolm Amir Hussain-Gambles <malcolm at saafinternational.com>
>
> I mainly work on rhel4 servers at the moment, good to know though.
>> It was annoying that sudo didn't include it, glad it does now!
>>
>> Cheers
>>
>> Malcolm
>>
>> On Wed, 2008-09-10 at 09:33 +0100, Jonathan Barber wrote:
>> > On Tue, Sep 09, 2008 at 10:42:26PM +0100, Malcolm Amir Hussain-Gambles
>> wrote:
>> > > Redhat sudo doesn't support ldap, recompile it with ldap support and
>> add
>> > > the sudoers base to /etc/ldap.conf and it should work then, annoying!
>> >
>> > I don't know about RHEL5, but centos 5.2 does:
>> >
>> > [root at pirez ~]# rpm -q centos-release
>> > centos-release-5-2.el5.centos
>> > [root at pirez ~]# rpm -q sudo
>> > sudo-1.6.8p12-12.el5
>> > [root at pirez ~]# ldd $(type -p sudo) | grep ldap
>> > libldap-2.3.so.0 => /usr/lib/libldap-2.3.so.0 (0x00762000)
>> >
>> > And I believe it's been present for all the 5.0 series.
>> >
>> > > Cheers
>> > >
>> > > Malcolm
>> > >
>> > > On Tue, 2008-09-09 at 21:39 +0100, Kashif Ali wrote:
>> > > > Hello all,
>> > > >
>> > > > I have successfully setup FDS on Centos 5.2, and manage to get users
>> > > > signing on without any issues. However if I edit the sudoers file to
>> > > > allow a group on ldap use sudo, the sudo command does not see the
>> > > > members of the group or I think the group itself?
>> > > >
>> > > > I have no idea why this is:
>> > > >
>> > > > if I run the command 'id' as the given user you can clear see the
>> > > > group memberships, however if I do: getent group linuxops I see:
>> > > >
>> > > > linuxops:*:6000:
>> > > >
>> > > > with no members??? however SSHD AllowGroups works? I have configured
>> > > > sshd to only allow members of the linxops group to login and this
>> > > > works fine? so my question is why is sudo behaving differently?
>> > > >
>> > > > --
>> > > > Fedora-directory-users mailing list
>> > > > Fedora-directory-users at redhat.com
>> > > > https://www.redhat.com/mailman/listinfo/fedora-directory-users
>> > >
>> > > --
>> > > Fedora-directory-users mailing list
>> > > Fedora-directory-users at redhat.com
>> > > https://www.redhat.com/mailman/listinfo/fedora-directory-users
>> >
>>
>> --
>> Fedora-directory-users mailing list
>> Fedora-directory-users at redhat.com
>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20080911/cbc6e5a7/attachment.htm>
More information about the Fedora-directory-users
mailing list