SELinux + pam_ldap + sudo
sub at nryc.fr
sub at nryc.fr
Thu Feb 17 14:00:58 UTC 2011
Le 17/02/2011 14:26, sub at nryc.fr a écrit :
> Hello,
>
> On a RHEL5 server with SELinux in "permissive" mode, I can't make sudo
> working with pam_ldap authentication.
>
> pam_ldap is correctly configured : I can perform an authentication on a
> ssh connection but once connected I can't sudo anything even though I'm
> in the "wheel" group and this group is allowed in /etc/sudoers.
>
> I suspect SELinux because of all the servers I manage, this is the only
> one with SELinux activated and the only one with "sudo" problems.
>
> I activated pam_ldap with "authconfig --update --enableldapauth", but I
> manually copied the "ldap.conf" file.
>
> Please note that I'm not familiar with SELinux
I forgot :
- I can't disable SELinux
- I have this error message in /var/log/message when the
authentication fails :
sudo: pam_ldap: ldap_simple_bind Can't contact LDAP server
More information about the redhat-list
mailing list