[Fedora-directory-users] Sudo and Ldap

Malcolm Amir Hussain-Gambles malcolm at saafinternational.com
Tue Sep 9 22:06:07 UTC 2008 

This is how I've always done it:

I usually just pull the src.rpm and add ldap in the .spec file,
recompile then I can add it to standard build image / kickstart

Then add something like:
sudoers_base   ou=SUDOers,dc=example,dc=com

to /etc/ldap.conf and that should be it


Cheers,

Malcolm

On Tue, 2008-09-09 at 21:54 +0100, Kashif Ali wrote:
> when you say add sudo base? are you talking about ldif file?
> 
> Is there no way to continue to use the original ldif file?
> 
> 
> 2008/9/9 Malcolm Amir Hussain-Gambles <malcolm at saafinternational.com>
>         Redhat sudo doesn't support ldap, recompile it with ldap
>         support and add
>         the sudoers base to /etc/ldap.conf and it should work then,
>         annoying!
>         
>         Cheers
>         
>         Malcolm
>         
>         
>         On Tue, 2008-09-09 at 21:39 +0100, Kashif Ali wrote:
>         > Hello all,
>         >
>         > I have successfully setup FDS on Centos 5.2, and manage to
>         get users
>         > signing on without any issues. However if I edit the sudoers
>         file to
>         > allow a group on ldap use sudo, the sudo command does not
>         see the
>         > members of the group or I think the group itself?
>         >
>         > I have no idea why this is:
>         >
>         > if I run the command 'id' as the given user you can clear
>         see the
>         > group memberships, however if I do: getent group linuxops I
>         see:
>         >
>         > linuxops:*:6000:
>         >
>         > with no members??? however SSHD AllowGroups works? I have
>         configured
>         > sshd to only allow members of the linxops group to login and
>         this
>         > works fine? so my question is why is sudo behaving
>         differently?
>         >
>         
>         > --
>         > Fedora-directory-users mailing list
>         > Fedora-directory-users at redhat.com
>         >
>         https://www.redhat.com/mailman/listinfo/fedora-directory-users
>         
>         --
>         Fedora-directory-users mailing list
>         Fedora-directory-users at redhat.com
>         https://www.redhat.com/mailman/listinfo/fedora-directory-users
> 
> 
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users

More information about the Fedora-directory-users mailing list