[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: SUDO in LDAP



Buchan Milne said:
> On Fri, 23 Jan 2004 Eric.Sammons@frit.frb.org wrote:
>
>> I am still researching to see if there is any information on this, but
>>  wanted to ask as well, is there support for placing SUDO rules in an
>> LDAP?
>>  Thus allowing for sudo management to be done from a central (common)
>> data
>> store?
>>
>
> It's entirely possible, it just requires someone to implement it (add
> the  code to sudo, and write a schema to hold the data), but it doesn't
> really  relate to this list.
>
> Yes, this is something I would also like to see (although you can deploy
> a  single sudoers to all machines in your network, if it's correctly
> configure).
>
> Regards,
> Buchan

There has been work done in this regard.  Look for information on the
sudo-users mailing list (archives at
http://www.sudo.ws/pipermail/sudo-users/).  It's not official stuff, and
is at the level of a patch to sudo code.  Pretty lightly documented at
this time IIRC.

Check for instance the threads in December 2003.
-Alan


===========
Alan Sparks, UNIX/Linux Systems Administrator    <asparks@doublesparks.net>