Using sudo with LUM-enabled eDirectory Users

Share
Share

Problem

We need a way to use sudo with eDirectory users who are LUM-enabled.

Solution

1. Create the eDirectory Group.

2. LUM-enable it and the users contained in the Group.

3. Copy /etc/pam.d/sudo to /etc/pam.d/sudo_old

4. Copy /etc/pam.d/pam_nam_sample to /etc/pam.d/sudo

5. Modify /etc/pam.d/sudo and change ‘sufficient’ to ‘required’ (all instances – not a requirement).

6. Modify /etc/sudoers (using visudo) and add the eDir Group we initially created.

Example

The eDirectory group we created was gSUSEAdmin. We added the following below the line that reads “#%wheel ALL=(ALL) ALL”

%gSUSEAdmin ALL=(ALL) ALL

Note: Special thanks to Brent Griggs for his help with this …

Share
(Visited 1 times, 1 visits today)

Leave a Reply

Your email address will not be published. Required fields are marked *

No comments yet

2,981 views