Problem

We need a way to use sudo with eDirectory users who are LUM-enabled.

Solution

1. Create the eDirectory Group.

2. LUM-enable it and the users contained in the Group.

3. Copy /etc/pam.d/sudo to /etc/pam.d/sudo_old

4. Copy /etc/pam.d/pam_nam_sample to /etc/pam.d/sudo

5. Modify /etc/pam.d/sudo and change ‘sufficient’ to ‘required’ (all instances – not a requirement).

6. Modify /etc/sudoers (using visudo) and add the eDir Group we initially created.

Example

The eDirectory group we created was gSUSEAdmin. We added the following below the line that reads “#%wheel ALL=(ALL) ALL”

%gSUSEAdmin ALL=(ALL) ALL

Note: Special thanks to Brent Griggs for his help with this …

(Visited 1 times, 1 visits today)

Category: Uncategorized
This entry was posted Wednesday, 13 September, 2006 at 12:00 am
You can follow any responses to this entry via RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *

No comments yet