SUSE Conversations


Using sudo with LUM-enabled eDirectory Users



By: Marc Bitner

September 13, 2006 12:00 am

Reads:253

Comments:0

Rating:0

Problem

We need a way to use sudo with eDirectory users who are LUM-enabled.

Solution

1. Create the eDirectory Group.

2. LUM-enable it and the users contained in the Group.

3. Copy /etc/pam.d/sudo to /etc/pam.d/sudo_old

4. Copy /etc/pam.d/pam_nam_sample to /etc/pam.d/sudo

5. Modify /etc/pam.d/sudo and change ‘sufficient’ to ‘required’ (all instances – not a requirement).

6. Modify /etc/sudoers (using visudo) and add the eDir Group we initially created.

Example

The eDirectory group we created was gSUSEAdmin. We added the following below the line that reads “#%wheel ALL=(ALL) ALL”

%gSUSEAdmin ALL=(ALL) ALL

Note: Special thanks to Brent Griggs for his help with this …

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Categories: Uncategorized

Disclaimer: As with everything else at SUSE Conversations, this content is definitely not supported by SUSE (so don't even think of calling Support if you try something and it blows up).  It was contributed by a community member and is published "as is." It seems to have worked for at least one person, and might work for you. But please be sure to test, test, test before you do anything drastic with it.

Comment

RSS