#12 authconfig does not configure sudo to use ldap
Opened 3 years ago by mikep. Modified 3 years ago

Authconfig seems incapable of configuring sudo to read its sudoers configuration from LDAP. When I use authconfig to configure a computer to use LDAP or SSSD it does not result in sudo using my LDAP-defined sudoers configuration.

To get this to work manually, I add this to /etc/nsswitch.conf:

sudoers: files sss

and I add this to /etc/sssd.conf:

[sssd]
services = nss, pam, autofs, sudo
[....]
[domain/LDAP]
ldap_sudo_search_base = ou=sudoers,dc=flyn,dc=org

See also: https://bugzilla.redhat.com/show_bug.cgi?id=1008111. Tim Hughes suggested adding support for the following command-line flags/arguments:

--enableldapsudo
--enablesssdsudo
--ldapsudobasedn=<dn> 
--sssdsudobasedn=<dn>

Login to comment on this ticket.

Metadata