AIX > AIXTOOLS

sudo with ldap support

(1/1)

roxyland:
Hi,

The download link on http://www.aixtools.net/index.php/sudo
http://download.aixtools.net/tools/aixtools.sudo-ldap.1.8.31.0.I
seems to be broken.

Was hoping to get a sudo package that support LDAP.
Thanks

roxyland:
sorry I was able to download from that link. Must have been trying an older verion earlier.

Anyway, I've installed it, but the ownership on the installed files cause errors:

sudo: /opt/bin/sudo must be owned by uid 0 and have the setuid bit set                                                                      sudo: /opt/libexec/sudo/sudoers.so must be owned by uid 0                                                                                                            sudo: fatal error, unable to load plugins

They are owned by bin:bin. It also changes ownership of /etc /var and sub-directories to bin:bin

Michael:
I'll look into it. Not done much with sudo lately.
My normal packaging process sets all packages to bin.bin - I'll modify the install.config script to do some chown root.bin for /opt/bin/sudo.
What I had been working on, but never got any feedback from sudo project - was to use RBAC to elevate privilege. Effect is the same, but you had the added 'onion' skin, that you needed to have the authentication 'sudo' to execute sudo - at all.
Don't think I'll get to it today - but quick!
Michael

Michael:
Thanks for the heads-up. I have repackaged sudo-1.8.31 - with LDAP support - and the correct config scripts to make sure the files that need to be owned by root - are owned by root.bin.
Note: I do not use root.system on purpose. I want accounts to have more privilege required that merely being a member of group system.
All feedback is welcome!

Navigation

[0] Message Index

Go to full version