In Mageia 6. For reasons as of yet unknown, sudoers are not enumerated by LDAP when sssd is in use. Using the identical Mageia its sister distribution and Rosa sssd.conf and nsswitch.conf setups with: sudoers: files sss on Rosa systems this is honored and sudo permissions are extrapolated from sss, on Mageia they are ignored.
Assigning to all packagers collectively, since there is no registered maintainer for this package.
CC: (none) => marja11Assignee: bugsquad => pkg-bugs
This works for me on mga5. --- sudo.spec +++ sudo.spec @@ -2,7 +2,7 @@ Name: sudo Version: 1.8.18p1 -Release: %mkrel 1 +Release: %mkrel 2 Epoch: 1 Summary: Allows command execution as root for specified users License: GPLv2+ @@ -75,6 +75,7 @@ --with-ldap \ --with-ldap-conf-file=%{_sysconfdir}/nslcd.conf \ --with-ldap-secret-file=%{_sysconfdir}/nslcd.conf \ + --with-sssd \ --with-secure-path="/sbin:%{_sbindir}:/bin:%{_bindir}:/usr/local/bin:/usr/local/sbin" \ --with-passprompt="[sudo] password for %p: " \ --with-plugindir=%{_libdir}/sudo # urpmi libsss_sudo # grep sudo /etc/nsswitch.conf sudoers: sss o /etc/sssd/sssd.conf [sssd] ... services = nss, pam, sudo [domain/HOME] ... sudo_provider = ldap ldap_sudo_search_base = ou=sudo,ou=services,dc=home,dc=network ...
CC: (none) => rod.emerson
This is on Mageia 6. I'll check things again. I didn't want to post too much config info to bugzilla.
[sssd] config_file_version = 2 services = nss, pam, sudo [domain/NETWORK] sudo_provider = ldap ldap_sudo_search_base = ou=sudoers,ou=System,dc=network
in /etc/nsswitch.conf sudoers: sss files
See Also: (none) => https://bugs.mageia.org/show_bug.cgi?id=21076
See Also: (none) => https://bugs.mageia.org/show_bug.cgi?id=21077