On Fri, Oct 08, 2010 at 06:16:31AM -0700, [email protected] wrote: > On Oct 5, 10:03 am, Brian Candler <[email protected]> wrote: > > sudo's testing for group membership seems a lot more attractive in that > > regard. > > Can it test this using LDAP, too?
Sure: using nss_ldap then you ldap uid, gid and supplementary groups via LDAP. Then in /etc/sudoers you just check for membership of a particular group. ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
