Jan-Frode Myklebust wrote:
On 2008-09-24, Simon Blunt <[EMAIL PROTECTED]> wrote:
Use sudo, with config in LDAP:

   http://www.gratisoft.us/sudo/readme_ldap.html
Interesting. Do the stock RHEL4 and RHEL5 sudo packages support this?

I think only stock sudo in RHEL5 support LDAP, but it shouldn't be too
hard to rebuild sudo with ldap enabled for RHEL4.

Almost certainly I've missed something, but isn't PAM supposed to be the glue that ties applications such as sudo to authentication facilities such as LDAP?

If sudo supports PAM, and I'm sure it does (it requires the file /etc/pam.d/system-auth), and PAM supports LDAP, and I'm sure it does (see the nss_ldap package), isn't that enough?

If PAM does not support ssh keys from LDAP, then I think that's the place to add application support for ssh keys (and contemplate other kinds of keys too), and the LDAP server might need changing/configuration to support these keys too. I'm pretty ignorant here too, but it might be no more than a schema change.



--

Cheers
John

-- spambait
[EMAIL PROTECTED]  [EMAIL PROTECTED]
-- Advice
http://webfoot.com/advice/email.top.php
http://www.catb.org/~esr/faqs/smart-questions.html
http://support.microsoft.com/kb/555375

You cannot reply off-list:-)

_______________________________________________
rhelv5-list mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/rhelv5-list

Reply via email to