Jan-Frode Myklebust wrote:
On 2008-09-24, Simon Blunt <[EMAIL PROTECTED]> wrote:
Use sudo, with config in LDAP:
http://www.gratisoft.us/sudo/readme_ldap.html
Interesting. Do the stock RHEL4 and RHEL5 sudo packages support this?
I think only stock sudo in RHEL5 support LDAP, but it shouldn't be too
hard to rebuild sudo with ldap enabled for RHEL4.
Almost certainly I've missed something, but isn't PAM supposed to be the
glue that ties applications such as sudo to authentication facilities
such as LDAP?
If sudo supports PAM, and I'm sure it does (it requires the file
/etc/pam.d/system-auth), and PAM supports LDAP, and I'm sure it does
(see the nss_ldap package), isn't that enough?
If PAM does not support ssh keys from LDAP, then I think that's the
place to add application support for ssh keys (and contemplate other
kinds of keys too), and the LDAP server might need
changing/configuration to support these keys too. I'm pretty ignorant
here too, but it might be no more than a schema change.
--
Cheers
John
-- spambait
[EMAIL PROTECTED] [EMAIL PROTECTED]
-- Advice
http://webfoot.com/advice/email.top.php
http://www.catb.org/~esr/faqs/smart-questions.html
http://support.microsoft.com/kb/555375
You cannot reply off-list:-)
_______________________________________________
rhelv5-list mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/rhelv5-list