Hi, With the patches that landed on the list today, the sudo support in SSSD is finally feature-complete. Rudimentary testing can be performed using the sss_sudo_cli test binary that is built in-tree, but the user needs a patched sudo package to fully test the feature.
With Daniel's permission, I have put the test packages on my fedorapeople space. It is code that has not yet been upstreamed, it is experimental and intended as a developer-preview only. Please DO NOT run this in production. The source RPM: http://jhrozek.fedorapeople.org/sudo-sssd/sudo-1.8.3p1-2.fc15.src.rpm The patch: http://jhrozek.fedorapeople.org/sudo-sssd/sudo-1.8.3p1-sssd-support.patch Make sure that you have the libsss_sudo and libsss_sudo-devel packages installed. After installing sudo, edit /etc/nsswitch.conf and change the "sudoers" line to include "sss", for example "sudoers: files sss". Edit sssd.conf and include the sudo search base that points to sudo rules stored on your LDAP server. Restart sssd. When you log in as a user that is included in a sudo rule, run "sudo -l" and you should see the list of the rules. sudo should keep running even if your LDAP server is inaccesible. If you encounter any issues, please either file a ticket or reply to sssd-devel. Happy testing! _______________________________________________ sssd-devel mailing list [email protected] https://fedorahosted.org/mailman/listinfo/sssd-devel
