Re: [Fedora-directory-users] Sudo in directory server

Rich Megginson Mon, 01 Dec 2008 07:54:32 -0800

Erling Ringen Elvsrud wrote:

I try to add the schema for sudoers from README.LDAP in
the srpm-file of sudo-1.6.8p12. I assume the iPlanet-version will work best, but
get this problem when I restart directory server:


[EMAIL PROTECTED] schema]# service dirsrv restart
Shutting down dirsrv:
    testserver...                                          [  OK  ]
Starting dirsrv:
    testserver...[27/Nov/2008:10:37:31 +0100] - Entry "cn=schema
attributeTypes: ( 1.3.6.1.4.1.15953.9.1.1 NAME 'sudoUser' DESC
'User(s) who may  run sudo' EQUALITY caseExactIA5Match SUBSTR caseE"
required attribute "objectclass" missing

The sudo schema is now in CVS HEAD and will be part of the next release of Fedora DS:

http://cvs.fedoraproject.org/viewvc/ldapserver/ldap/schema/60sudo.ldif?revision=1.1&root=dirsec&view=markup

You can go ahead and download and use this file with any version of Fedora DS.

                                                           [  OK  ]
[EMAIL PROTECTED] schema]# cat 99sudoers.ldif
dn: cn=schema attributeTypes: ( 1.3.6.1.4.1.15953.9.1.1 NAME
'sudoUser' DESC 'User(s) who may  run sudo' EQUALITY caseExactIA5Match
SUBSTR caseE

xactIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 X-ORIGIN 'SUDO' )
  attributeTypes: ( 1.3.6.1.4.1.15953.9.1.2 NAME 'sudoHost' DESC
'Host(s) who may run sudo' EQUALITY caseExactIA5Match SUBSTR caseEx

actIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 X-ORIGIN 'SUDO' )
  attributeTypes: ( 1.3.6.1.4.1.15953.9.1.3 NAME 'sudoCommand' DESC
'Command(s) to be executed by sudo' EQUALITY caseExactIA5Match S

YNTAX 1.3.6.1.4.1.1466.115.121.1.26 X-ORIGIN 'SUDO' )
  attributeTypes: ( 1.3.6.1.4.1.15953.9.1.4 NAME 'sudoRunAs' DESC
'User(s) impersonated by sudo' EQUALITY caseExactIA5Match SYNTAX 1

.3.6.1.4.1.1466.115.121.1.26 X-ORIGIN 'SUDO' )
  attributeTypes: ( 1.3.6.1.4.1.15953.9.1.5 NAME 'sudoOption' DESC
'Options(s) followed by sudo' EQUALITY caseExactIA5Match SYNTAX 1

.3.6.1.4.1.1466.115.121.1.26 X-ORIGIN 'SUDO' )
  objectClasses: ( 1.3.6.1.4.1.15953.9.2.1 NAME 'sudoRole' SUP top
STRUCTURAL DESC 'Sudoer Entries' MUST ( cn ) MAY ( sudoUser $ sud

oHost $ sudoCommand $ sudoRunAs $ sudoOption $ description ) X-ORIGIN 'SUDO' )

Any help to get the schema for sudo correctly added is appreciated.

Thanks,

Erling

--
Fedora-directory-users mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/fedora-directory-users

smime.p7s
Description: S/MIME Cryptographic Signature

--
Fedora-directory-users mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/fedora-directory-users

Re: [Fedora-directory-users] Sudo in directory server

Reply via email to