SuSE sudo levels We are working on a project to consolidate Linux userid management. We are moving our Linux Users from each Linux Guest and will manage them using CA-ACF2 and PAM. However we ran into a slight problem. We use sudo to control root access and then define the privileged users to group wheel. We do this for all our guests. The problem appears to be sudo not recognizing group wheel if it is not the users primary group and the group is assigned outside of /etc/group, for example, ldap. In our case, we changed nsswitch.conf to reflect the following:
passwd: CA_esm compat group: CA_esm compat We think this problem has been corrected with sudo version 1.6.9 (see http://www.sudo.ws/sudo/current.html ) Sudo now uses the supplemental group vector for matching. This fixes problems with split group lines in /etc/group as well as multiple group sources in nsswitch.conf. Here is the problem, we are running the following guests: SuSE SLES10x SP1 Kernel 2.6.16.53-0.18-default with Sudo version 1.6.8p12 SuSE SLES9x SP3 Kernel 2.6.5-7.287.3 with Sudo version 1.6.7p5 Unfortunately these are the latest versions of sudo that Novell has released for these Linux Distributions according to YaST. We pay for updates and patches so the question is, Can we get the latest sudo version from Novell or do I have to download it and build it myself? If I have to build it myself, does it void any support type warranties with Novell? As always, thanks in advance. Peter This Email message and any attachment may contain information that is proprietary, legally privileged, confidential and/or subject to copyright belonging to Pepco Holdings, Inc. or its affiliates ("PHI"). This Email is intended solely for the use of the person(s) to which it is addressed. If you are not an intended recipient, or the employee or agent responsible for delivery of this Email to the intended recipient(s), you are hereby notified that any dissemination, distribution or copying of this Email is strictly prohibited. If you have received this message in error, please immediately notify the sender and permanently delete this Email and any copies. PHI policies expressly prohibit employees from making defamatory or offensive statements and infringing any copyright or any other legal right by Email communication. PHI will not accept any liability in respect of such communications. ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
