On Fri, Oct 08, 2010 at 06:16:31AM -0700, rommu...@googlemail.com wrote: > On Oct 5, 10:03 am, Brian Candler <b.cand...@pobox.com> wrote: > > sudo's testing for group membership seems a lot more attractive in that > > regard. > > Can it test this using LDAP, too?
Sure: using nss_ldap then you ldap uid, gid and supplementary groups via LDAP. Then in /etc/sudoers you just check for membership of a particular group. ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos