On Thu, Jul 28, 2011 at 2:10 PM, Gowrishankar Rajaiyan <g...@redhat.com>wrote:
> On 07/28/2011 07:22 AM, arun scaria wrote: > > Hi all, > > I'v created my write-up on SUDO responder/cache behavior at > > > https://fedorahosted.org/sssd/wiki/DesignDocs/SudoSupport/SudoResponderCacheBehavior > . > > I'd love to hear your opinion on it. Please take a review and comment. > > > > One question: > How do we plan to include "sudoOption=!authenticate" (where > !authenticate=NOPASSWD) in a sudorule during offline? > > The option !authenticate is not specified anywhere in the standard sudo schema at http://www.gratisoft.us/sudo/man/1.8.1/sudoers.ldap.man.html. But this option is found in all the blogs and tutorials as the alternative to the NOPASSWD option in the sudoers file. In the current implementation of sudo plugin we are doing the pam authentication with sudo pam config file. This is done before we query the sssd for authentication for sudo. So that the user will be requested password even if the !authenticate sudoOption is enabled. > -- > Regards, > Shanks > > Looking to carve out IT costs? > www.redhat.com/carveoutcosts/ > _______________________________________________ > sssd-devel mailing list > sssd-devel@lists.fedorahosted.org > https://fedorahosted.org/mailman/listinfo/sssd-devel > -- Arun Scaria Chairman | MEC Association of Computer Students (MACS) Junior Under Graduate, Computer Science and Engineering (2008-2012) Govt. Model Engineering College Cochin-21. (M) +918089528527. arunscari...@gmail.com arunsca...@acm.org arun.sca...@arbitron.com
_______________________________________________ sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/sssd-devel
