Missing support for nss_sudoers
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
auth-client-config (Ubuntu) |
Confirmed
|
Undecided
|
Unassigned |
Bug Description
The package sudo-ldap provides the canonical way to integrate the sudo system with LDAP. Similarly to the passwd, group etc databases, it uses the 'sudoers' database entry in nsswitch.conf to specify sudo data lookup locations. This entry defaults to 'sudoers: files' for non-LDAP backed sudo (and does not need to be explicitly configured) and requires 'sudoers: ldap files' or similar for LDAP-backed sudo lookup. This functionality has been present in sudo-ldap for years.
auth-client-config hardcodes the database names it expects for nsswitch.conf. This list does not include 'sudoers'; therefore currently auth-client-config cannot be used for setting up sudoers configuration.
There is no other well-known or integrated mechanism for managing /etc/nsswitch.conf entries available other than auth-client-config; other packages fall back to grepping and sed'ing around the file in maintainer scripts.
Please include sudoers into the list of databases known to the script so that sudoers entries can be configured in a clean and safe way.
ProblemType: Bug
DistroRelease: Ubuntu 16.04
Package: auth-client-config 0.9ubuntu1
ProcVersionSign
Uname: Linux 4.4.0-24-generic x86_64
ApportVersion: 2.20.1-0ubuntu2.1
Architecture: amd64
Date: Fri Jun 17 18:23:59 2016
InstallationDate: Installed on 2016-06-07 (10 days ago)
InstallationMedia: Ubuntu 16.04 LTS "Xenial Xerus" - Release amd64 (20160420.1)
PackageArchitec
SourcePackage: auth-client-config
UpgradeStatus: No upgrade log present (probably fresh install)
Status changed to 'Confirmed' because the bug affects multiple users.