Bug 727639

Summary: sudo+Ldap
Product: Red Hat Enterprise Linux 5 Reporter: Alejandro Debussy <andres.debussy>
Component: sudoAssignee: Daniel Kopeček <dkopecek>
Status: CLOSED NOTABUG QA Contact: BaseOS QE Security Team <qe-baseos-security>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 5.4CC: dkopecek, pvrabec
Target Milestone: rc   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2011-08-22 09:34:15 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Alejandro Debussy 2011-08-02 17:01:03 UTC 
Description of problem:
Any user that uses sudo command gets "sudo: unknown defaults entry `env_keep "

Version-Release number of selected component
389-ds-base-1.2.8.3
sudo-1.7.2

Steps to Reproduce:
1. Configure an standalone 389 Directory server with 389-test as rootdn.
2. Try to add the following entries:

dn: ou=SUDOers,ou=Groups,dc=389-test
ou: SUDOers
objectClass: top
objectClass: organizationalUnit

dn: cn=segu,ou=Groups,dc=389-test
gidNumber: 1100
objectClass: top
objectClass: groupofuniquenames
objectClass: posixgroup
cn: segu

dn: cn=%segu,ou=SUDOers,ou=Groups,dc=389-test
objectClass: top
objectClass: sudoRole
cn: %segu
sudoUser: %segu
sudoHost: ALL
sudoCommand: /usr/bin/passwd root
sudoCommand: /usr/sbin/useradd
sudoCommand: /usr/bin/passwd
sudoCommand: /usr/bin/chage
sudoCommand: /usr/sbin/userdel
sudoCommand: /sbin/pam_tally2
sudoOption: !authenticate
Comment 1 Alejandro Debussy 2011-08-18 14:19:46 UTC 
Solved

It was a mistake in syntax on env_keep options.

Error syntax
env_keep = "options"

Solution syntax
env_keep+="options"