Hide Forgot
Description of problem: Version-Release number of selected component (if applicable): # rpm -q sudo nss-pam-ldapd sudo-1.7.4p5-7.el6.i686 nss-pam-ldapd-0.7.5-9.el6.i686 How reproducible: Always Steps to Reproduce: 1. Configure /etc/nslcd.conf as: # grep ^[^#] /etc/nslcd.conf uid nslcd gid ldap sudoers_base ou=SUDOers,dc=lab,dc=eng,dc=pnq,dc=redhat,dc=com binddn uid=sudo,cn=sysaccounts,cn=etc,dc=lab,dc=eng,dc=pnq,dc=redhat,dc=com bindpw bind123 ssl no tls_cacertfile /etc/ipa/ca.crt bind_timelimit 5 timelimit 15 BASE dc=lab,dc=eng,dc=pnq,dc=redhat,dc=com TLS_CACERTDIR /etc/ipa uri ldap://bumblebee.lab.eng.pnq.redhat.com 2. service nslcd restart 3. Actual results: # service nslcd restart Stopping nslcd: [ OK ] Starting nslcd: nslcd: /etc/nslcd.conf:132: unknown keyword: 'sudoers_base' [FAILED] However, sudo works as expected if you have "sudoers_base" and "sudoers_debug" in /etc/nslcd.conf. Expected results: nslcd should recognize these keywords. As per the fix in https://bugzilla.redhat.com/show_bug.cgi?id=709235 sudo now searches the /etc/nslcd.conf file, hence the sudoers_base and sudoers_debug keywords should be recognized and nslcd should start without any failures. Additional info: https://bugzilla.redhat.com/show_bug.cgi?id=709235
sudo needs to have its own configuration file. Depending on configuration files from other packages which may or may not be installed (and requiring nslcd so that its configuration file will be there, even if the system uses something else like SSSD) will inevitably break.