Description of problem:
Sudo is able to store its rules in LDAP for easier centralization. However, there is no standardized Name Service Switch Interface and sudo does the lookups on its own.
SSSD will create a new responder/provider pair for downloading and caching SUDO data. A new part of Sudors plugin will be developed that will talk to SSSD using a UNIX socket and fetch the data transparently from SSSD.
The benefits include:
* unified configuration of LDAP servers, timeout parameters, DNS SRV lookups, ...
* only one connection to the LDAP server open
* caching of the sudo rules
* offline access
This feature depends on having a sudo version with pluggable support in RHEL.
This request was not resolved in time for the current release.
Red Hat invites you to ask your support representative to
propose this request, if still desired, for consideration in
the next release of Red Hat Enterprise Linux.
This request was erroneously removed from consideration in Red Hat Enterprise Linux 6.4, which is currently under development. This request will be evaluated for inclusion in Red Hat Enterprise Linux 6.4.
Mostly works, but there are still some important bugs.
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.