[olug] Using RADIUS roles for sudoers

Damian Harouff cekkent at gmail.com
Wed Feb 4 12:47:26 CST 2015


That's what I've got in place at the moment, but that only seems to cover
the password authentication; after authentication via the PAM module for
RADIUS, sudo still attempts to read from /etc/sudoers to see if the user is
indeed allowed to do anything. Unless I has the dumb and there's something
I'm missing.

On Wed, Feb 4, 2015 at 12:42 PM, Kevin <sharpestmarble at gmail.com> wrote:

> Have you looked at pam? There's a RADIUS Pam connector that looks like it
> might do what you want if you put it into /etc/pam.d/sudo
> On Feb 4, 2015 10:21 AM, "Damian Harouff" <cekkent at gmail.com> wrote:
>
> > I've recently encountered an existing system where the company already
> has
> > a RADIUS server set up for authentication, including SSH and sudo, but
> they
> > would like to also use the RADIUS roles to determine what commands can be
> > executed via sudo.
> >
> > I know that sudo has the ability to use LDAP for this, but LDAP isn't
> > available, and the company is not interested in an LDAP server.
> >
> > The Google did not turn up much. Anyone ever done this before?
> > _______________________________________________
> > OLUG mailing list
> > OLUG at olug.org
> > https://lists.olug.org/mailman/listinfo/olug
> >
> _______________________________________________
> OLUG mailing list
> OLUG at olug.org
> https://lists.olug.org/mailman/listinfo/olug
>


More information about the OLUG mailing list