From Secure Computing Wiki
Revision as of 11:48, 29 July 2008 by (Talk) (initial sudo commit)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

This page will help you get sudo on FreeBSD using OpenLDAP for config storage and authentication.

This is a work in progress. DO NOT FOLLOW THIS UNTIL IT'S FINISHED!!!!!!!!!

PAM Config

Edit the /etc/pam.d/system file to read as follows:

# auth
auth            sufficient             no_warn no_fake_prompts
auth            requisite       no_warn allow_local
#auth           sufficient             no_warn try_first_pass
#auth           sufficient              no_warn try_first_pass
auth            sufficient      /usr/local/lib/      no_warn try_first_pass
auth            required             no_warn try_first_pass nullok

# account
#account        required
account         required        /usr/local/lib/      ignore_unknown_user ignore_authinfo_unavail
account         required
account         required

# session
#session        optional
session         required        /usr/local/lib/
session         required          no_fail

# password
#password       sufficient             no_warn try_first_pass
password        required             no_warn try_first_pass