I am trying to setup sudo on my SLES11 servers to allow users in certain groups to run certain commands. Here is an example of what I have in the /etc/sudoers file:
|
Code:
|
User_Alias ADMINS = %SuSE_adm
ADMINS ALL=/bin/su - |
If the user that is trying to run the sudo command has the SuSE_adm group as its primary group, everything works fine. If the user has a different group as its primary group but is still in the SuSE_adm, they get the '
user is not in the sudoers file.' error. When I run the id command on the user, it lists both groups that the user is in.
I need to be able to get this to work based on all the groups the user is in and not just on the primary group of the user. There will be many users that will have multiple groups giving them access to different commands and that won't work if sudo only looks at the users primary group.
Thanks in advance for any help you can give me.
SuSE11 Sudo problem with LDAP group
Threaded Mode
