Jump to content

Toolserver:Admin:Sudo

From mediawiki.org

This page was moved from the Toolserver wiki.
Toolserver has been replaced by Toolforge. As such, the instructions here may no longer work, but may still be of historical interest.
Please help by updating examples, links, template links, etc. If a page is still relevant, move it to a normal title and leave a redirect.

We use sudo for admins to obtain root access, and for users to access multi-maintainer projects. The sudo configuration for all servers is stored in LDAP. To view the current configuration:

% ldapsearch -h ldap -b o=unix,o=toolserver -Duid=<yourname>,ou=people,o=unix,o=toolserver '(objectclass=sudo*)'
Enter bind password: 
version: 1
dn: cn=%admins,ou=SUDOers,o=unix,o=toolserver
objectClass: sudoRole
objectClass: top
sudoCommand: ALL
sudoRunAs: ALL
cn: %admins
sudoUser: %admins
sudoHost: ALL

To edit an entry:

$ ldapvi '(&(cn=%admins)(objectclass=sudorole))'

To add a new entry: create an LDIF file based on an existing entry, for instance:

dn: cn=otherroot,ou=SUDOers,o=unix,o=toolserver changetype: add objectClass: top objectClass: sudoRole cn: otherroot sudoUser: otherroot sudoHost: ALL sudoRunas: ALL sudoCommand: ALL

Then run:

ldapmodify -Duid=<yourname>,ou=people,o=unix,o=toolserver -w - -f sudo.ldif

Category:Admin:Software