nslcd and sudo

For some reason nslcd on Scientific Linux 6 does not recognize the sudoers_base directive in it’s config file. But to have sudo work I need that directive in there. After growing tired of manually fixing this every reboot I patched the nslcd init script until a more permanent solution can be found. This is for nss-pam-ldapd-0.7.5-14.el6_2.1.x86_64 but other versions may be affected as well.

--- /etc/init.d/nslcd.original 2012-02-27 10:18:57.474789464 -0600
 +++ /etc/init.d/nslcd 2012-02-27 10:19:01.862151506 -0600
 @@ -33,6 +33,7 @@
 RETVAL=$?
 echo
 [ $RETVAL -eq 0 ] && touch /var/lock/subsys/$prog
 + sed -i -e 's/^#sudoers_base/sudoers_base/' /etc/nslcd.conf
 return $RETVAL
 }
@@ -44,6 +45,7 @@
 if [ $RETVAL -eq 0 ]; then
 rm -f /var/lock/subsys/$prog
 fi
 + sed -i -e 's/^sudoers_base/#sudoers_base/' /etc/nslcd.conf
 }
restart() {

Update:
sudo now uses its own ldap config file, /etc/sudo-ldap.conf
https://bugzilla.redhat.com/show_bug.cgi?id=760843

Leave a Reply