For some reason nslcd on Scientific Linux 6 does not recognize the sudoers_base directive in it’s config file. But to have sudo work I need that directive in there. After growing tired of manually fixing this every reboot I patched the nslcd init script until a more permanent solution can be found. This is for nss-pam-ldapd-0.7.5-14.el6_2.1.x86_64 but other versions may be affected as well.
--- /etc/init.d/nslcd.original 2012-02-27 10:18:57.474789464 -0600 +++ /etc/init.d/nslcd 2012-02-27 10:19:01.862151506 -0600 @@ -33,6 +33,7 @@ RETVAL=$? echo [ $RETVAL -eq 0 ] && touch /var/lock/subsys/$prog + sed -i -e 's/^#sudoers_base/sudoers_base/' /etc/nslcd.conf return $RETVAL }
@@ -44,6 +45,7 @@ if [ $RETVAL -eq 0 ]; then rm -f /var/lock/subsys/$prog fi + sed -i -e 's/^sudoers_base/#sudoers_base/' /etc/nslcd.conf }
restart() {
Update:
sudo now uses its own ldap config file, /etc/sudo-ldap.conf
https://bugzilla.redhat.com/show_bug.cgi?id=760843