Bug 215

Summary: request for ordering constraints with LDAP
Product: Sudo Reporter: Bdale Garbee <bdale>
Component: SudoAssignee: Todd C. Miller <Todd.Miller>
Status: RESOLVED FIXED    
Severity: enhancement    
Priority: normal    
Version: 1.6.8   
Hardware: PC   
OS: Linux   
URL: http://bugs.debian.org/373674

Description Bdale Garbee 2006-06-14 21:10:55 MDT 
One of the users of my Debian packaging of sudo has pointed out that the version
built with LDAP support violates the principle of least astonishment by failing
to preserve the normal sudoers ordering constraints because the LDAP results are
not ordered.  He suggests ways the behavior could be improved to restore the
behavior provided by the non-LDAP version.  Seems like a good idea to me, but
beyond the scope of the Debian packaging.  The complete original email is bug
373674 in the Debian bug tracking system.
Comment 1 Todd C. Miller 2007-07-05 17:09:25 MDT 
Link to debian bug tracker http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=373674
Comment 2 Todd C. Miller 2011-03-03 09:58:09 MST 
Sudo 1.7.5 and 1.8.0 LDAP support includes a sudoOrder attribute that can be used to preserve sudoers file ordering constraints.