Bug 325

I actually considered this a feature rather than a bug.  Without something like nsswitch.conf there is no good way to specify the order of lookups.  This is a real problem for people trying to package up sudo.  I've been considering adding an order line in /etc/sudoers, which may show up in sudo 1.7.0.

I consider '--with-nsswitch=/etc/sudo.ldap' or something equivalent a decent workaround... this is what I currently use.

Another option work be to maybe parse AIX's equivalent of nsswitch.conf, which is /etc/netsvc.conf and uses the following format:

identifier = value, value

I have no idea if it's possible to add custom identifiers, or if this will break other applications

Can you try ftp://ftp.sudo.ws/pub/millert/sudo/sudo-1.7.1b3.tar.gz and see if it properly configures sudo to use /etc/netsvc.conf?  It should define _PATH_NETSVC_CONF in config.h and use netsvc.conf instead of nsswitch.conf

It seems to work, I do have to explicitly give --with-netsvc in configure:

 $ sudo ./sudo -l
Matching Defaults entries for root on this host:
    MUNGED

Runas and Command-specific defaults for root:


User root may run the following commands on this host:
    (ALL) ALL   (from files)
    (root) EXEC: /usr/bin/bash, ALL (from ldap)

$ sudo vi /etc/netsvc.conf (remove the sudoers ldap line)

$ sudo ./sudo -l
User root may run the following commands on this host:
    (ALL) ALL

That's odd.  I didn't have to use --with-netsvc when I had that block outside of the aix section in configure.

Yeah... seems to work as well without the explicit --with-netsvc
Just didn't test it correctly (was looking for output in the config.log)
so FIXED :)