Bug 811 – Lack of documentation for Defaults associated to a User_Alias or a Cmnd_Alias

Bug 811 - Lack of documentation for Defaults associated to a User_Alias or a Cmnd_Alias


Summary:	Lack of documentation for Defaults associated to a User_Alias or a Cmnd_Alias

Status:	RESOLVED FIXED

Product:	Sudo
Classification:	Unclassified
Component:	Sudo
Version:	1.8.21
Hardware:	All All

Importance:	low enhancement
Assigned To:	Todd C. Miller

URL:

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2017-12-06 16:31 MST by Daniele Palumbo
Modified:	2018-05-01 10:20 MDT (History)
CC List:	1 user (show)

See Also:	810

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Daniele Palumbo 2017-12-06 16:31:20 MST

Current LDAP documentation 
https://www.sudo.ws/man/1.8.21/sudoers.ldap.man.html
lack of documentation for Defaults associated to a User_Alias or a Cmnd_Alias

Examples are taken from
https://www.sudo.ws/man/1.8.21/sudoers.man.html#EXAMPLES 
for consistency.

User_Alias Defaults:
"Defaults:millert	!authenticate" 

Can be translated in
# millert, SUDOers, courtesan.com
dn: cn=millert,ou=SUDOers,dc=courtesan,dc=com
objectClass: top
objectClass: sudoRole
cn: millert
sudoUser: millert
sudoRunAsUser: ALL
sudoRunAsGroup: ALL
sudoHost: ALL
sudoOption: !authenticate

Cmnd_Alias Default:
"Cmnd_Alias	PAGERS = /usr/bin/more, /usr/bin/pg, /usr/bin/less
Defaults!PAGERS		noexec"

Cannot be currently translated.

Documentation should be fixed in order to show up what can be accomplished and what can not.

Comment 1 Todd C. Miller 2018-03-30 07:02:38 MDT

In sudo 1.8,23 the sudoers.ldap manual will include a section on converting from file-based sudoers to LDAP-based which should address this.

Comment 2 Todd C. Miller 2018-05-01 10:20:10 MDT

Sudo 1.8.23 has a "Converting between file-based and LDAP sudoers" sub-section in the sudoers.ldap manual.