sudo + sssd + ldap

May 22, 2014 | Categories: Linux, Technical | Tags: ldap, sss, sssd, sudo, sudoers No Comments ↓

In my quest to implement sssd, my focus turned towards sudo. Centralizing the sudo rules to an LDAP server (or cluster) simplifies management of users and access. Rather than /etc/sudoers files on each machine, sudo can look in to LDAP for a specific user’s rules. The path of a query is: sudo command requested ->

sssd and tmpfs

May 19, 2014 | Categories: Linux, Technical | Tags: fedora, rpm, sssd, systemd, tmpfiles, tmpfiles.d, tmpfs No Comments ↓

After my previous efforts to migrate to sssd, it was discovered after a reboot that sssd and a tmpfs /var/log did not play well together. sssd has a couple of minor faults: If the default /var/log/sssd directory does not exist, sssd will not start It does not create the default /var/log/sssd directory if one does

Embracing SSSD in Linux

May 16, 2014 | Categories: Linux, Rants, Technical | Tags: 389-ds, fedora, ipa, linux, nscd, nslcd, openldap, redhat, sssd No Comments ↓

Migrating to yet another interface to talk to your LDAP server sounds like a complete waste of time, and in some respects that is true. However, sssd will enable you to do so much more than nslcd/PADL could do for you without having that feeling that you just dirtied up your system with a terrible hack.