pam_ldap and nss_ldap : checken and egg problem with "wheel"
group and "su" utility
Lev Serebryakov
lev at FreeBSD.org
Fri Sep 23 19:08:08 UTC 2011
Hello, Dag-Erling.
You wrote 22 сентября 2011 г., 19:21:27:
> Lev Serebryakov <lev at FreeBSD.org> writes:
>> But when "wheel" is in /etc/group with only "root" member (as all
>> other members are in LDAP), system never takes "wheel" members from
>> LDAP (because /etc/group has priority) and "su" doesn't work!
> Did you try changing the priority in /etc/nsswitch.conf?
It gives very long boot time, as nss_ldap waits for answer from
non-started server, again and again, etc.
--
// Black Lion AKA Lev Serebryakov <lev at serebryakov.spb.ru>
More information about the freebsd-security
mailing list