Cisco Headend System Release 2.5
Enable the Client for LDAP and Sudo Support
4017610 Rev A
15
Configuring Sudo Support
Follow these instructions to configure Sudo support on an LDAP client.
CAUTION:
Only appropriately qualified and skilled personnel should attempt to install,
operate, maintain, and service this product. Incorrectly configuring the system
can lock all users out of the system. Correcting this requires a lengthy process
of booting from the OS media and undoing the changes.
Only appropriately qualified and skilled personnel should attempt to install,
operate, maintain, and service this product. Incorrectly configuring the system
can lock all users out of the system. Correcting this requires a lengthy process
of booting from the OS media and undoing the changes.
1 If you have not already done so, open an xterm window on the LDAP client and
log in as root user.
2 Type cp -p /usr/local/etc/sudoers /usr/local/etc/sudoers.preLDAP and press
Enter. The system makes a copy of sudoers and names the copy
sudoers.preLDAP.
sudoers.preLDAP.
3 Type /usr/local/sbin/visudo and press Enter. This opens /usr/local/etc/sudoers
file using vi editor.
4 Add the following entries in the appropriate sections:
User_Alias
DBDSADMINS = +DBDSADMINS
Cmnd_Alias SUX = /usr/local/bin/sux - dncs
Defaults
timestamp_timeout = 0
DBDSADMINS ALL = (root) SUX
5 Save and close the /usr/local/etc/sudoers file.
6 Does the file /usr/local/etc/sudoers reflect the above changes?
6 Does the file /usr/local/etc/sudoers reflect the above changes?
If yes, go to Test RADIUS, LDAP, and Sudo Configuration (on page 17).
If no, go back to step 4 and make the necessary modifications.