SSSD-SUDO(5) NAME sssd-sudo - sudo SSSD sudo(8) sssd(8) sudo SSSD. SUDO SSSD SSSD sudo, sss sudoers nsswitch.conf(5). , sudo sudoers(5) ( , ), SSSD, nsswitch.conf : sudoers: files sss sudoers nsswitch.conf, LDAP, sudo , sudoers.ldap(5). : sudo IPA, nisdomainname(1) NIS ( IPA, IPA). SSSD SUDO SSSD <> [sssd] sssd.conf(5). LDAP, sudo ldap_sudo_search_base. , SSSD sudo LDAP. [sssd] config_file_version = 2 services = nss, pam, sudo domains = EXAMPLE [domain/EXAMPLE] id_provider = ldap sudo_provider = ldap ldap_uri = ldap://example.com ldap_sudo_search_base = ou=sudoers,dc=example,dc=com , , systemd, <> , '. , sssd-sudo.socket. SSSD IPA ID, sudo . sudo IPA LDAP (cn=sudo,$SUFFIX). sssd.conf - , . sudo IPA compat (ou=sudoers,$SUFFIX) . SUDO sudo SSSD sudo SSSD , , sudo, . , SSSD . , . , . , . sudo, , , . , , . , ', . sudo. , . sudo. , , , , , . , SSSD , , ( ). , SSSD , '. , , sudoHost : o ALL o o ( <<+ >>) o ' o IP- ' o IP- ( <</>>) , <> sssd-ldap(5) <> sssd.conf(5), . SSSD LDAP sudo. , , , . 1. LDAP. , LDAP: objectClass, cn, entryUSN modifyTimestamp. 2. ldap_sudo_search_base. , , sudo . 3. . sudo , , ldap_sudo_full_refresh_interval ldap_sudo_smart_refresh_interval. , ldap_sudo_smart_refresh_interval = 0. 4. , ldap_sudo_random_offset, . sssd(8), sssd.conf(5), sssd-ldap(5), sssd-ldap-attributes(5), sssd- krb5(5), sssd-simple(5), sssd-ipa(5), sssd-ad(5), sssd-files(5), sssd- sudo(5), sssd-session-recording(5), sss_cache(8), sss_debuglevel(8), sss_obfuscate(8), sss_seed(8), sssd_krb5_locator_plugin(8), sss_ssh_authorizedkeys(8), sss_ssh_knownhostsproxy(8), sssd-ifp(5), pam_sss(8). sss_rpcidmapd(5) AUTHORS SSSD -- https://pagure.io/SSSD/sssd/ SSSD 04/09/2024 SSSD-SUDO(5)