URL:
https://github.com/SSSD/sssd/pull/815
Author: pzirnik
Title: #815: fix to not ignore/drop sudo "defaults" rule
Action: opened
PR body:
"""
The "cn=defaults" rule does not require to have a sudoUser attribute, however
with latest changes the defaults rule get dropped because of the missing sudoUser
attribute. According to sudo ldap schema the attribute sudoUser is only a MAY not a MUST.
Also when using the old pam/nss ldap library this is not an issue. I have seen no
"cn=defaults" rule until now that does have a sudoUser attribute set, so i count
this as a regression.
My proposed patch does skip sysdb_sudo_add_lowered_users() if the rule name matches
"defaults", which looks like the best possible approach for now.
"""
To pull the PR as Git branch:
git remote add ghsssd
https://github.com/SSSD/sssd
git fetch ghsssd pull/815/head:pr815
git checkout pr815