|
version 1.1.1.4, 2013/07/22 10:46:12
|
version 1.1.1.6, 2014/06/15 16:12:54
|
|
Line 285 D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
|
Line 285 D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
|
| by s�su�ud�do�o are honored. Configuration options are listed below in upper |
by s�su�ud�do�o are honored. Configuration options are listed below in upper |
| case but are parsed in a case-independent manner. |
case but are parsed in a case-independent manner. |
| |
|
| |
The pound sign (`#') is used to indicate a comment. Both the comment |
| |
character and any text after it, up to the end of the line, are ignored. |
| Long lines can be continued with a backslash (`\') as the last character |
Long lines can be continued with a backslash (`\') as the last character |
| on the line. Note that leading white space is removed from the beginning |
on the line. Note that leading white space is removed from the beginning |
| of lines even when the continuation character is used. |
of lines even when the continuation character is used. |
|
Line 344 D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
|
Line 346 D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
|
| An LDAP filter which is used to restrict the set of records |
An LDAP filter which is used to restrict the set of records |
| returned when performing a s�su�ud�do�o LDAP query. Typically, this is of |
returned when performing a s�su�ud�do�o LDAP query. Typically, this is of |
| the form attribute=value or |
the form attribute=value or |
| (&(attribute=value)(attribute2=value2)). | (&(attribute=value)(attribute2=value2)). The default search filter |
| | is: objectClass=sudoRole. If _�l_�d_�a_�p_�__�f_�i_�l_�t_�e_�r is omitted, no search |
| | filter will be used. |
| |
|
| S�SU�UD�DO�OE�ER�RS�S_�_T�TI�IM�ME�ED�D _�o_�n_�/_�t_�r_�u_�e_�/_�y_�e_�s_�/_�o_�f_�f_�/_�f_�a_�l_�s_�e_�/_�n_�o |
S�SU�UD�DO�OE�ER�RS�S_�_T�TI�IM�ME�ED�D _�o_�n_�/_�t_�r_�u_�e_�/_�y_�e_�s_�/_�o_�f_�f_�/_�f_�a_�l_�s_�e_�/_�n_�o |
| Whether or not to evaluate the sudoNotBefore and sudoNotAfter |
Whether or not to evaluate the sudoNotBefore and sudoNotAfter |
|
Line 465 D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
|
Line 469 D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
|
| tls_key /var/ldap/key3.db |
tls_key /var/ldap/key3.db |
| |
|
| Tivoli Directory Server: |
Tivoli Directory Server: |
| tls_cert /usr/ldap/ldapkey.kdb | tls_key /usr/ldap/ldapkey.kdb |
| When using Tivoli LDAP libraries, this file may also contain |
When using Tivoli LDAP libraries, this file may also contain |
| Certificate Authority and client certificates and may be encrypted. |
Certificate Authority and client certificates and may be encrypted. |
| |
|
| T�TL�LS�S_�_K�KE�EY�YP�PW�W _�s_�e_�c_�r_�e_�t |
T�TL�LS�S_�_K�KE�EY�YP�PW�W _�s_�e_�c_�r_�e_�t |
| The T�TL�LS�S_�_K�KE�EY�YP�PW�W contains the password used to decrypt the key |
The T�TL�LS�S_�_K�KE�EY�YP�PW�W contains the password used to decrypt the key |
| database on clients using the Tivoli Directory Server LDAP library. |
database on clients using the Tivoli Directory Server LDAP library. |
| |
This should be a simple string without quotes. The password may |
| |
not include the comment character (`#') and escaping of special |
| |
characters with a backslash (`\') is not supported. If this option |
| |
is used, _�/_�e_�t_�c_�/_�l_�d_�a_�p_�._�c_�o_�n_�f must not be world-readable to avoid |
| |
exposing the password. Alternately, a _�s_�t_�a_�s_�h _�f_�i_�l_�e can be used to |
| |
store the password in encrypted form (see below). |
| |
|
| If no T�TL�LS�S_�_K�KE�EY�YP�PW�W is specified, a _�s_�t_�a_�s_�h _�f_�i_�l_�e will be used if it |
If no T�TL�LS�S_�_K�KE�EY�YP�PW�W is specified, a _�s_�t_�a_�s_�h _�f_�i_�l_�e will be used if it |
| exists. The _�s_�t_�a_�s_�h _�f_�i_�l_�e must have the same path as the file |
exists. The _�s_�t_�a_�s_�h _�f_�i_�l_�e must have the same path as the file |
| specified by T�TL�LS�S_�_K�KE�EY�Y, but use a .sth file extension instead of |
specified by T�TL�LS�S_�_K�KE�EY�Y, but use a .sth file extension instead of |
| .kdb, e.g. ldapkey.sth. The default ldapkey.kdb that ships with |
.kdb, e.g. ldapkey.sth. The default ldapkey.kdb that ships with |
| Tivoli Directory Server is encrypted with the password |
Tivoli Directory Server is encrypted with the password |
| ssl_password. This option is only supported by the Tivoli LDAP | ssl_password. The _�g_�s_�k_�8_�c_�a_�p_�i_�c_�m_�d utility can be used to manage the |
| libraries. | key database and create a _�s_�t_�a_�s_�h _�f_�i_�l_�e. This option is only |
| | supported by the Tivoli LDAP libraries. |
| |
|
| T�TL�LS�S_�_R�RA�AN�ND�DF�FI�IL�LE�E _�f_�i_�l_�e _�n_�a_�m_�e |
T�TL�LS�S_�_R�RA�AN�ND�DF�FI�IL�LE�E _�f_�i_�l_�e _�n_�a_�m_�e |
| The T�TL�LS�S_�_R�RA�AN�ND�DF�FI�IL�LE�E parameter specifies the path to an entropy source |
The T�TL�LS�S_�_R�RA�AN�ND�DF�FI�IL�LE�E parameter specifies the path to an entropy source |
|
Line 800 D�DI�IS�SC�CL�LA�AI�IM�ME�ER�R
|
Line 812 D�DI�IS�SC�CL�LA�AI�IM�ME�ER�R
|
| file distributed with s�su�ud�do�o or http://www.sudo.ws/sudo/license.html for |
file distributed with s�su�ud�do�o or http://www.sudo.ws/sudo/license.html for |
| complete details. |
complete details. |
| |
|
| Sudo 1.8.7 April 25, 2013 Sudo 1.8.7 | Sudo 1.8.10 February 7, 2014 Sudo 1.8.10 |
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to sudoers.ldap.cat CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / sudo / doc