Thanks to Edward for a note concerning the use of whitespace. It is now working for me, as long as there is no space padded around the LDAP group. I.E., ...;%testPAMGroup;... works, but ...; %testPAMGroup;... doesn't.
Testing with "sudo login" then works by default. Usage under "sudo su - mark-test" only works if "auth optional pam_group.so" is added to the top of /etc/pam.d/su (before pam_rootok.so). Similar edits are needed to support SSH logins, etc. (Is there a better place to add this, such as into common-auth - while considering the required placement in su before pam_rootok.so?) -- pam_group does not support NSS groups https://bugs.launchpad.net/bugs/297408 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
