From: Todd C. Miller <Todd.Miller@courtesan.com>
Date: Mon, 21 Jan 2008 18:22:51 +0000 (+0000)
Subject: mention --with-nsswitch=no
X-Git-Tag: SUDO_1_7_0~208
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=cc346a5ecf3f85fa2b93e3c228de28066be85eaf;p=sudo

mention --with-nsswitch=no
---

diff --git a/README.LDAP b/README.LDAP
index 83715d188..89ed6daf9 100644
--- a/README.LDAP
+++ b/README.LDAP
@@ -158,7 +158,11 @@ imported the sudoers ldif data.
 
 After configuring /etc/ldap.conf, you must add a line in /etc/nsswitch.conf
 to tell sudo to look in LDAP for sudoers.  See the "Configuring nsswitch.conf"
-section in the sudoers.ldap manual for details.
+section in the sudoers.ldap manual for details.  Note that sudo will use
+/etc/nsswitch.conf even if the underlying operating system does not support it.
+To disable nsswitch support, run configure with the --with-nsswitch=no option.
+This will cause sudo to consult LDAP first and /etc/sudoers second, unless the
+ignore_sudoers_file flag is set in the global LDAP options.
 
 Debugging your LDAP configuration
 =================================