From: Todd C. Miller <Todd.Miller@courtesan.com>
Date: Tue, 5 Feb 2013 16:42:46 +0000 (-0500)
Subject: add group_source example
X-Git-Tag: SUDO_1_8_7~1^2~253
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=f0fdf41d2a7f2c7b1ad111169f88eb455beec312;p=sudo

add group_source example
---

diff --git a/doc/sample.sudo.conf b/doc/sample.sudo.conf
index 0724c2503..c605bb5b5 100644
--- a/doc/sample.sudo.conf
+++ b/doc/sample.sudo.conf
@@ -53,3 +53,20 @@ Plugin sudoers_io sudoers.so
 # dumps by setting "disable_coredump" to false.
 #
 #Set disable_coredump false
+
+#
+# User groups:
+#
+# Sudo passes the user's group list to the policy plugin.
+# If the user is a member of the maximum number of groups (usually 16),
+# sudo will query the group database directly to be sure to include
+# the full list of groups.
+#
+# On some systems, this can be expensive so the behavior is configurable.
+# The "group_source" setting has three possible values:
+#   static   - use the user's list of groups returned by the kernel.
+#   dynamic  - query the group database to find the list of groups.
+#   adaptive - if user is in less than the maximum number of groups.
+#	       use the kernel list, else query the group database.
+#
+#Set group_source static