/etc/ldap/sudo.ldif is in debian-edu-config 1.818+deb8u2.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 | ## Allow www-data to run /usr/sbin/gosa-sync via sudo
dn: ou=sudoers,dc=skole,dc=skolelinux,dc=no
objectClass: top
objectClass: organizationalUnit
ou: sudoers
dn: cn=defaults,ou=sudoers,dc=skole,dc=skolelinux,dc=no
objectClass: top
objectClass: sudoRole
cn: defaults
description: Default sudo options go here
sudoOption: env_reset
dn: cn=DebianEdu,ou=sudoers,dc=skole,dc=skolelinux,dc=no
objectClass: top
objectClass: sudoRole
sudoUser: www-data
sudoHost: tjener
cn: DebianEdu
sudoOption: !authenticate
sudoOption: !syslog
sudoOption: env_keep=USERPASSWORD
description: Propagate GOsa's changes to the system
sudoCommand: /usr/share/debian-edu-config/tools/gosa-sync
sudoCommand: /usr/share/debian-edu-config/tools/gosa-remove
sudoCommand: /usr/share/debian-edu-config/tools/gosa-create
sudoCommand: /usr/share/debian-edu-config/tools/gosa-sync-dns-nfs
sudoCommand: /usr/share/debian-edu-config/tools/gosa-lock-user
sudoCommand: /usr/share/debian-edu-config/tools/gosa-unlock-user
dn: cn=root,ou=sudoers,dc=skole,dc=skolelinux,dc=no
objectClass: top
objectClass: sudoRole
cn: root
sudoUser: root
sudoHost: ALL
sudoRunAs: ALL
sudoCommand: ALL
dn: cn=$FIRSTUSERNAME,ou=sudoers,dc=skole,dc=skolelinux,dc=no
objectClass: top
objectClass: sudoRole
cn: $FIRSTUSERNAME
sudoUser: $FIRSTUSERNAME
sudoHost: ALL
sudoRunAs: ALL
sudoCommand: ALL
|