How to use LDAP to store sudoer information












1















We have a LDAP server and lots working servers. Our user's info are in LDAP http://fclose.com/b/281/ . But sudoers list is stored in /etc/sudoers. Now the question is, how to store sudoers list in LDAP so that there is a center control of it?



We are using Fedora 12 on both LDAP server and working servers.






ldap sudoers







share|improve this question



























    1















    We have a LDAP server and lots working servers. Our user's info are in LDAP http://fclose.com/b/281/ . But sudoers list is stored in /etc/sudoers. Now the question is, how to store sudoers list in LDAP so that there is a center control of it?



    We are using Fedora 12 on both LDAP server and working servers.






    ldap sudoers







    share|improve this question

























      1












      1








      1


      1






      We have a LDAP server and lots working servers. Our user's info are in LDAP http://fclose.com/b/281/ . But sudoers list is stored in /etc/sudoers. Now the question is, how to store sudoers list in LDAP so that there is a center control of it?



      We are using Fedora 12 on both LDAP server and working servers.






      ldap sudoers







      share|improve this question














      We have a LDAP server and lots working servers. Our user's info are in LDAP http://fclose.com/b/281/ . But sudoers list is stored in /etc/sudoers. Now the question is, how to store sudoers list in LDAP so that there is a center control of it?



      We are using Fedora 12 on both LDAP server and working servers.






      ldap sudoers




      ldap sudoers






      share|improve this question













      share|improve this question











      share|improve this question




      share|improve this question










      asked Dec 6 '10 at 17:36









      ericzmaericzma

      5181512




      5181512






















          3 Answers
          3






          active

          oldest

          votes


















          3














          Follow the official instructions from README.LDAP, and the sudoers.ldap manual page.




          1. Make sure sudo is built with LDAP support.

          2. Update the LDAP schema.

          3. Import sudoers file into LDAP.

          4. Configure the sudoers service in nsswitch.conf.






          share|improve this answer
























          • Are there any GUI based apps for managing Sudoer Rules in LDAP? Using a LDAP Browser is not a very user-friendly way for managing a large number of Sudo Rules. FreeIPA has a UI for managing Sudoer Rules, but it requires 389 Directory Server, and we don't use that in our environment (for good reasons)

            – Saqib Ali
            Oct 5 '16 at 19:57











          • README.LDAP link is dead, so as sudoers.ldap link.

            – Dimitri Kopriwa
            Sep 8 '18 at 0:26





















          2














          Add sudo entry like below



          dn: ou=sudoers,ou=people,dc=example,dc=com
          
ou: sudoers
          
objectClass: top
          
objectClass: organizationalUnit
          

          
dn: cn=sudogroup,ou=sudoers,ou=people,dc=example,dc=com
          
objectClass: top
          
objectClass: sudoRole
          
cn: sudogroup
          
sudoUser: thomas
          
sudoHost: ALL
          
sudoRunAs: ALL
          
sudoCommand: ALL


          Add sudoers_base in ldap.conf for client.



          sudoers_base ou=sudoers,ou=people,dc=example,dc=com


          & Edit /etc/nsswitch.conf like below



          sudoers : files ldap





          share|improve this answer


























          • Do you have any reference we can rely on to understand that configuration?

            – Dimitri Kopriwa
            Sep 7 '18 at 20:05



















          0














          These instructions assume you're using OpenLDAP. Some details may be specific to Arch Linux.




          1. Make sure sudo is built with LDAP support. (see README.LDAP or this)

          2. Add the sudo schema to the LDAP server by editing slapd.conf to add include /etc/openldap/schema/sudo.schema. Note that this file must be copied from /usr/share/doc/sudo/schema.OpenLDAP (see README.LDAP).

          3. Per README.LDAP, direct the LDAP server to index the attribute sudoUser by adding the line index sudoUser eq to slapd.conf, and restart the LDAP server.


          4. Add the ou=SUDOers container to the database. This can be done by passing in the following via ldapadd:



            dn: ou=SUDOers,dc=example,dc=com
            objectClass: top
            objectClass: organizationalUnit
            ou: SUDOers



          5. Convert the existing sudoers file to LDIF format with cvtsudoers add it to the database with ldapadd (see README.LDAP). The configuration could, of course, be generated from scratch instead.


          6. Creat (or edit) ldap.conf (/etc/openldap/ldap.conf on Arch) on the client to add sudoers_base ou=SUDOers,dc=example,dc=com to make sudo LDAP-aware (see sudoers.ldap). Depending on your LDAP configuration, it may be necessary to set various LDAP options as well; sudo's syntax for setting options may be different than your LDAP implementation, so the same information may need to be provided twice.

          7. Edit sudoers service in nsswitch.conf to be sudoers: files ldap, or to sudoers: files sss if caching with SSSD (see sudoers.ldap manual). If caching w/ SSSD, the necessary entries will need to be added to sssd.conf (and on systems running systemd sssd-sudo.socket must be enabled (see manual page for SSSD-SUDO))






          share|improve this answer
























            Your Answer








            StackExchange.ready(function() {
            var channelOptions = {
            tags: "".split(" "),
            id: "3"
            };
            initTagRenderer("".split(" "), "".split(" "), channelOptions);

            StackExchange.using("externalEditor", function() {
            // Have to fire editor after snippets, if snippets enabled
            if (StackExchange.settings.snippets.snippetsEnabled) {
            StackExchange.using("snippets", function() {
            createEditor();
            });
            }
            else {
            createEditor();
            }
            });

            function createEditor() {
            StackExchange.prepareEditor({
            heartbeatType: 'answer',
            autoActivateHeartbeat: false,
            convertImagesToLinks: true,
            noModals: true,
            showLowRepImageUploadWarning: true,
            reputationToPostImages: 10,
            bindNavPrevention: true,
            postfix: "",
            imageUploader: {
            brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
            contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
            allowUrls: true
            },
            onDemand: true,
            discardSelector: ".discard-answer"
            ,immediatelyShowMarkdownHelp:true
            });


            }
            });














            draft saved

            draft discarded


















            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f219077%2fhow-to-use-ldap-to-store-sudoer-information%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown

























            3 Answers
            3






            active

            oldest

            votes








            3 Answers
            3






            active

            oldest

            votes









            active

            oldest

            votes






            active

            oldest

            votes









            3














            Follow the official instructions from README.LDAP, and the sudoers.ldap manual page.




            1. Make sure sudo is built with LDAP support.

            2. Update the LDAP schema.

            3. Import sudoers file into LDAP.

            4. Configure the sudoers service in nsswitch.conf.






            share|improve this answer
























            • Are there any GUI based apps for managing Sudoer Rules in LDAP? Using a LDAP Browser is not a very user-friendly way for managing a large number of Sudo Rules. FreeIPA has a UI for managing Sudoer Rules, but it requires 389 Directory Server, and we don't use that in our environment (for good reasons)

              – Saqib Ali
              Oct 5 '16 at 19:57











            • README.LDAP link is dead, so as sudoers.ldap link.

              – Dimitri Kopriwa
              Sep 8 '18 at 0:26


















            3














            Follow the official instructions from README.LDAP, and the sudoers.ldap manual page.




            1. Make sure sudo is built with LDAP support.

            2. Update the LDAP schema.

            3. Import sudoers file into LDAP.

            4. Configure the sudoers service in nsswitch.conf.






            share|improve this answer
























            • Are there any GUI based apps for managing Sudoer Rules in LDAP? Using a LDAP Browser is not a very user-friendly way for managing a large number of Sudo Rules. FreeIPA has a UI for managing Sudoer Rules, but it requires 389 Directory Server, and we don't use that in our environment (for good reasons)

              – Saqib Ali
              Oct 5 '16 at 19:57











            • README.LDAP link is dead, so as sudoers.ldap link.

              – Dimitri Kopriwa
              Sep 8 '18 at 0:26
















            3












            3








            3







            Follow the official instructions from README.LDAP, and the sudoers.ldap manual page.




            1. Make sure sudo is built with LDAP support.

            2. Update the LDAP schema.

            3. Import sudoers file into LDAP.

            4. Configure the sudoers service in nsswitch.conf.






            share|improve this answer













            Follow the official instructions from README.LDAP, and the sudoers.ldap manual page.




            1. Make sure sudo is built with LDAP support.

            2. Update the LDAP schema.

            3. Import sudoers file into LDAP.

            4. Configure the sudoers service in nsswitch.conf.







            share|improve this answer












            share|improve this answer



            share|improve this answer










            answered Dec 6 '10 at 20:33









            grawitygrawity

            242k37511568




            242k37511568













            • Are there any GUI based apps for managing Sudoer Rules in LDAP? Using a LDAP Browser is not a very user-friendly way for managing a large number of Sudo Rules. FreeIPA has a UI for managing Sudoer Rules, but it requires 389 Directory Server, and we don't use that in our environment (for good reasons)

              – Saqib Ali
              Oct 5 '16 at 19:57











            • README.LDAP link is dead, so as sudoers.ldap link.

              – Dimitri Kopriwa
              Sep 8 '18 at 0:26





















            • Are there any GUI based apps for managing Sudoer Rules in LDAP? Using a LDAP Browser is not a very user-friendly way for managing a large number of Sudo Rules. FreeIPA has a UI for managing Sudoer Rules, but it requires 389 Directory Server, and we don't use that in our environment (for good reasons)

              – Saqib Ali
              Oct 5 '16 at 19:57











            • README.LDAP link is dead, so as sudoers.ldap link.

              – Dimitri Kopriwa
              Sep 8 '18 at 0:26



















            Are there any GUI based apps for managing Sudoer Rules in LDAP? Using a LDAP Browser is not a very user-friendly way for managing a large number of Sudo Rules. FreeIPA has a UI for managing Sudoer Rules, but it requires 389 Directory Server, and we don't use that in our environment (for good reasons)

            – Saqib Ali
            Oct 5 '16 at 19:57





            Are there any GUI based apps for managing Sudoer Rules in LDAP? Using a LDAP Browser is not a very user-friendly way for managing a large number of Sudo Rules. FreeIPA has a UI for managing Sudoer Rules, but it requires 389 Directory Server, and we don't use that in our environment (for good reasons)

            – Saqib Ali
            Oct 5 '16 at 19:57













            README.LDAP link is dead, so as sudoers.ldap link.

            – Dimitri Kopriwa
            Sep 8 '18 at 0:26







            README.LDAP link is dead, so as sudoers.ldap link.

            – Dimitri Kopriwa
            Sep 8 '18 at 0:26















            2














            Add sudo entry like below



            dn: ou=sudoers,ou=people,dc=example,dc=com
            
ou: sudoers
            
objectClass: top
            
objectClass: organizationalUnit
            

            
dn: cn=sudogroup,ou=sudoers,ou=people,dc=example,dc=com
            
objectClass: top
            
objectClass: sudoRole
            
cn: sudogroup
            
sudoUser: thomas
            
sudoHost: ALL
            
sudoRunAs: ALL
            
sudoCommand: ALL


            Add sudoers_base in ldap.conf for client.



            sudoers_base ou=sudoers,ou=people,dc=example,dc=com


            & Edit /etc/nsswitch.conf like below



            sudoers : files ldap





            share|improve this answer


























            • Do you have any reference we can rely on to understand that configuration?

              – Dimitri Kopriwa
              Sep 7 '18 at 20:05
















            2














            Add sudo entry like below



            dn: ou=sudoers,ou=people,dc=example,dc=com
            
ou: sudoers
            
objectClass: top
            
objectClass: organizationalUnit
            

            
dn: cn=sudogroup,ou=sudoers,ou=people,dc=example,dc=com
            
objectClass: top
            
objectClass: sudoRole
            
cn: sudogroup
            
sudoUser: thomas
            
sudoHost: ALL
            
sudoRunAs: ALL
            
sudoCommand: ALL


            Add sudoers_base in ldap.conf for client.



            sudoers_base ou=sudoers,ou=people,dc=example,dc=com


            & Edit /etc/nsswitch.conf like below



            sudoers : files ldap





            share|improve this answer


























            • Do you have any reference we can rely on to understand that configuration?

              – Dimitri Kopriwa
              Sep 7 '18 at 20:05














            2












            2








            2







            Add sudo entry like below



            dn: ou=sudoers,ou=people,dc=example,dc=com
            
ou: sudoers
            
objectClass: top
            
objectClass: organizationalUnit
            

            
dn: cn=sudogroup,ou=sudoers,ou=people,dc=example,dc=com
            
objectClass: top
            
objectClass: sudoRole
            
cn: sudogroup
            
sudoUser: thomas
            
sudoHost: ALL
            
sudoRunAs: ALL
            
sudoCommand: ALL


            Add sudoers_base in ldap.conf for client.



            sudoers_base ou=sudoers,ou=people,dc=example,dc=com


            & Edit /etc/nsswitch.conf like below



            sudoers : files ldap





            share|improve this answer















            Add sudo entry like below



            dn: ou=sudoers,ou=people,dc=example,dc=com
            
ou: sudoers
            
objectClass: top
            
objectClass: organizationalUnit
            

            
dn: cn=sudogroup,ou=sudoers,ou=people,dc=example,dc=com
            
objectClass: top
            
objectClass: sudoRole
            
cn: sudogroup
            
sudoUser: thomas
            
sudoHost: ALL
            
sudoRunAs: ALL
            
sudoCommand: ALL


            Add sudoers_base in ldap.conf for client.



            sudoers_base ou=sudoers,ou=people,dc=example,dc=com


            & Edit /etc/nsswitch.conf like below



            sudoers : files ldap






            share|improve this answer














            share|improve this answer



            share|improve this answer








            edited Mar 7 '12 at 18:58

























            answered Jan 17 '12 at 2:07









            atolaniatolani

            1743




            1743













            • Do you have any reference we can rely on to understand that configuration?

              – Dimitri Kopriwa
              Sep 7 '18 at 20:05



















            • Do you have any reference we can rely on to understand that configuration?

              – Dimitri Kopriwa
              Sep 7 '18 at 20:05

















            Do you have any reference we can rely on to understand that configuration?

            – Dimitri Kopriwa
            Sep 7 '18 at 20:05





            Do you have any reference we can rely on to understand that configuration?

            – Dimitri Kopriwa
            Sep 7 '18 at 20:05











            0














            These instructions assume you're using OpenLDAP. Some details may be specific to Arch Linux.




            1. Make sure sudo is built with LDAP support. (see README.LDAP or this)

            2. Add the sudo schema to the LDAP server by editing slapd.conf to add include /etc/openldap/schema/sudo.schema. Note that this file must be copied from /usr/share/doc/sudo/schema.OpenLDAP (see README.LDAP).

            3. Per README.LDAP, direct the LDAP server to index the attribute sudoUser by adding the line index sudoUser eq to slapd.conf, and restart the LDAP server.


            4. Add the ou=SUDOers container to the database. This can be done by passing in the following via ldapadd:



              dn: ou=SUDOers,dc=example,dc=com
              objectClass: top
              objectClass: organizationalUnit
              ou: SUDOers



            5. Convert the existing sudoers file to LDIF format with cvtsudoers add it to the database with ldapadd (see README.LDAP). The configuration could, of course, be generated from scratch instead.


            6. Creat (or edit) ldap.conf (/etc/openldap/ldap.conf on Arch) on the client to add sudoers_base ou=SUDOers,dc=example,dc=com to make sudo LDAP-aware (see sudoers.ldap). Depending on your LDAP configuration, it may be necessary to set various LDAP options as well; sudo's syntax for setting options may be different than your LDAP implementation, so the same information may need to be provided twice.

            7. Edit sudoers service in nsswitch.conf to be sudoers: files ldap, or to sudoers: files sss if caching with SSSD (see sudoers.ldap manual). If caching w/ SSSD, the necessary entries will need to be added to sssd.conf (and on systems running systemd sssd-sudo.socket must be enabled (see manual page for SSSD-SUDO))






            share|improve this answer




























              0














              These instructions assume you're using OpenLDAP. Some details may be specific to Arch Linux.




              1. Make sure sudo is built with LDAP support. (see README.LDAP or this)

              2. Add the sudo schema to the LDAP server by editing slapd.conf to add include /etc/openldap/schema/sudo.schema. Note that this file must be copied from /usr/share/doc/sudo/schema.OpenLDAP (see README.LDAP).

              3. Per README.LDAP, direct the LDAP server to index the attribute sudoUser by adding the line index sudoUser eq to slapd.conf, and restart the LDAP server.


              4. Add the ou=SUDOers container to the database. This can be done by passing in the following via ldapadd:



                dn: ou=SUDOers,dc=example,dc=com
                objectClass: top
                objectClass: organizationalUnit
                ou: SUDOers



              5. Convert the existing sudoers file to LDIF format with cvtsudoers add it to the database with ldapadd (see README.LDAP). The configuration could, of course, be generated from scratch instead.


              6. Creat (or edit) ldap.conf (/etc/openldap/ldap.conf on Arch) on the client to add sudoers_base ou=SUDOers,dc=example,dc=com to make sudo LDAP-aware (see sudoers.ldap). Depending on your LDAP configuration, it may be necessary to set various LDAP options as well; sudo's syntax for setting options may be different than your LDAP implementation, so the same information may need to be provided twice.

              7. Edit sudoers service in nsswitch.conf to be sudoers: files ldap, or to sudoers: files sss if caching with SSSD (see sudoers.ldap manual). If caching w/ SSSD, the necessary entries will need to be added to sssd.conf (and on systems running systemd sssd-sudo.socket must be enabled (see manual page for SSSD-SUDO))






              share|improve this answer


























                0












                0








                0







                These instructions assume you're using OpenLDAP. Some details may be specific to Arch Linux.




                1. Make sure sudo is built with LDAP support. (see README.LDAP or this)

                2. Add the sudo schema to the LDAP server by editing slapd.conf to add include /etc/openldap/schema/sudo.schema. Note that this file must be copied from /usr/share/doc/sudo/schema.OpenLDAP (see README.LDAP).

                3. Per README.LDAP, direct the LDAP server to index the attribute sudoUser by adding the line index sudoUser eq to slapd.conf, and restart the LDAP server.


                4. Add the ou=SUDOers container to the database. This can be done by passing in the following via ldapadd:



                  dn: ou=SUDOers,dc=example,dc=com
                  objectClass: top
                  objectClass: organizationalUnit
                  ou: SUDOers



                5. Convert the existing sudoers file to LDIF format with cvtsudoers add it to the database with ldapadd (see README.LDAP). The configuration could, of course, be generated from scratch instead.


                6. Creat (or edit) ldap.conf (/etc/openldap/ldap.conf on Arch) on the client to add sudoers_base ou=SUDOers,dc=example,dc=com to make sudo LDAP-aware (see sudoers.ldap). Depending on your LDAP configuration, it may be necessary to set various LDAP options as well; sudo's syntax for setting options may be different than your LDAP implementation, so the same information may need to be provided twice.

                7. Edit sudoers service in nsswitch.conf to be sudoers: files ldap, or to sudoers: files sss if caching with SSSD (see sudoers.ldap manual). If caching w/ SSSD, the necessary entries will need to be added to sssd.conf (and on systems running systemd sssd-sudo.socket must be enabled (see manual page for SSSD-SUDO))






                share|improve this answer













                These instructions assume you're using OpenLDAP. Some details may be specific to Arch Linux.




                1. Make sure sudo is built with LDAP support. (see README.LDAP or this)

                2. Add the sudo schema to the LDAP server by editing slapd.conf to add include /etc/openldap/schema/sudo.schema. Note that this file must be copied from /usr/share/doc/sudo/schema.OpenLDAP (see README.LDAP).

                3. Per README.LDAP, direct the LDAP server to index the attribute sudoUser by adding the line index sudoUser eq to slapd.conf, and restart the LDAP server.


                4. Add the ou=SUDOers container to the database. This can be done by passing in the following via ldapadd:



                  dn: ou=SUDOers,dc=example,dc=com
                  objectClass: top
                  objectClass: organizationalUnit
                  ou: SUDOers



                5. Convert the existing sudoers file to LDIF format with cvtsudoers add it to the database with ldapadd (see README.LDAP). The configuration could, of course, be generated from scratch instead.


                6. Creat (or edit) ldap.conf (/etc/openldap/ldap.conf on Arch) on the client to add sudoers_base ou=SUDOers,dc=example,dc=com to make sudo LDAP-aware (see sudoers.ldap). Depending on your LDAP configuration, it may be necessary to set various LDAP options as well; sudo's syntax for setting options may be different than your LDAP implementation, so the same information may need to be provided twice.

                7. Edit sudoers service in nsswitch.conf to be sudoers: files ldap, or to sudoers: files sss if caching with SSSD (see sudoers.ldap manual). If caching w/ SSSD, the necessary entries will need to be added to sssd.conf (and on systems running systemd sssd-sudo.socket must be enabled (see manual page for SSSD-SUDO))







                share|improve this answer












                share|improve this answer



                share|improve this answer










                answered Feb 3 at 0:22









                eponymouseponymous

                284




                284






























                    draft saved

                    draft discarded




















































                    Thanks for contributing an answer to Super User!


                    • Please be sure to answer the question. Provide details and share your research!

                    But avoid



                    • Asking for help, clarification, or responding to other answers.

                    • Making statements based on opinion; back them up with references or personal experience.


                    To learn more, see our tips on writing great answers.




                    draft saved


                    draft discarded














                    StackExchange.ready(
                    function () {
                    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f219077%2fhow-to-use-ldap-to-store-sudoer-information%23new-answer', 'question_page');
                    }
                    );

                    Post as a guest















                    Required, but never shown





















































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown

































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown







                    -

                    Popular posts from this blog

                    Сан-Квентин

                    Image
                    Сан-Квентин Местоположение Сан-Квентин, Калифорния Координаты 37°56′13″ с. ш. 122°29′20″ з. д. H G Я O L Текущий статус Действует Режим безопасности минимальный и максимальный Количество мест 3 302 Открытие Июнь 1852 Находится в ведомстве California Department of Corrections and Rehabilitation Начальник Mike Martel, начальник  Сан-Квентин на Викискладе Сан-Квентин (англ.  San Quentin ) — тюрьма, располагающаяся на 432 акрах (около 1,7 км²), на мысе Сан-Квентин, в округе Марин, штат Калифорния, США. Тюрьма штата Калифорния Сан-Квентин была открыта в июле 1852 года и является старейшей в штате. Она была построена заключёнными, которые проживали в течение строительства на тюремном судне Вабан. В Сан-Квентине отбывали наказание и мужчины, и женщины до 1934 года, когда построили женскую тюрьму в Техачапи и туда перевели всех заключённых женщин. В Сан-Квентине приводятся в исполнение смертные казни, для этого имеется газовая камера, но
                    Read more

                    Алькесар

                    Image
                    Муниципалитет Алькесар Alquézar Герб 42°10′16″ с. ш. 0°01′27″ в. д. H G Я O L Страна Испания   Испания Автономное сообщество Арагон Провинция Уэска Комарка Сомонтано-де-Барбастро Алькальд Хосе Марияно Альтемир Ласкорс (ИСРП) История и география Площадь 32,36 км² Высота НУМ 660 м Часовой пояс UTC+1, летом UTC+2 Население Население 313 человек ( 2010 ) Плотность 9,92 чел./км² Этнохороним alquezarano/-a Цифровые идентификаторы Телефонный код +34 974 Почтовые индексы 22112 Автомобильный код HU alquezar.org   (исп.) Показать/скрыть карты Алькесар Алькесар Алькесар  Аудио, фото и видео на Викискладе Алькесар (исп.  Alquézar ) — муниципалитет в Испании, входит в провинцию Уэска, в составе автономного сообщества Арагон. Муниципалитет находится в составе района (комарки) Сомонтано-де-Барбастро. Занимает площадь 32,36 км². Население — 321 челове
                    Read more

                    Josef Freinademetz

                    Image
                    San Ujöp (Giuseppe/Josef) Freinademetz Josef Freinademetz in abiti cinesi   Religioso e missionario   Nascita 15 aprile 1852 Morte 28 gennaio 1908 Venerato da Chiesa cattolica Beatificazione 1975 Canonizzazione 5 ottobre 2003 Ricorrenza 28 gennaio Manuale Ujöp Freinademetz noto anche come Giuseppe o Josef Freinademetz (Oies, 15 aprile 1852 – Taikia, 28 gennaio 1908) è stato un presbitero austriaco, membro della Società del Verbo Divino, fu missionario in Cina; è venerato come santo dalla Chiesa cattolica. .mw-parser-output .citazione-table{margin-bottom:.5em;font-size:95%}.mw-parser-output .citazione-table td{padding:0 1.2em 0 2.4em}.mw-parser-output .citazione-lang{vertical-align:top}.mw-parser-output .citazione-lang td{width:50%}.mw-parser-output .citazione-lang td:first-child{padding:0 0 0 2.4em}.mw-parser-output .citazione-lang td:nth-child(2){padding:0 1.2em} «Io amo la Cina e i cinesi; voglio morire in mezzo a loro, e tra loro
                    Read more