[Freeipa-users] sudo rules question on ubuntu 16.0.1
Sean Hogan
schogan at us.ibm.com
Wed Aug 10 18:04:24 UTC 2016
Not sure it is the same as 14.X but I had to add the sudo in the list of
services to sssd.conf as it was not put in by default. I am by no means an
expert on it but my own personal experience with 14.x
Sean Hogan
From: Jeff Goddard <jgoddard at emerlyn.com>
To: freeipa-users at redhat.com
Date: 08/10/2016 10:52 AM
Subject: [Freeipa-users] sudo rules question on ubuntu 16.0.1
Sent by: freeipa-users-bounces at redhat.com
I've got a freeipa domain and many centos 7.2 clients. I also have a sudo
rule that allows member of the developer group sudo rights on virtual
servers in the "development" group. This works great on the centos servers.
However, I recently set up 3 ubuntu boxes, and added them to the IPA domain
and then to the "development" group. My sudo rules fail. I've enabled
debugging and I see in the /var/log/sssd/sssd_sudo.log that the clients
connects to the server, identifies group memberships, and finally prints
"returning 1 rules for [user at domain.com]. We only have the single rule so I
can't figure out why it's not working. Can someone point me in the correct
direction?
Thanks,
Jeff
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20160810/adb78016/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: graycol.gif
Type: image/gif
Size: 105 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20160810/adb78016/attachment.gif>
More information about the Freeipa-users
mailing list