<div dir="ltr"><div><div><div><div>Hi,<br></div>lately I spent some time with debugging sudo, what I ended up with was:<br></div>I created sudo rule in ipa called defaults with sudo option fqdn. defaults is being checked by sssd as default setting.<br>
<br></div>I set up NIS domain on hosts same as ipa domain. See getent netgroup <hostgroup><br><br></div>sudo seems to work fine.<br></div><div class="gmail_extra"><br><br><div class="gmail_quote">On Wed, Jun 5, 2013 at 9:45 PM, Dmitri Pal <span dir="ltr"><<a href="mailto:dpal@redhat.com" target="_blank">dpal@redhat.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000"><div class="im">
On 06/05/2013 11:20 AM, KodaK wrote:
<blockquote type="cite">I know this has been discussed before, but I didn't
see anything with a cursory search.
<div><br>
</div>
<div>There are bugs when using user and host groups with sudo
rules. I have to split out my users and hosts into individual
entries. I'm running ipa 3.0.0-26 on RHEL.</div>
<div><br>
</div>
<div>All I really want to know is if this is fixed upstream.</div>
<div><br>
</div>
</blockquote>
<br></div>
I am not sure I recall a bug you are referring to. A quick scan
against the open tickets does not reveal anything like what you
describe.<br>
Can you provide the description of the issue or point to the earlier
thread on the matter? <br>
<br>
<blockquote type="cite"><div class="im">
<div>Thanks,</div>
<div><br>
</div>
<div>--Jason<br clear="all">
<div><br>
</div>
-- <br>
The government is going to read our mail anyway, might as well
make it tough for them. GPG Public key ID: B6A1A7C6
</div>
<br>
<fieldset></fieldset>
<br>
</div><pre>_______________________________________________
Freeipa-users mailing list
<a href="mailto:Freeipa-users@redhat.com" target="_blank">Freeipa-users@redhat.com</a>
<a href="https://www.redhat.com/mailman/listinfo/freeipa-users" target="_blank">https://www.redhat.com/mailman/listinfo/freeipa-users</a></pre><span class="HOEnZb"><font color="#888888">
</font></span></blockquote><span class="HOEnZb"><font color="#888888">
<br>
<br>
<pre cols="72">--
Thank you,
Dmitri Pal
Sr. Engineering Manager for IdM portfolio
Red Hat Inc.
-------------------------------
Looking to carve out IT costs?
<a href="http://www.redhat.com/carveoutcosts/" target="_blank">www.redhat.com/carveoutcosts/</a>
</pre>
</font></span></div>
<br>_______________________________________________<br>
Freeipa-users mailing list<br>
<a href="mailto:Freeipa-users@redhat.com">Freeipa-users@redhat.com</a><br>
<a href="https://www.redhat.com/mailman/listinfo/freeipa-users" target="_blank">https://www.redhat.com/mailman/listinfo/freeipa-users</a><br></blockquote></div><br></div>