<div dir="ltr"><span style="font-size:12.8px;background-color:rgb(255,255,255)"><font color="#000000">Hi List,</font></span><div style="font-size:12.8px"><span style="background-color:rgb(255,255,255)"><font color="#000000"><br></font></span></div><div style="font-size:12.8px"><span style="background-color:rgb(255,255,255)"><font color="#000000">please help me to implement sudo rules.</font></span></div><div style="font-size:12.8px"><span style="background-color:rgb(255,255,255)"><font color="#000000"><br></font></span></div><div style="font-size:12.8px"><span style="background-color:rgb(255,255,255)"><font color="#000000">i have did below steps and still not working for me.</font></span></div><div style="font-size:12.8px"><span style="background-color:rgb(255,255,255)"><font color="#000000"><br></font></span></div><div style="font-size:12.8px"><span style="background-color:rgb(255,255,255)"><font color="#000000">1. created "<span style="font-family:"open sans",helvetica,arial,sans-serif">Sudo Command Groups"</span></font></span></div><div style="font-size:12.8px"><span style="font-family:"open sans",helvetica,arial,sans-serif;background-color:rgb(255,255,255)"><font color="#000000">2. Added some command (/bin/yum) and included in sudo group</font></span></div><div style="font-size:12.8px"><span style="font-family:"open sans",helvetica,arial,sans-serif;background-color:rgb(255,255,255)"><font color="#000000">3. created "sudo Rule" on that</font></span></div><div style="font-size:12.8px"><span style="color:rgb(0,0,0);font-size:12.8px;font-family:"open sans",helvetica,arial,sans-serif">    * added sudo Option as "</span><span style="color:rgb(0,0,0);font-family:"open sans",helvetica,arial,sans-serif;font-size:12px">!authenticate"</span></div><div style="font-size:12.8px"><span style="font-family:"open sans",helvetica,arial,sans-serif;font-size:12px;background-color:rgb(255,255,255)"><font color="#000000">      * Added User Group.</font></span></div><div style="font-size:12.8px"><span style="font-family:"open sans",helvetica,arial,sans-serif;font-size:12px;background-color:rgb(255,255,255)"><font color="#000000">      * Added one Host</font></span></div><div style="font-size:12.8px"><span style="font-family:"open sans",helvetica,arial,sans-serif;font-size:12px;background-color:rgb(255,255,255)"><font color="#000000">      * And under Run command, selected the Sudo Rule Group.</font></span></div><div><span style="font-size:12px;font-family:"open sans",helvetica,arial,sans-serif;background-color:rgb(255,255,255)"><font color="#000000">4. entry on nsswitch.conf : </font></span><font color="#000000" face="open sans, helvetica, arial, sans-serif"><span style="font-size:12px">sudoers: files sss</span></font></div><div><font color="#000000" face="open sans, helvetica, arial, sans-serif"><span style="font-size:12px">5. entry on sssd.conf : services = nss, sudo, pam, ssh</span></font></div><div><font color="#000000" face="open sans, helvetica, arial, sans-serif"><span style="font-size:12px"><br></span></font></div><div><font color="#000000" face="open sans, helvetica, arial, sans-serif"><span style="font-size:12px">and i tried removing "</span></font><span style="color:rgb(0,0,0);font-family:"open sans",helvetica,arial,sans-serif;font-size:12px">!authenticate" and changed to </span><span style="color:rgb(51,51,51);font-family:"open sans",helvetica,arial,sans-serif;font-size:12px;font-weight:600">Anyone, </span><span style="color:rgb(51,51,51);font-family:"open sans",helvetica,arial,sans-serif;font-size:12px;font-weight:600">Any Host and </span><span style="font-weight:600">Any Command,</span></div><div><span style="font-weight:600">Also under As Whom to </span><span style="font-weight:600">Anyone and </span><span style="font-weight:600">Any Group</span></div><li style="box-sizing:border-box;display:inline;margin-right:8px"><span class="gmail-undefined-cnt" style="box-sizing:border-box"><input id="gmail-1ipasudorunasgroupcategory18" type="radio" name="ipasudorunasgroupcategory18" value="" title="" style="font-style:inherit;font-variant:inherit;font-weight:inherit;font-stretch:inherit;font-size:inherit;font-family:inherit;padding:0px;display:inline;overflow:hidden;border-width:0px;outline:0px;opacity:0"><label title="" for="1ipasudorunasgroupcategory18" style="box-sizing:border-box;display:inline-block;margin:0px;font-weight:600;padding:0px;color:rgb(51,51,51);font-family:"open sans",helvetica,arial,sans-serif;font-size:12px"></label></span></li><div><span style="font-size:12px;color:rgb(0,0,0);font-family:"open sans",helvetica,arial,sans-serif">I tried logout and login again on client with IPA user which is member of user group. </span><br></div><div style="font-size:12.8px"><font face="open sans, helvetica, arial, sans-serif" color="#000000"><span style="font-size:12px;background-color:rgb(255,255,255)"><br></span></font></div><div style="font-size:12.8px"><font face="open sans, helvetica, arial, sans-serif" color="#000000"><span style="font-size:12px;background-color:rgb(255,255,255)">When i am running yum, getting error that user is not allowed to execute command.</span></font></div><div style="font-size:12.8px"><font face="open sans, helvetica, arial, sans-serif" color="#000000"><span style="font-size:12px;background-color:rgb(255,255,255)"><br></span></font></div><div style="font-size:12.8px"><font face="open sans, helvetica, arial, sans-serif" color="#000000"><span style="font-size:12px;background-color:rgb(255,255,255)"><br></span></font></div><div style="font-size:12.8px"><font face="open sans, helvetica, arial, sans-serif" color="#000000"><span style="font-size:12px;background-color:rgb(255,255,255)">Please anyone help to correct my steps.</span></font></div><div style="font-size:12.8px"><font face="open sans, helvetica, arial, sans-serif" color="#000000"><span style="font-size:12px;background-color:rgb(255,255,255)"><br></span></font></div><div style="font-size:12.8px"><font face="open sans, helvetica, arial, sans-serif" color="#000000"><span style="font-size:12px;background-color:rgb(255,255,255)">Regards</span></font></div><div style="font-size:12.8px"><font face="open sans, helvetica, arial, sans-serif" color="#000000"><span style="font-size:12px;background-color:rgb(255,255,255)">Ben</span></font></div></div>