[Freeipa-users] Sudo configuration question
Jan Zelený
jzeleny at redhat.com
Wed Dec 21 07:27:54 UTC 2011
> I have been working through configuring sudo via IPA and ran into the
> following situation.
>
> There is a directive in the documentation to configure
> /etc/sssd/sssd.conf on the clients with something like the following:
>
> ldap_netgroup_search_base = cn=ng,cn=compat,dc=example,dc=com
>
>
> This is pulled from the docse here for reference:
> http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Identity_
> Management_Guide/example-configuring-sudo.html
>
> This is fine and causes no problems, however, when I mistakenly left it
> out on a few systems, sudo continued to function, so I am wondering what
> it is that this directive does? Does this get sssd into the loop to
> cache sudo rules for offline use?
Support for SUDO in SSSD has been added just about a week ago into master
branch and is considered experimental right now. And as I understand it, the
support in SUDO itself is still not entirely complete. So the simple answer
is: hang on, the support is coming.
Jan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part.
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20111221/689aefb3/attachment.sig>
More information about the Freeipa-users
mailing list