[Freeipa-users] IPA Sudo - RHEL5
Stephen Gallagher
sgallagh at redhat.com
Wed Feb 1 12:35:33 UTC 2012
On Wed, 2012-02-01 at 08:51 +0100, Westerlund Johnny wrote:
> Hey all,
>
> I've been running IPA on a RHEL6.2 and so far it's looking great. HBAC
> is awsome. The other machines in the domain is another RHEL 6.2 and one
> RHEL 5.7.
>
> I've also configured SUDO and it was working great on all machines. But
> thats changed now. The RHEL 6.2 and the ipaserver itself (also rhel6.2)
> works great. But the RHEL 5.7 stopped working the other day, and
> nothing i do can make it work again.
>
> I've followed the documentation at:
> http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Identity_Management_Guide/sudo.html
> But i just cant seem to find the problem, so i'm starting to wonder if
> it broke when i patched the system the other day.
>
> Both login and HBAC rules seem to work fine on the 5.7 box, but not
> SUDO. I've tried running the sssd daemon interactivly and in debug
> mode (sssd -i -d6) but it's hard to know what to look for. Anyone able
> to give some troubleshooting tips?
SUDO support doesn't go through SSSD[1]. It uses its own internal LDAP
driver to talk to FreeIPA. So if you're suddenly having trouble there,
I'd look into the sudo package.
[1] This is a feature we're working on for Fedora and will be coming in
future versions of RHEL 6, but probably not for RHEL 5
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20120201/88820551/attachment.sig>
More information about the Freeipa-users
mailing list