[Freeipa-users] Sudo options
JR Aquino
JR.Aquino at citrix.com
Wed Jan 18 20:50:31 UTC 2012
On Jan 18, 2012, at 11:47 AM, Erinn Looney-Triggs wrote:
> I can't really figure out what the proper syntax is for the sudo rules
> in IPA. I have a number of options that I would like included by
> default, I have put them in place, from ipa sudorule-show:
>
> Sudo Option: env_keep = "LESSSECURE", env_reset, mail_badpass,
> mail_no_host, mail_no_perms, syslog = local2
It looks to be getting confused by the whitespace.
Remove the whitespace for env_keep = "LESSSECURE" & syslog = local2 to:
env_keep="LESSSECURE"
syslog=local2
Let me know if that helps.
Also, can you post a compare against:
ipa sudorule-show defaults
vs
<a host you want to run sudo on> $ sudo -l
>
> This doesn't appear to work, when sudo is run:
>
> sudo: unknown defaults entry `env_keep '
> sudo: unknown defaults entry `mail_badpass, mail_no_host, mail_no_perms,
> syslog '
>
> One thing that jumps out at me is that the '= whatever' portion is not
> being maintained.
>
> The directions in the IDM guide are less than clear, simply referencing
> the sudoers page for options. These are all valid sudo options, this is
> basically a straight port over from a sudoers file.
>
> So anyone have any experience doing this bit?
>
> -Erinn
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users
More information about the Freeipa-users
mailing list