[Freeipa-users] Sudo works for full access, but not on a per command or host level.
Macklin, Jason
jason.macklin at roche.com
Mon Oct 15 20:34:05 UTC 2012
Hi,
I apologize up front if this is obvious, but I'm having issues configuring sudo privileges.
I currently have an IPA server running FreeIPA 2.2 with sudo configured for our administrators on all hosts. This works fantastic! As soon as I attempt to configure a more specific sudo rule it does not work. In my troubleshooting, I have noticed that from the same host my admin level privileges work, but with another user account setup to just run one command, it fails. I have turned on sudo debugging and the only thing I can find that looks out of sorts is the following:
sudo: host_matches=0
As soon as I move the user account that is failing into the admin group it starts to work.
I have attempted every iteration of sudo configuration on the server that I can think of. I have setup HBAC and given that a shot as well. At this point I'm completely stumped and would appreciate any help that I can get!
Thank you in advance for your assistance,
Jason
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20121015/20b037ff/attachment.htm>
More information about the Freeipa-users
mailing list