[Freeipa-users] Setting up sudo in FreeIPA v2.2
Toasted Penguin
toastedpenguininfo at gmail.com
Tue Oct 16 21:24:30 UTC 2012
I have the server setup to manage sudo and I configured a target client to
use the IPA server for sudo. When a user tries to use sudo (in this case
"sudo su -") it fails and they get the error "user is not allowed to run
sudo on client-host. This incident will be reported." I verified via the
log files that the client is making requests to the IPA server when the
user is attemping to use sudo and it fails. I temporarily disabled using
the IPA server for sudo and I get the standard "User not in the sudoers
file...."
Its starting to look like the server rules maybe the issue but I believe I
have the sudo rule setup correctly. I created a sudo command "/bin/su",
created a sudo rule "Sudo to root" , added the group the user in question
is a part of to the WHO-->User Groups; Added the Host Group the target
client host is part of to Access This Host-->Host Groups and added the sudo
command to the sudo rule via Allow-->Sudo Allow Commands. When I delete
the sudo rule I get the same result as I did when I temporarily disbled the
client host using tghe IPA server for sudo verification.
Any ideas why or where to look to figure out this issue?
Thanks,
David
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20121016/87ba765e/attachment.htm>
More information about the Freeipa-users
mailing list