[Freeipa-users] Configure IPA 3.1.5 client for sudo?
JR Aquino
JR.Aquino at citrix.com
Tue Jun 25 20:19:11 UTC 2013
On Jun 25, 2013, at 2:52 AM, Martin Kosek <mkosek at redhat.com>
wrote:
> On 06/24/2013 03:36 PM, Rob Crittenden wrote:
>> Dean Hunter wrote:
>>> On Mon, 2013-06-24 at 09:07 +0300, Alexander Bokovoy wrote:
>>>> On Sun, 23 Jun 2013, Dean Hunter wrote:
>>>>> Section 14.4. Applying the Configured sudo Policies to Hosts of the
>>>>> FreeIPA Guide, Edition 3.1.5 in the Fedora 18 documentation contains
>>>>> only an example of configuring sudo for use with FreeIPA 2.2. It differs
>>>>> in many regards from QA:Testcase freeipav3 sudo sssd in the Wiki at
>>>>> fedoraproject.org.
>>>>>
>>>>> What instructions should I use to configure an IPA 3.1.5-1 client with
>>>>> sudo?
>>>> This thread should clear it up:
>>>> https://www.redhat.com/archives/freeipa-users/2013-June/msg00064.html
>>>>
>>>> This presentation covers current state:
>>>> http://www.freeipa.org/images/7/77/Freeipa30_SSSD_SUDO_Integration.pdf
>>>>
>>> Thank you for the prompt response! I really appreciate how helpful
>>> y'all are on this list. The slide presentation is especially useful
>>> because of all the explanation. Have you identified a target release for:
>>>
>>> 1) SSSD doesn't support FreeIPA as SUDO provider yet
>>
>> To clarify, this is just to make SSSD use the native IPA schema instead of
>> ou=sudoers. https://fedorahosted.org/sssd/ticket/1108
>
> Right. When talking about SUDO being able to select SSSD as a source database
> (instead of the native LDAP connection), this works already - SSSD reads
> ou=sudoers. There is an RFE ticket targeted to 3.4 already (it also contains
> steps how to configure it manually):
Is there a specific version of Sudo that supports nsswitch.conf having: sudo sss?
Is that version of Sudo available on RHEL?
>
> https://fedorahosted.org/freeipa/ticket/3358
>
>>
>>> 2) A command line tool to preform the client configuration
>>
>> https://fedorahosted.org/freeipa/ticket/3358
>>
>> rob
>>
>> _______________________________________________
>> Freeipa-users mailing list
>> Freeipa-users at redhat.com
>> https://www.redhat.com/mailman/listinfo/freeipa-users
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users
More information about the Freeipa-users
mailing list