[Freeipa-users] SUDO options on freeipa
Rob Crittenden
rcritten at redhat.com
Tue Dec 9 22:31:38 UTC 2014
William Muriithi wrote:
> Afternoon
>
> I have the following commands and I need to set up for Jenkins to run through sudo. For this to work, I need to add two sudo options, no password and no requiretty
>
> Is this something supported by IPA version ipa-server-3.3.3-28.el7_0.3.x86_64 ? I can't seem to get it working and there is very little documentation on sudo options with IPA on the web.
>
>
> ipa sudorule-add jenkins --desc "Allow jenkins to deploy jboss, imageserver and fileserver on all the systems"
>
> ipa sudocmdgroup-add-member --sudocmds '/sbin/service jboss start' jenkins_commands
> ipa sudocmdgroup-add-member --sudocmds '/sbin/service jboss stop' jenkins_commands
>
> [root at ipa3-yyz-int ~]# ipa sudorule-add-option jenkins_commands --sudooption !authenticate
> -bash: !authenticate: event not found
>
> [root at ipa3-yyz-int ~]# ipa sudorule-add-option jenkins_commands
> Sudo Option: !requiretty
> ipa: ERROR: no such entry
>
> What is the proper way of handling SUDO options with ipa?
Bash is interpreting the bang, put single quotes around the options and
it should work.
rob
More information about the Freeipa-users
mailing list