[Freeipa-users] Sudo denied on first attempt, allowed on second attempt
Pavel Březina
pbrezina at redhat.com
Mon Feb 17 08:46:53 UTC 2014
On 02/16/2014 01:19 AM, Steve Dainard wrote:
> Just experienced the same issue on Fedora 20:
>
> [sdainard-admin at miovision.corp@fed20 ~]$ sudo systemctl stop firewalld
> [sudo] password for sdainard-admin at miovision.corp:
> sdainard-admin at miovision.corp is not allowed to run sudo on fed20. This
> incident will be reported.
> [sdainard-admin at miovision.corp@fed20 ~]$ sudo systemctl stop firewalld
> [sudo] password for sdainard-admin at miovision.corp:
> [sdainard-admin at miovision.corp@fed20 ~]$
>
> Sat Feb 15 19:10:30 2014 is the 2nd attempt in the logs (attached).
>
> /var/log/messages:
> Feb 15 19:10:31 fed20 systemd: Stopping firewalld - dynamic firewall
> daemon...
> Feb 15 19:10:31 fed20 systemd: Stopped firewalld - dynamic firewall daemon.
>
>
>
> *Steve Dainard *
> IT Infrastructure Manager
> Miovision <http://miovision.com/> | /Rethink Traffic/
>
> *Blog <http://miovision.com/blog> | **LinkedIn
> <https://www.linkedin.com/company/miovision-technologies> | Twitter
> <https://twitter.com/miovision> | Facebook
> <https://www.facebook.com/miovision>*
> ------------------------------------------------------------------------
> Miovision Technologies Inc. | 148 Manitou Drive, Suite 101, Kitchener,
> ON, Canada | N2C 1L3
> This e-mail may contain information that is privileged or confidential.
> If you are not the intended recipient, please delete the e-mail and any
> attachments and notify us immediately.
>
>
> On Fri, Feb 14, 2014 at 4:33 PM, Steve Dainard <sdainard at miovision.com
> <mailto:sdainard at miovision.com>> wrote:
>
> On a Ubuntu 13.10 client after configuring sssd to provide sudo
> service I left the client idle for a few hours. On returning, I
> unlocked the screensaver and did the following:
>
> sdainard-admin at miovision.corp@ubu1310:~$ sudo su
> [sudo] password for sdainard-admin at miovision.corp:
> sdainard-admin at miovision.corp is not allowed to run sudo on ubu1310.
> This incident will be reported.
> sdainard-admin at miovision.corp@ubu1310:~$ sudo su
> [sudo] password for sdainard-admin at miovision.corp:
> root at ubu1310:/home/miovision.corp/sdainard-admin#
>
> I haven't experienced this on a Fedora 20 or EL client so I'm
> guessing this is something specific to Ubuntu.
>
> I've attached the client sssd log if anyone can point me in the
> right direction.
>
> Thanks,
>
>
> *Steve Dainard *
> IT Infrastructure Manager
> Miovision <http://miovision.com/> | /Rethink Traffic/
>
> *Blog <http://miovision.com/blog> | **LinkedIn
> <https://www.linkedin.com/company/miovision-technologies> | Twitter
> <https://twitter.com/miovision> | Facebook
> <https://www.facebook.com/miovision>*
> ------------------------------------------------------------------------
> Miovision Technologies Inc. | 148 Manitou Drive, Suite 101,
> Kitchener, ON, Canada | N2C 1L3
> This e-mail may contain information that is privileged or
> confidential. If you are not the intended recipient, please delete
> the e-mail and any attachments and notify us immediately.
Hi,
provided logs did not reveal anything bad. Can you also attach
sssd_sudo.log, sssd_nss.log and sssd.conf please? Also what sssd and
sudo version do you run?
Is this always reproducible or it happens only sporadically?
Thanks.
More information about the Freeipa-users
mailing list