[Freeipa-users] Sudo Rule Command Line Option Arguments (Solved)

Rob Crittenden rcritten at redhat.com
Thu Mar 13 13:51:48 UTC 2014 

Rashard.Kelly at sita.aero wrote:
> The command had not been added into the sudocmd database.
>
>     member sudo command: /usr/bin/yum --disableexcludes=all localinstall
> example*: no such entry
>
> I think this error should point to someone checking to make sure the
> sudo command had been created, something along the lines of "no sudocmd
> entry defined yet" vs "no such entry" would improve workflow for people
> stuck using the CMD.

Yes, having more specific "not found" errors might be nice. I believe we 
percolate this error up directly from LDAP. Can you open a trac ticket 
on this?

rob

>
>
> Thank You,
> *Rashard Kelly**
> *
>
>
>
> From: Rashard Kelly/Atlanta/SITA/WW
> To: freeipa-users at redhat.com
> Date: 03/12/2014 11:47 AM
> Subject: Sudo Rule Command Line Option Arguments
> ------------------------------------------------------------------------
>
>
> What is the correct way to add a flag inside a sudo command that will be
> added to a command group? When adding commands with no flags I have no
> issue such as "/usr/bin/yum info example*" but when I try to add options
> to the command like this "/usr/bin/yum --disableexcludes=all
> localinstall example*", It does not work even when escaping items like
> --. How does IPA handle a request like that?
>
> ipa-client-3.0.0-37.el6.x86_64
>
> [rkelly at hostname /]$ ipa sudocmdgroup-add-member --sudocmds
> "/usr/bin/yum --disableexcludes=all localinstall example*" yumsita
>    Sudo Command Group: yumexample
>    Description: Yum install Priviledges for example.com specific packages
>    Member Sudo commands: /usr/bin/yum info example*, /usr/bin/yum update
> example*,
>              /usr/bin/yum remove example*, /usr/bin/yum install
>              example*, /usr/bin/yum localinstall example*, /usr/bin/yum
>              localupdate example*
>    Failed members:
>      member sudo command: /usr/bin/yum --disableexcludes=all
> localinstall example*: no such entry
> -------------------------
> Number of members added 0
> -------------------------
>
>
> Thank You,
> *Rashard Kelly**
> *
>
> This document is strictly confidential and intended only for use by the
> addressee unless otherwise stated. If you are not the intended
> recipient, please notify the sender immediately and delete it from your
> system. See you at 2014 Air Transport IT Summit, 17-19 June 2014 Click
> here to register http://www.sitasummit.aero
>
>
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users
>

More information about the Freeipa-users mailing list