[Freeipa-users] Sudo Rule Command Line Option Arguments (Solved)

Petr Spacek pspacek at redhat.com
Thu Mar 13 15:12:06 UTC 2014 

On 13.3.2014 15:59, Rashard.Kelly at sita.aero wrote:
> I would be happy to open a ticket, where do I go to do that?
https://fedorahosted.org/freeipa/newticket

You need an Fedora account to open a new ticket:
https://admin.fedoraproject.org/accounts/user/new

Petr^2 Spacek

> From:   Rob Crittenden <rcritten at redhat.com>
> To:     Rashard.Kelly at sita.aero, freeipa-users at redhat.com
> Date:   03/13/2014 09:52 AM
> Subject:        Re: [Freeipa-users] Sudo Rule Command Line Option
> Arguments (Solved)
>
>
>
> Rashard.Kelly at sita.aero wrote:
>> The command had not been added into the sudocmd database.
>>
>>      member sudo command: /usr/bin/yum --disableexcludes=all localinstall
>> example*: no such entry
>>
>> I think this error should point to someone checking to make sure the
>> sudo command had been created, something along the lines of "no sudocmd
>> entry defined yet" vs "no such entry" would improve workflow for people
>> stuck using the CMD.
>
> Yes, having more specific "not found" errors might be nice. I believe we
> percolate this error up directly from LDAP. Can you open a trac ticket
> on this?
>
> rob
>
>>
>>
>> Thank You,
>> *Rashard Kelly**
>> *
>>
>>
>>
>> From: Rashard Kelly/Atlanta/SITA/WW
>> To: freeipa-users at redhat.com
>> Date: 03/12/2014 11:47 AM
>> Subject: Sudo Rule Command Line Option Arguments
>> ------------------------------------------------------------------------
>>
>>
>> What is the correct way to add a flag inside a sudo command that will be
>> added to a command group? When adding commands with no flags I have no
>> issue such as "/usr/bin/yum info example*" but when I try to add options
>> to the command like this "/usr/bin/yum --disableexcludes=all
>> localinstall example*", It does not work even when escaping items like
>> --. How does IPA handle a request like that?
>>
>> ipa-client-3.0.0-37.el6.x86_64
>>
>> [rkelly at hostname /]$ ipa sudocmdgroup-add-member --sudocmds
>> "/usr/bin/yum --disableexcludes=all localinstall example*" yumsita
>>     Sudo Command Group: yumexample
>>     Description: Yum install Priviledges for example.com specific
> packages
>>     Member Sudo commands: /usr/bin/yum info example*, /usr/bin/yum update
>> example*,
>>               /usr/bin/yum remove example*, /usr/bin/yum install
>>               example*, /usr/bin/yum localinstall example*, /usr/bin/yum
>>               localupdate example*
>>     Failed members:
>>       member sudo command: /usr/bin/yum --disableexcludes=all
>> localinstall example*: no such entry
>> -------------------------
>> Number of members added 0
>> -------------------------


-- 
Petr^2 Spacek

More information about the Freeipa-users mailing list