[Freeipa-users] sudo without the !authenticate
Dmitri Pal
dpal at redhat.com
Mon Sep 1 16:47:28 UTC 2014
On 09/01/2014 06:17 PM, Rob Verduijn wrote:
> Hello,
>
> I've a freeipa running on fedora 20 with fedora 20 clients.
>
> When I configure sudo with the !authenticate option, everything works
> fine.
> ie 'sudo journalctl' works fine, you get to see the logs
>
> However when I remove the !authenticate option the sudo command asks
> for a password but it always fails.
>
> In the logs it says that authentication succes
> but it is followed by the line access denied.
>
> What could be causing this ?
>
> Rob
>
>
>
Probably access control. Do you have HBAC rules defined? Do they allow
user to do sudo operations?
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20140901/779fccf3/attachment.htm>
More information about the Freeipa-users
mailing list