[Freeipa-users] FreeIPA, version: 4.1.0 and sudo configuration
Jakub Hrozek
jhrozek at redhat.com
Wed Apr 8 07:40:24 UTC 2015
On Wed, Apr 08, 2015 at 09:25:33AM +0200, Chamambo Martin wrote:
> Good day
>
> I am running FreeIPA, version: 4.1.0 and everything is working well except
> SUDO configuration.
>
> I have 3 questions
>
> 1: I have configured the bare minimum sudo configuration without
> hostgroups and netgroups , just sudo commands and sudo command groups that
> have been added as sudo rules .....this should work right
> 2: I have centos 6.6 and redhat 6.6 clients using the sssd
> service ,is that enough for sudo to work if the configs are as below
Didn't you start exactly the same thread yesterday? :-)
Can you provide the sudo responder logs as we asked yesterday?
>
>
> cat /etc/nsswitch.conf
>
> sudoers: files sss
>
> cat /etc/sssd/sssd.conf
>
> [domain/ai.co.zw]
>
> debug_level=6
> cache_credentials = True
> krb5_store_password_if_offline = True
> ipa_domain = ai.co.zw
> id_provider = ipa
> auth_provider = ipa
> access_provider = ipa
> ipa_hostname = ironhide.ai.co.zw
> chpass_provider = ipa
> ipa_server = _srv_, cyclops.ai.co.zw
> ldap_tls_cacert = /etc/ipa/ca.crt
>
> [sssd]
> services = nss, sudo, pam, ssh
> config_file_version = 2
>
>
> domains = ai.co.zw
> [nss]
> homedir_substring = /home
>
> [pam]
>
> [sudo]
>
> [autofs]
>
> [ssh]
>
>
>
>
>
>
> --
> Manage your subscription for the Freeipa-users mailing list:
> https://www.redhat.com/mailman/listinfo/freeipa-users
> Go to http://freeipa.org for more info on the project
More information about the Freeipa-users
mailing list