[Freeipa-users] Error while Enrolling Client
Yogesh Sharma
yks0000 at gmail.com
Wed Aug 12 07:37:00 UTC 2015
Thanks Jakub/Lukas,
Setting the right cache timeout fix the issue. "man sssd-sudo" really
helped us. Thanks again for the suggestion.
*Best Regards,*
*__________________________________________*
*Yogesh Sharma*
*Email: yks0000 at gmail.com <yks0000 at gmail.com> | Web: www.initd.in
<http://www.initd.in/> *
*RHCE, VCE-CIA, RACKSPACE CLOUD U Certified*
<https://www.fb.com/yks0000> <http://in.linkedin.com/in/yks0000>
<https://twitter.com/checkwithyogesh>
<http://google.com/+YogeshSharmaOnGooglePlus>
On Wed, Aug 12, 2015 at 11:22 AM, Lukas Slebodnik <lslebodn at redhat.com>
wrote:
> On (11/08/15 20:53), Jakub Hrozek wrote:
> >On Tue, Aug 11, 2015 at 09:29:46PM +0530, Yogesh Sharma wrote:
> >> Yes Jakub...That was the issue. We have fixed it and update to List.
> >>
> >> Thanks Jakub.
> >>
> >> Would like to have one suggestion.
> >>
> >> We have implemented sudo, but every time we need to restart sssd to take
> >> the changes. We have try implementing the cache timeout also, but not
> >> working as expected.
> >>
> >> Any other config changes required?
> >
> >No, this is not expected. Can you get logs after you've added the sudo
> >rule but before the client is restarted in order to capture the issue?
> >It would be best to add debug_level=7 to sudo, nss and domain sections.
> >
> I thought it is an side effect of sudo rule caching mechanism
> and periodic tasks. So it might be an expected behaviour.
>
> Periodic task are fired few seconds after start of sssd.
> It might explain why restarting sssd works.
>
> @see more details in man sssd-sudo -> "THE SUDO RULE CACHING MECHANISM"
>
> LS
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20150812/dd1a9e03/attachment.htm>
More information about the Freeipa-users
mailing list