[Freeipa-users] Sudo hangs after reenrollment of some servers in fresh IPA domain
Sina Owolabi
notify.sina at gmail.com
Thu Jun 4 15:10:14 UTC 2015
Hi Cory,
DNS is fine. The IPA server is the internal domains DNS server, and
the affected servers use it as easily as the other ipa clients.
On Thu, Jun 4, 2015 at 4:06 PM, Cory Carlton <cory at pithoslabs.com> wrote:
> I would check for DNS resolution from the machine executing the sudo, to the
> IPA server.
>
> On Thu, Jun 4, 2015 at 9:54 AM, Sina Owolabi <notify.sina at gmail.com> wrote:
>>
>> Hi
>>
>> I recently had to remove and reinstall a fresh IPA server. I am
>> currently re-enrolling all the ipa clients to the recently refreshed
>> domain (same name as the previous realm and domain). The new IPA
>> master is RHEL7.1 with IPA 4.1.3.
>>
>> All client servers are running RHEL6.6.
>>
>> I also have sudorule that allows a group to have access to run all
>> commands on all servers:
>>
>> Rule name: All
>> Enabled: TRUE
>> Host category: all
>> Command category: all
>> User Groups: superusers
>> Sudo Option: !authenticate
>> ----------------------------
>>
>> I noticed that trying to run sudo on a few of the servers makes the
>> command hang indefinitely.
>> I am not sure what is the cause and where to look. Please what can I
>> do to troubleshoot and fix this?
>>
>> --
>> Manage your subscription for the Freeipa-users mailing list:
>> https://www.redhat.com/mailman/listinfo/freeipa-users
>> Go to http://freeipa.org for more info on the project
>
>
More information about the Freeipa-users
mailing list