[Freeipa-users] Sudo hangs after reenrollment of some servers in fresh IPA domain
Martin Kosek
mkosek at redhat.com
Thu Jun 4 15:10:34 UTC 2015
On 06/04/2015 05:06 PM, Cory Carlton wrote:
> I would check for DNS resolution from the machine executing the sudo, to
> the IPA server.
I would also suggest cleaning SSSD caches, since you reinstalled against the
same domain, but actually different server (/var/lib/sss/db/)
> On Thu, Jun 4, 2015 at 9:54 AM, Sina Owolabi <notify.sina at gmail.com> wrote:
>
>> Hi
>>
>> I recently had to remove and reinstall a fresh IPA server. I am
>> currently re-enrolling all the ipa clients to the recently refreshed
>> domain (same name as the previous realm and domain). The new IPA
>> master is RHEL7.1 with IPA 4.1.3.
>>
>> All client servers are running RHEL6.6.
>>
>> I also have sudorule that allows a group to have access to run all
>> commands on all servers:
>>
>> Rule name: All
>> Enabled: TRUE
>> Host category: all
>> Command category: all
>> User Groups: superusers
>> Sudo Option: !authenticate
>> ----------------------------
>>
>> I noticed that trying to run sudo on a few of the servers makes the
>> command hang indefinitely.
>> I am not sure what is the cause and where to look. Please what can I
>> do to troubleshoot and fix this?
>>
>> --
>> Manage your subscription for the Freeipa-users mailing list:
>> https://www.redhat.com/mailman/listinfo/freeipa-users
>> Go to http://freeipa.org for more info on the project
>>
>
>
>
More information about the Freeipa-users
mailing list