[Freeipa-users] sudo rules do not seem to work
Karl Forner
karl.forner at gmail.com
Tue Oct 6 16:28:14 UTC 2015
Hello,
I had assumed sudo rules worked because I have an "allow_all for admins"
sudo rule that seemed to work, but I wonder if there is an implicit rule
for the special group admins ?
Because I have tried to replicate this allow_all rule for for other user
groups, and it does not seem to work at all.
What's strange is that "sudo -l" report the appropriate rules, but they do
not work.
For instance, some users have: (ALL) ALL listed with sudo -l, but they can
not use sudo.
My user has:
(root) NOPASSWD: /usr/bin/git status, /usr/local/bin/git status
(ALL) ALL
(root) NOPASSWD: /bin/chgrp qbstaff *, /bin/chmod g[+-]* *, /bin/chmod
-R g[+-]* *
(ALL) NOPASSWD: /usr/bin/less
(ALL) ALL
but I'm prompted a password when doing "sudo /usr/bin/less".
How can I debug this ?
Best regards,
Karl
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20151006/9c75f1f7/attachment.htm>
More information about the Freeipa-users
mailing list