[Freeipa-users] sudo rules question on ubuntu 16.0.1

Fri Aug 12 13:58:39 UTC 2016

On Fri, Aug 12, 2016 at 08:53:53AM -0400, Jeff Goddard wrote:
> Jakub,
> 
> Here is the log file output:

How is the sudorule defined?

> Aug 12 08:45:00 sudo[31732] user_in_group: user jgoddard NOT in group admin
> Aug 12 08:45:00 sudo[31732] <- user_in_group @
> /build/sudo-L2mAoN/sudo-1.8.16/plugins/sudoers/pwutil.c:855 := false
> Aug 12 08:45:00 sudo[31732] user jgoddard matches group admin: false @
> usergr_matches() /build/sudo-L2mAoN/sudo-1.8.16/plugins/sudoers/match.c:940
> Aug 12 08:45:00 sudo[31732] <- usergr_matches @

Here it looks like sudo tried to match user's groups against the groups
allowed to run sudo and admin didn't match.