[Freeipa-users] Duplicate sudo rule
Martin Basti
mbasti at redhat.com
Mon Feb 22 17:01:03 UTC 2016
On 22.02.2016 15:55, Alexandre Ellert wrote:
> I create another rule via web UI and it's fine now...don't remember
> why the first one was duplicated.
> Is it safe to delete these entries directly from LDAP ? :
> ipaUniqueID=faac52c8-d96d-11e5-b61d-00505693334c,cn=sudorules,cn=sudo,dc=xxx,dc=xxx
> and
> ipaUniqueID=faa8de54-d96d-11e5-b75f-00505693334c,cn=sudorules,cn=sudo,dc=xxx,dc=xxx
Hello,
yes, it is safe to remove it by ldapdelete
Martin
>
> 2016-02-22 15:34 GMT+01:00 Alexandre Ellert <ellertalexandre at gmail.com>:
>> Hello,
>>
>> I've just deployed a new IPA server 4.2 / Centos 7.2 and I create my
>> first sudo rule via web UI but it was duplicate (I don't know why...)
>> Now I have two rules with the same name and I can't delete them :
>>
>> # ipa sudorule-find --all
>> --------------------
>> 2 Sudo Rules matched
>> --------------------
>> dn: ipaUniqueID=faa8de54-d96d-11e5-b75f-00505693334c,cn=sudorules,cn=sudo,dc=numeezy,dc=intra
>> Rule name: allow sysadmins everywher
>> Enabled: TRUE
>> ipauniqueid: faa8de54-d96d-11e5-b75f-00505693334c
>> objectclass: ipasudorule, ipaassociation
>>
>> dn: ipaUniqueID=faac52c8-d96d-11e5-b61d-00505693334c,cn=sudorules,cn=sudo,dc=numeezy,dc=intra
>> Rule name: allow sysadmins everywher
>> Enabled: TRUE
>> ipauniqueid: faac52c8-d96d-11e5-b61d-00505693334c
>> objectclass: ipasudorule, ipaassociation
>> ----------------------------
>> Number of entries returned 2
>> ----------------------------
>>
>> # ipa sudorule-del "allow sysadmins everywher"
>> ipa: ERROR: The search criteria was not specific enough. Expected 1 and found 2.
>>
>> Thanks for your help.
>>
>> Alexandre
More information about the Freeipa-users
mailing list