[Freeipa-users] [FreeIPA 4.3.0] CentOS 6.8 sudo fails
Nathan Peters
Nathan.Peters at globalrelay.net
Mon Jun 13 21:15:26 UTC 2016
==== on domain controller =======
[nathan.peters at dc2 ~]$ getent group deployment_engineer
[nathan.peters at dc2 ~]$ getent group sysadmins
[nathan.peters at dc2 ~]$ id nathan.peters
uid=756600344(nathan.peters) gid=756600344(nathan.peters) groups=756600344(nathan.peters),756600000(admins)
[nathan.peters at dc2 ~]$
===== on client =====
[nathan.peters at kafka1 ~]$ id nathan.peters
uid=756600344(nathan.peters) gid=756600344(nathan.peters) groups=756600344(nathan.peters),756600000(admins)
[nathan.peters at kafka1 ~]$ getent group deployment_engineer
[nathan.peters at kafka1 ~]$ getent group sysadmins
-----Original Message-----
From: Lukas Slebodnik [mailto:lslebodn at redhat.com]
Sent: Monday, June 13, 2016 1:54 PM
To: Nathan Peters
Cc: freeipa-users at redhat.com
Subject: Re: [Freeipa-users] [FreeIPA 4.3.0] CentOS 6.8 sudo fails
On (13/06/16 20:24), Nathan Peters wrote:
>Taking a second look at the sudo debugging logs : it looks like it
>can't figure out that I'm in the right group ?
>
>According to :
>https://fedorahosted.org/sssd/wiki/HOWTO_Troubleshoot_SUDO
>those next 2 lines should be true ?
>
That's exactly a reason why I asked for output of ipa commands for groups deployment_engineer and sysadmins.
What is and output of:
* id nathan.peters
* getent group deployment_engineer
* getent group sysadmins
You might try to run it on ipa server and ipa client(CentOS 6.8)
LS
More information about the Freeipa-users
mailing list