[Freeipa-users] sudo sometimes doesn't work
Jakub Hrozek
jhrozek at redhat.com
Mon Jan 30 08:38:04 UTC 2017
On Fri, Jan 27, 2017 at 02:15:16PM -0700, Orion Poplawski wrote:
> EL7.3
> Users are in active directory via AD trust with IPA server
>
> sudo is configured via files - users in our default "nwra" group can run
> certain sudo commands, e.g.:
>
> Cmnd_Alias WAKEUP = /sbin/ether-wake *
> %nwra,%visitor,%ivm ALL=NOPASSWD: WAKEUP
>
> However, sometimes when I run sudo /sbin/ether-wake I get prompted for my
> password. Other times it works fine. I've attached some logs from failed
> attempt.
So the sudo command is successfull in the end, it 'just' prompts for a
password?
I think the sudo logs would be the most important part here, see:
https://fedorahosted.org/sssd/wiki/HOWTO_Troubleshoot_SUDO
there is a section called ' a) How do I get sudo logs?' that explains
how to generate them..
More information about the Freeipa-users
mailing list