In the documentation for configuring sudo to use freeipa, it states that
you should edit /etc/nsswitch.conf and add sudoers_debug: 1. The problem
is that I can't find anything in the sudo documentation suggesting that
this debug line should be in nsswitch.conf, instead it seems to suggest
it should be in /etc/ldap.conf. Perhaps it can be in both, I am not
sure, but either the freeipa documentation is incorrect or the sudo
documentation is, or both, or neither :)

I can't seem to find where the debug logging goes to anyway, so testing
to see if one or the other location is correct is not possible for me
right now.

This all came about because the augeas lens for /etc/nsswitch.conf
chokes on the sudoers_debug line and in the course of trying to fix the
lens I couldn't find any docs supporting the concept that it should be
in nsswitch.conf.


Freeipa-devel mailing list

Reply via email to