On 03/03/2014 08:24 PM, Tomas Babej wrote: > Hi, > > Makes ipa-client-install configure SSSD as the data provider > for the sudo service by default. This behaviour can be disabled > by using --no-sudo flag. > > https://fedorahosted.org/freeipa/ticket/3358
By the way when I was discussing this ticket with Jan Pazdziora, he had a good suggestion that it would be nice if we have a test for sudo integration. Given that SUDO management in FreeIPA is pretty widely used and given that this ticket now makes it much more easier to configure and use it, it would be nice to make our best to avoid breaking it upstream. Having an integration test which would add some sudo rules, some targeted directly on the given host entry, some targeted on a hostgroup with that entry and then testing if "sudo -l" gives correct results would be great. If we also test the more complicated SUDO options like -runasuser, -runasgroup with isolated user/group, it would be great. I am not sure if ipatests/test_xmlrpc/test_sudorule_plugin.py should be extended to also do the functional checks or if there should be a separate test, I will leave that up to you and Petr (CCed). Martin _______________________________________________ Freeipa-devel mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-devel
