mirielka commented on a pull request """ This PR is not intended to fix a failing test, but fix their execution and error checking. The negative tests for sudorule in master and ipa-4-3 (both with sssd-1.14.1-1.fc24, see jenkins jobs for master  and ipa-4-3 ) return following message when trying to use sudo as a user that is not allowed to use sudo by current sudorule: ``` We trust you have received the usual lecture from the local System Administrator. It usually boils down to these three things: #1) Respect the privacy of others. #2) Think before you type. #3) With great power comes great responsibility. sudo: no tty present and no askpass program specified ``` As commented by pbrezina in SSSD ticket , this message is caused by missing sudorule "defaults" (correct one is "Sorry, user is not allowed to use sudo" or similar). Addition of this sudorule is the purpose of this PR. Also I added some checks to the contents of the error message so tests do not pass invalid error message as correct just because it has the same return code.
 http://jenkins.idm.lab.eng.brq.redhat.com:8080/view/FreeIPA%20Integration%20-%20master%20Fedora%2024/job/freeipa-timed-integration-f24master-sudo-domlevel-0/44/consoleFull  http://jenkins.idm.lab.eng.brq.redhat.com:8080/view/FreeIPA%20Integration%20-%20ipa-4-3%20Fedora%2024/job/freeipa-timed-integration-f24ipa43-sudo-domlevel-0/48/consoleFull  https://fedorahosted.org/sssd/ticket/3152 P.S.: for me, one test in both master and ipa-4-3 fail both before and after application of this change, I would discuss it off-list with you later when I'm investigating it. Of course with Fedora 24 and sssd-1.14.1-1.fc24. """ See the full comment at https://github.com/freeipa/freeipa/pull/27#issuecomment-243049417
-- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code