On Mon, 2017-09-25 at 11:00 -0400, Rob Crittenden wrote:
> I'd refer you to the SECURITY NOTES in the sudoers man page to
> reconsider this approach.
You're referring to giving sudo to all commands and then trying to take
some things away? Ya, it's stupid, doesn't actually work and I don't
know why it's setup like this (it's from before my time here). I'm
going to attempt convincing the organization to change it.
For now, we're just testing out if our current crappy rule sets can be
replicated within freeipa.
Thanks for pointing it out, though! I'll reference this thread in the
FreeIPA-users mailing list -- email@example.com
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org