On Wed, 2012-02-01 at 08:51 +0100, Westerlund Johnny wrote: > Hey all, > > I've been running IPA on a RHEL6.2 and so far it's looking great. HBAC > is awsome. The other machines in the domain is another RHEL 6.2 and one > RHEL 5.7. > > I've also configured SUDO and it was working great on all machines. But > thats changed now. The RHEL 6.2 and the ipaserver itself (also rhel6.2) > works great. But the RHEL 5.7 stopped working the other day, and > nothing i do can make it work again. > > I've followed the documentation at: > http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Identity_Management_Guide/sudo.html > But i just cant seem to find the problem, so i'm starting to wonder if > it broke when i patched the system the other day. > > Both login and HBAC rules seem to work fine on the 5.7 box, but not > SUDO. I've tried running the sssd daemon interactivly and in debug > mode (sssd -i -d6) but it's hard to know what to look for. Anyone able > to give some troubleshooting tips?
SUDO support doesn't go through SSSD. It uses its own internal LDAP driver to talk to FreeIPA. So if you're suddenly having trouble there, I'd look into the sudo package.  This is a feature we're working on for Fedora and will be coming in future versions of RHEL 6, but probably not for RHEL 5
Description: This is a digitally signed message part
_______________________________________________ Freeipa-users mailing list Freeipafirstname.lastname@example.org https://www.redhat.com/mailman/listinfo/freeipa-users