On Wed, 2012-02-01 at 08:51 +0100, Westerlund Johnny wrote: > Hey all, > > I've been running IPA on a RHEL6.2 and so far it's looking great. HBAC > is awsome. The other machines in the domain is another RHEL 6.2 and one > RHEL 5.7. > > I've also configured SUDO and it was working great on all machines. But > thats changed now. The RHEL 6.2 and the ipaserver itself (also rhel6.2) > works great. But the RHEL 5.7 stopped working the other day, and > nothing i do can make it work again. > > I've followed the documentation at: > http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Identity_Management_Guide/sudo.html > But i just cant seem to find the problem, so i'm starting to wonder if > it broke when i patched the system the other day. > > Both login and HBAC rules seem to work fine on the 5.7 box, but not > SUDO. I've tried running the sssd daemon interactivly and in debug > mode (sssd -i -d6) but it's hard to know what to look for. Anyone able > to give some troubleshooting tips?
SUDO support doesn't go through SSSD[1]. It uses its own internal LDAP driver to talk to FreeIPA. So if you're suddenly having trouble there, I'd look into the sudo package. [1] This is a feature we're working on for Fedora and will be coming in future versions of RHEL 6, but probably not for RHEL 5
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
