I've been banging my head on this for a couple of days, and I can't
find anything in the docs or by searching.

I'm trying to do what I think should be pretty simple:  I have a group
of users and an application account, all in IPA.  I want users in that
group to be able to "sudo su - appacct".

What I've found is that I probably can't do it exactly like that, so
now I'm trying "sudo -i appacct", but I can't get that to work either.

My rule is set up like this:

rule name:  become-appacct
sudo option:  -i appacct       (I'm not sure this is right.)
user groups:  admins, appgroup
host groups:  apphostgroup

Everything else is blank.  Note that this is just the current
configuration, I've tried a bunch of iterations.

Any help?



The government is going to read our mail anyway, might as well make it
tough for them.  GPG Public key ID:  B6A1A7C6

Freeipa-users mailing list

Reply via email to