I've been banging my head on this for a couple of days, and I can't
find anything in the docs or by searching.
I'm trying to do what I think should be pretty simple: I have a group
of users and an application account, all in IPA. I want users in that
group to be able to "sudo su - appacct".
What I've found is that I probably can't do it exactly like that, so
now I'm trying "sudo -i appacct", but I can't get that to work either.
My rule is set up like this:
rule name: become-appacct
sudo option: -i appacct (I'm not sure this is right.)
user groups: admins, appgroup
host groups: apphostgroup
Everything else is blank. Note that this is just the current
configuration, I've tried a bunch of iterations.
The government is going to read our mail anyway, might as well make it
tough for them. GPG Public key ID: B6A1A7C6
Freeipa-users mailing list