Hi all,

I have just created a setup for sudo on the IPA Server 2.2.
I modified nsswitch.conf to use ldap.
ldap.conf has been modified to fetch sudo users from the IPA Server.

Now, th euser in group "admin" can do sudo.
      1. rsiwal being a user of group sudo can run all commands as sudo (FINE)
      2. If I disable the rule "Admins" (that I admin group access to
sudo), the sudo still works for the user rsiwal (Which should not work
logically).
      3. Removed the group "Admins" (including rsiwal) from the Sudo
rule. The rule is still allowing user rsiwal to run "sudo su -". (It
should Fail)

Is there some kind of caching being at the Server / client end ?

-- 
Regards,
Rajnesh Kumar Siwal

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to