I had sudo issues similar to this, I can't remember the exact fix.  I have the 
following two things in my notes.  The second command would obviously need you 
to add the people you want to be able to sudo to the admins group after you add 
this.  

yum install ipa-client fprintd-pam -y
echo "%admins ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers


Thanks, 
_____________________________________________________
John Moyer


On Mar 21, 2013, at 11:27 PM, Brian Cook <bc...@redhat.com> wrote:

> Running F18 and following the instructions here:
> http://jhrozek.fedorapeople.org/sssd/1.9.1/man/sssd-sudo.5.html
> 
> When I try to run sudo -l as any user I get the following error:
> 
> bash-4.2$ sudo -l
> sudo: Unable to dlopen /usr/lib64/libsss_sudo.so: (null)
> sudo: Unable to initialize SSS source. Is SSSD installed on your machine?
> 
> 
> Nothing particularly interesting in the log with debug at 5.
> 
> Can someone point me in the right direction?
> 
> Thanks,
> Brian
> 
> 
> sssd.conf:
> 
> [domain/example.com]
> debug_level = 5
> cache_credentials = True
> krb5_store_password_if_offline = True
> ipa_domain = example.com
> id_provider = ipa
> auth_provider = ipa
> access_provider = ipa
> ipa_hostname = ipadevel.example.com
> chpass_provider = ipa
> ipa_server = ipadevel.example.com
> ldap_tls_cacert = /etc/ipa/ca.crt
> 
> sudo_provider = ldap
> ldap_uri = ldap://ipadevel.example.com
> ldap_sudo_search_base = ou=sudoers,dc=example,dc=com
> ldap_sasl_mech = GSSAPI
> ldap_sasl_authid = host/ipadevel.example.com
> ldap_sasl_realm = EXAMPLE.COM
> krb5_server = ipadevel.example.com
> 
> 
> [sssd]
> services = nss, pam, ssh, sudo
> config_file_version = 2
> domains = example.com
> 
> [nss]
> 
> [pam]
> 
> [sudo]
> debug_level=5
> 
> [autofs]
> 
> [ssh]
> 
> [pac]
> 
> 
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users@redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to