rashard.ke...@sita.aero wrote:
The command had not been added into the sudocmd database.

    member sudo command: /usr/bin/yum --disableexcludes=all localinstall
example*: no such entry

I think this error should point to someone checking to make sure the
sudo command had been created, something along the lines of "no sudocmd
entry defined yet" vs "no such entry" would improve workflow for people
stuck using the CMD.

Yes, having more specific "not found" errors might be nice. I believe we percolate this error up directly from LDAP. Can you open a trac ticket on this?

rob



Thank You,
*Rashard Kelly**
*



From: Rashard Kelly/Atlanta/SITA/WW
To: freeipa-users@redhat.com
Date: 03/12/2014 11:47 AM
Subject: Sudo Rule Command Line Option Arguments
------------------------------------------------------------------------


What is the correct way to add a flag inside a sudo command that will be
added to a command group? When adding commands with no flags I have no
issue such as "/usr/bin/yum info example*" but when I try to add options
to the command like this "/usr/bin/yum --disableexcludes=all
localinstall example*", It does not work even when escaping items like
--. How does IPA handle a request like that?

ipa-client-3.0.0-37.el6.x86_64

[rkelly@hostname /]$ ipa sudocmdgroup-add-member --sudocmds
"/usr/bin/yum --disableexcludes=all localinstall example*" yumsita
   Sudo Command Group: yumexample
   Description: Yum install Priviledges for example.com specific packages
   Member Sudo commands: /usr/bin/yum info example*, /usr/bin/yum update
example*,
             /usr/bin/yum remove example*, /usr/bin/yum install
             example*, /usr/bin/yum localinstall example*, /usr/bin/yum
             localupdate example*
   Failed members:
     member sudo command: /usr/bin/yum --disableexcludes=all
localinstall example*: no such entry
-------------------------
Number of members added 0
-------------------------


Thank You,
*Rashard Kelly**
*

This document is strictly confidential and intended only for use by the
addressee unless otherwise stated. If you are not the intended
recipient, please notify the sender immediately and delete it from your
system. See you at 2014 Air Transport IT Summit, 17-19 June 2014 Click
here to register http://www.sitasummit.aero



_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users


_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to