Re: [Freeipa-users] Sudo Rule Command Line Option Arguments (Solved)

Thu, 13 Mar 2014 08:15:50 -0700 

On 13.3.2014 15:59, rashard.ke...@sita.aero wrote:

I would be happy to open a ticket, where do I go to do that?

https://fedorahosted.org/freeipa/newticket

You need an Fedora account to open a new ticket:
https://admin.fedoraproject.org/accounts/user/new

Petr^2 Spacek


From:   Rob Crittenden <rcrit...@redhat.com>
To:     rashard.ke...@sita.aero, freeipa-users@redhat.com
Date:   03/13/2014 09:52 AM
Subject:        Re: [Freeipa-users] Sudo Rule Command Line Option
Arguments (Solved)



rashard.ke...@sita.aero wrote:

The command had not been added into the sudocmd database.

     member sudo command: /usr/bin/yum --disableexcludes=all localinstall
example*: no such entry

I think this error should point to someone checking to make sure the
sudo command had been created, something along the lines of "no sudocmd
entry defined yet" vs "no such entry" would improve workflow for people
stuck using the CMD.


Yes, having more specific "not found" errors might be nice. I believe we
percolate this error up directly from LDAP. Can you open a trac ticket
on this?

rob




Thank You,
*Rashard Kelly**
*



From: Rashard Kelly/Atlanta/SITA/WW
To: freeipa-users@redhat.com
Date: 03/12/2014 11:47 AM
Subject: Sudo Rule Command Line Option Arguments
------------------------------------------------------------------------


What is the correct way to add a flag inside a sudo command that will be
added to a command group? When adding commands with no flags I have no
issue such as "/usr/bin/yum info example*" but when I try to add options
to the command like this "/usr/bin/yum --disableexcludes=all
localinstall example*", It does not work even when escaping items like
--. How does IPA handle a request like that?

ipa-client-3.0.0-37.el6.x86_64

[rkelly@hostname /]$ ipa sudocmdgroup-add-member --sudocmds
"/usr/bin/yum --disableexcludes=all localinstall example*" yumsita
    Sudo Command Group: yumexample
    Description: Yum install Priviledges for example.com specific

packages

    Member Sudo commands: /usr/bin/yum info example*, /usr/bin/yum update
example*,
              /usr/bin/yum remove example*, /usr/bin/yum install
              example*, /usr/bin/yum localinstall example*, /usr/bin/yum
              localupdate example*
    Failed members:
      member sudo command: /usr/bin/yum --disableexcludes=all
localinstall example*: no such entry
-------------------------
Number of members added 0
-------------------------



--
Petr^2 Spacek

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to