> What command did you use to get sudo options working please? 
> I noticed from below mail that you have‎ 
> Sudo Option: !authenticate
> I am having trouble getting that working
The first issue is what version of FreeIPA you are using. Before version 4 sudo 
rules don't work without some manual setup on the client:

If the client is setup correctly, then I found issues with sssd caching, and in 
particular the sss_cache command doesn't invalidate the cache of sudo rules 
yet. Once I reduced the default cache time for sssd I could see my sudo rule 
changes working on the client.
I also had a problem with using host groups as part of the sudo rule, and this 
was down to the netgroup seen by the client having fully-qualified host names, 
while the hostname command on the client was only returning the short hostname 
- but this was down to the way OpenStack creates instances by default, not an 
issue with FreeIPA per se.

Manage your subscription for the Freeipa-users mailing list:
Go To http://freeipa.org for more info on the project

Reply via email to