We have RHEL 7.1 and IPA server 4.1.0 in our environment as well as stack of
Oracle software that require existence of local passwordless users like
weblogic and oracle.
Users log in to servers via domain accounts at IPA server.
I’m trying to configure Sudo policy in IPA server that will allow users in the
company to log in to servers in IPA domain and switch to weblogic or oracle
user without having to enter any passwords, but also without increasing their
privileges to root.
Using plain /etc/sudoers file it can be accomplished something like below:
%users ALL = (root) NOPASSWD: /bin/su – oracle
How can I configure this behavior in IPA server?
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project