On Mon, 02 May 2016, Jakub Hrozek wrote:
On Mon, May 02, 2016 at 10:22:49AM -0400, Rob Crittenden wrote:
Przemysław Orzechowski wrote:
> Hi
> Im trying to create a single usergroup for sudo enabled users for both
> Centos and Ubuntu users
> The problem is on centos its group wheel (10), and on ubuntu its sudo
> (27) how do i have tried to do it using ID view but somehow im not
> getting it right
> btw
> Centos clients versions 6.x, 7.x
> Ubuntu clients versions 12.04,14.04,16.04
> Ipa server is on Centos 7  IPA VERSION: 4.2.0, API_VERSION: 2.156
> Regards
> Przemyław Orzechowski

But aren't these groups used only if you use files for sudo (and even that
is just a default)? If you are using IPA to provide the sudo rules then the
group you choose shouldn't matter.


Doesn't polkit also use membership in these group to determine if the
user is a 'local admin' ? I haven't configured this kind of setup
myself, though. But if it is the case, the user is probably looking for:
There are many ways to achieve the same:

I'd prefer to use HBAC and set 'polkit-1' and 'sudo' services via HBAC
rules to grant access on the machines.
/ Alexander Bokovoy

Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project

Reply via email to