On 05/04/2016 03:41 PM, Armstrong, Jeffrey wrote: > Hi > > I’m trying to add a to add a sudo command to a sudo rule. It’s executing the > command but it’s not adding the sudo command. > > ipa sudorule-add-allow-command –sudocmds "/bin/su " bkrc_rule > > Rule name: bkrc_rule > > Enabled: TRUE > > ------------------------- > > Number of members added 0 > > Thanks > > Jeff Armstrong
Does the SUDO command object exists? # ipa sudorule-add-allow-command --sudocmds "/bin/su" test Rule name: test Enabled: TRUE ------------------------- Number of members added 0 ------------------------- # ipa sudocmd-show /bin/su ipa: ERROR: /bin/su: sudo command not found More info here: https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Linux_Domain_Identity_Authentication_and_Policy_Guide/adding-sudo.html I assume not. I actually think that this is a bug that FreeIPA does not display any warning in this ticket. Can you please file a ticket/bug? https://fedorahosted.org/freeipa/newticket Thanks, Martin -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project