I have a problem using sudo policy in FreeIPA when target commands use
environment variables defined on a specific local user's profile.
Here is the problem:
1- There is a client machine with local user called *srvusr .*this user has
permission to run *target_cmd*.
2- *target_cmd* is dependent on environment variables defined in *srvusr'*s
profile. Even before joining to FreeIPA, users had to use "su *srvusr*"
command to get permission for executing the *target_cmd*.
3- I defined a sudo policy for *target_cmd* to be executed by external
user permissions (*srvusr)*.
4- when I run sudo -l on client machine it says IPA user has permission to
run *target_cmd* with *srvusr* privileges.
5- The command I run with my IPA user is:
$ sudo -H -u *srvusr* */path/to/**target_cmd* *target_cmd**_argument*
$ sudo -H -u *srvusr* */path/to/**target_cmd*
I used -H to inherit target user's environment variables
The command fails to run and the error is:
"Check environment error! environment not defined or NULL"
I would be glad if someone help me to find a solution for that!
thanks for your advice in advance
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project