Hello, I have a problem using sudo policy in FreeIPA when target commands use environment variables defined on a specific local user's profile.
Here is the problem: 1- There is a client machine with local user called *srvusr .*this user has permission to run *target_cmd*. 2- *target_cmd* is dependent on environment variables defined in *srvusr'*s profile. Even before joining to FreeIPA, users had to use "su *srvusr*" command to get permission for executing the *target_cmd*. 3- I defined a sudo policy for *target_cmd* to be executed by external user permissions (*srvusr)*. 4- when I run sudo -l on client machine it says IPA user has permission to run *target_cmd* with *srvusr* privileges. 5- The command I run with my IPA user is: $ sudo -H -u *srvusr* */path/to/**target_cmd* *target_cmd**_argument* *or* $ sudo -H -u *srvusr* */path/to/**target_cmd* I used -H to inherit target user's environment variables The command fails to run and the error is: "Check environment error! environment not defined or NULL" I would be glad if someone help me to find a solution for that! thanks for your advice in advance -- m-dehghan
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project