I've got a freeipa domain and many centos 7.2 clients. I also have a sudo
rule that allows member of the developer group sudo rights on virtual
servers in the "development" group. This works great on the centos servers.
However, I recently set up 3 ubuntu boxes, and added them to the IPA domain
and then to the "development" group. My sudo rules fail. I've enabled
debugging and I see in the /var/log/sssd/sssd_sudo.log that the clients
connects to the server, identifies group memberships, and finally prints
"returning 1 rules for [u...@domain.com]. We only have the single rule so I
can't figure out why it's not working. Can someone point me in the correct
direction?

Thanks,

Jeff
-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to