This is resolved by updating sudo package.
---> Package sudo.x86_64 0:1.8.6p7-11.el7 will be updated ---> Package sudo.x86_64 0:1.8.19p2-10.el7 will be an update ________________________________ From: Pavel Březina <pbrez...@redhat.com> Sent: Thursday, August 31, 2017 1:48:33 AM To: Jakub Hrozek; Z D Cc: FreeIPA users list Subject: Re: [Freeipa-users] Re: sudo policy doesn't work since host is installed with CNAME On 08/31/2017 08:35 AM, Jakub Hrozek wrote: > On Wed, Aug 30, 2017 at 08:51:24PM +0000, Z D wrote: >>> Does ipa_hostname in sssd.conf point to cname (or, the hostname registered >>> with IPA) ? >> >> >> It points to the DNS A record, the one that is registered with IPA. > > Pavel, is a setup with a machne where the hostname in IPA doesn't match > the machine hostname known to work? sudo should read ipa_hostname from /etc/sssd/sssd.conf so if this option is present, it should work. If it does not, we need sudo debug logs.
_______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org