Martin Kosek wrote:
I had doubts how to name ipasudorunasgroup_group attribute, this is the
result. Btw what is the difference between attributes
ipasudorunasgroup_group and ipasudorunas_group?
ACK
This confused me as well so I double-checked with JR.
ipasudorunasgroup sets the gid to <group> when executing the command.
ipasudorunas group sets a group of allowed users to run a command as.
JR's example was: sudo -u rcrit /bin/less
If rcrit is in either the ipasudorunas user or group then you can run
the command as me.
I opened ticket 1657 to improve the documentation. I think connecting it
to the sudo options and/or providing examples like this will help.
pushed to master and ipa-2-1
rob
_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel