Re: [Freeipa-users] Sudo options

2012-01-18 Thread JR Aquino
On Jan 18, 2012, at 1:24 PM, Erinn Looney-Triggs wrote: On 01/18/2012 11:50 AM, JR Aquino wrote: On Jan 18, 2012, at 11:47 AM, Erinn Looney-Triggs wrote: I can't really figure out what the proper syntax is for the sudo rules in IPA. I have a number of options that I would like included by default

Re: [Freeipa-users] Sudo options

2012-01-18 Thread Erinn Looney-Triggs
On 01/18/2012 11:50 AM, JR Aquino wrote: > On Jan 18, 2012, at 11:47 AM, Erinn Looney-Triggs wrote: > >> I can't really figure out what the proper syntax is for the sudo rules >> in IPA. I have a number of options that I would like included by >> default, I have put them in place, from ipa sudorul

Re: [Freeipa-users] Sudo options

2012-01-18 Thread Erinn Looney-Triggs
On 01/18/2012 11:50 AM, JR Aquino wrote: > On Jan 18, 2012, at 11:47 AM, Erinn Looney-Triggs wrote: > >> I can't really figure out what the proper syntax is for the sudo rules >> in IPA. I have a number of options that I would like included by >> default, I have put them in place, from ipa sudorul

Re: [Freeipa-users] Sudo options

2012-01-18 Thread JR Aquino
On Jan 18, 2012, at 11:47 AM, Erinn Looney-Triggs wrote: > I can't really figure out what the proper syntax is for the sudo rules > in IPA. I have a number of options that I would like included by > default, I have put them in place, from ipa sudorule-show: > > Sudo Option: env_keep = "LESSSECURE

Re: [Freeipa-users] Replication for sites not using FreeIPA for DNS?

2012-01-18 Thread Dmitri Pal
On 01/18/2012 03:38 PM, Ian Levesque wrote: > On Jan 18, 2012, at 2:08 PM, Stephen Gallagher wrote: > >> On Wed, 2012-01-18 at 12:17 -0500, Ian Levesque wrote: >>> Hello, >>> >>> I'm running IPA version 2.1.3-9 on RHEL 6.2 and just configured >>> master/master replication. From what I can tell in t

Re: [Freeipa-users] Replication for sites not using FreeIPA for DNS?

2012-01-18 Thread Ian Levesque
On Jan 18, 2012, at 2:08 PM, Stephen Gallagher wrote: > On Wed, 2012-01-18 at 12:17 -0500, Ian Levesque wrote: >> Hello, >> >> I'm running IPA version 2.1.3-9 on RHEL 6.2 and just configured >> master/master replication. From what I can tell in the documentation >> [1], all of the client-discove

[Freeipa-users] Sudo options

2012-01-18 Thread Erinn Looney-Triggs
I can't really figure out what the proper syntax is for the sudo rules in IPA. I have a number of options that I would like included by default, I have put them in place, from ipa sudorule-show: Sudo Option: env_keep = "LESSSECURE", env_reset, mail_badpass, mail_no_host, mail_no_perms, syslog = lo

Re: [Freeipa-users] Replication for sites not using FreeIPA for DNS?

2012-01-18 Thread Stephen Gallagher
On Wed, 2012-01-18 at 12:17 -0500, Ian Levesque wrote: > Hello, > > I'm running IPA version 2.1.3-9 on RHEL 6.2 and just configured > master/master replication. From what I can tell in the documentation > [1], all of the client-discovering-a-replica magic happens via SRV > records in DNS. This is

Re: [Freeipa-users] installation hickup

2012-01-18 Thread Dmitri Pal
On 01/18/2012 01:49 PM, Nigel Sollars wrote: > Hi, > > thanks for the quick response, > > I put SELinux into passive mode, and ran the uninstall ( again ), > removed /var/lib/dirsrv and /var/run/dirsrv. > > in /dev/shm I have nothing, nothing is created there whilst > installation either, the direc

Re: [Freeipa-users] installation hickup

2012-01-18 Thread Nigel Sollars
Hi, thanks for the quick response, I put SELinux into passive mode, and ran the uninstall ( again ), removed /var/lib/dirsrv and /var/run/dirsrv. in /dev/shm I have nothing, nothing is created there whilst installation either, the directory remains empty. re-running install fails the same as be

Re: [Freeipa-users] installation hickup

2012-01-18 Thread Rich Megginson
On 01/18/2012 10:30 AM, Nigel Sollars wrote: Hi all, Ive been trying to install freeipa on centos 6.2. all packages are installed and DNS etc etc all straitened up. the hick up arises on the running of setup-ds.pl from the install log: 2012-01-18 12:13:40,007 DEBUG ca

Re: [Freeipa-users] installation hickup

2012-01-18 Thread Dmitri Pal
On 01/18/2012 12:30 PM, Nigel Sollars wrote: > Hi all, > > Ive been trying to install freeipa on centos 6.2. all packages are > installed and DNS etc etc all straitened up. the hick up arises on > the running of setup-ds.pl > > from the install log: > > 2012-01-18 12:13:40,00

[Freeipa-users] installation hickup

2012-01-18 Thread Nigel Sollars
Hi all, Ive been trying to install freeipa on centos 6.2. all packages are installed and DNS etc etc all straitened up. the hick up arises on the running of setup-ds.pl from the install log: 2012-01-18 12:13:40,007 DEBUG calling setup-ds.pl 2012-01-18 12:23:44,640 DEBUG args=/usr/sbin/setup-ds

Re: [Freeipa-users] Replication for sites not using FreeIPA for DNS?

2012-01-18 Thread Dmitri Pal
On 01/18/2012 12:17 PM, Ian Levesque wrote: > Hello, > > I'm running IPA version 2.1.3-9 on RHEL 6.2 and just configured master/master > replication. From what I can tell in the documentation [1], all of the > client-discovering-a-replica magic happens via SRV records in DNS. This is > quite dif

[Freeipa-users] Replication for sites not using FreeIPA for DNS?

2012-01-18 Thread Ian Levesque
Hello, I'm running IPA version 2.1.3-9 on RHEL 6.2 and just configured master/master replication. From what I can tell in the documentation [1], all of the client-discovering-a-replica magic happens via SRV records in DNS. This is quite different from what I'm used to, coming from managing an O

Re: [Freeipa-users] Forcing IPA clients to prioritise different IPA Servers

2012-01-18 Thread Dmitri Pal
On 01/17/2012 10:19 PM, Stephen Gallagher wrote: > On Wed, 2012-01-18 at 03:02 +, Charlie Derwent wrote: >> Hi >> >> I've got 5 different IPA servers at 5 differents labs around the >> country that are all replicas of one another. In order to keep the the >> cross-site network traffic to a mi