Hello, I am trying to setup a few of my users to have the ability to su - jira
or another user using FreeIPA.
Here is what happens when I am logged in as the user and try to su - jira
[user1@jira02 ~]$ sudo su - process[sudo] password for user1:Sorry, user user1
is not allowed to execute '/bin/su - jira' as root on
jira02.example.net.[user1@jira02 ~]$
[andrew.meyer@jira02 ~]$ ipa sudorule-show su_jira Rule name: su_jira
Enabled: TRUE Host category: all RunAs User category: all RunAs Group
category: all User Groups: developers, ops_sudoers Sudo Allow Command Groups:
jira_access Sudo Option: !authenticate[andrew.meyer@jira02 ~]$
[andrew.meyer@jira02 ~]$ ipa sudocmd-find su_jira_cmds----------------------1
Sudo Command matched---------------------- Sudo Command: /usr/bin/su -
jira,/usr/bin/sudo su - jira,/bin/su - jira,/bin/sudo - jira Description:
su_jira_cmds----------------------------Number of entries returned
1----------------------------
What am I doing wrong?
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
