On 05/04/2016 03:41 PM, Armstrong, Jeffrey wrote:
> Hi
>
> I’m trying to add a to add a sudo command to a sudo rule. It’s executing the
> command but it’s not adding the sudo command.
>
> ipa sudorule-add-allow-command –sudocmds "/bin/su " bkrc_rule
>
>Rule name: bkrc_rule
>
>Enabled: TRUE
>
> -
>
> Number of members added 0
>
> Thanks
>
> Jeff Armstrong
Does the SUDO command object exists?
# ipa sudorule-add-allow-command --sudocmds "/bin/su" test
Rule name: test
Enabled: TRUE
-
Number of members added 0
-
# ipa sudocmd-show /bin/su
ipa: ERROR: /bin/su: sudo command not found
More info here:
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Linux_Domain_Identity_Authentication_and_Policy_Guide/adding-sudo.html
I assume not. I actually think that this is a bug that FreeIPA does not display
any warning in this ticket. Can you please file a ticket/bug?
https://fedorahosted.org/freeipa/newticket
Thanks,
Martin
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
