...@redhat.com [freeipa-users-boun...@redhat.com] on
behalf of Dmitri Pal [d...@redhat.com]
Sent: Tuesday, 17 July 2012 11:07 p.m.
To: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] stopping su -
On 07/17/2012 12:40 AM, Steven Jones wrote:
Hi,
I could do,
authrequired
-users@redhat.com
Subject: Re: [Freeipa-users] stopping su -
On 07/16/2012 01:47 PM, Steven Jones wrote:
Hi,
OK, so to confirm this cant be done in a centralised way via IPA?
In which case when setting a HBAC with sshd only why cant i su - oracle but
I can su - root?
regards
Steven
Hi
Actually this for me anyway is exactly what IPA should be forits security,
its centrally managed and it saves workload.
Doing this across 200+ servers needs to be centralised or IPA becomes
pointless, very limited ie one point password, add and remove users (oh big
deal I can use salt
[d...@redhat.com]
Sent: Tuesday, 17 July 2012 11:07 p.m.
To: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] stopping su -
On 07/17/2012 12:40 AM, Steven Jones wrote:
Hi,
I could do,
authrequiredpam_wheel.soroot_only use_uid
But I really want to do this with IPA or I
On 07/16/2012 01:32 PM, Steven Jones wrote:
I have craeted a sshd rule only for the HBAC, but I find a std user can
su - to root, is this correect behavior?
How do I? or can I? stop this unless explicitly allowed?
regards
Steven Jones
Technical Specialist - Linux RHCE
Victoria
From: freeipa-users-boun...@redhat.com [freeipa-users-boun...@redhat.com] on
behalf of Erinn Looney-Triggs [erinn.looneytri...@gmail.com]
Sent: Tuesday, 17 July 2012 9:38 a.m.
To: freeipa-users@redhat.com
Subject: Re: [Freeipa-users] stopping su -
On 07/16/2012 01:32 PM
Subject: Re: [Freeipa-users] stopping su -
On 07/16/2012 01:32 PM, Steven Jones wrote:
I have craeted a sshd rule only for the HBAC, but I find a std user can
su - to root, is this correect behavior?
How do I? or can I? stop this unless explicitly allowed?
regards
Steven Jones
Technical
