hi all,
I tried and figured it out..
ipa sudorule-add-runasuser --users=
Is the command syntax I was looking for.
I guess that if the --users isn't an ipa user it is automatically
flagged as an external user.
Cheers
Rob Verduijn
2016-02-04 17:33 GMT+01:00 Jakub Hrozek :
> On Thu, Feb 04, 2
On Thu, Feb 04, 2016 at 04:00:50PM +, Baird, Josh wrote:
> Actually, I use local (external) users in my sudo rules in IPA 4.2 with no
> problem.
>
> Example:
>
> Rule name: TestDBAs
> Description: access for members of the TestDBAs group
> Enabled: TRUE
> Command category: all
> Us
; To: Baird, Josh
> Cc: Jakub Hrozek; freeipa-users@redhat.com
> Subject: Re: [Freeipa-users] what is the sudo rule runasuser local user
> account
>
> That does seem to work for me as well,
> however I can only add the external user via the web-gui
>
> Any idea how to do th
erduijn
>> Sent: Thursday, February 04, 2016 10:54 AM
>> To: Jakub Hrozek
>> Cc: freeipa-users@redhat.com
>> Subject: Re: [Freeipa-users] what is the sudo rule runasuser local user
>> account
>>
>> On Centos7.2 all patches applied I used the command:
>> i
Thursday, February 04, 2016 10:54 AM
> To: Jakub Hrozek
> Cc: freeipa-users@redhat.com
> Subject: Re: [Freeipa-users] what is the sudo rule runasuser local user
> account
>
> On Centos7.2 all patches applied I used the command:
> ipa-client-install --enable-dns-updates
>
On Centos7.2 all patches applied I used the command:
ipa-client-install --enable-dns-updates
That configures the client for sudo as well if I'm not mistaken.
Rob Verduijn
2016-02-04 16:45 GMT+01:00 Jakub Hrozek :
> On Thu, Feb 04, 2016 at 03:52:25PM +0100, Rob Verduijn wrote:
>> Hello,
>>
>> I'
On Centos7.2 all patches applied I used the command:
ipa-client-install --enable-dns-updates
Rob
2016-02-04 16:45 GMT+01:00 Jakub Hrozek :
> On Thu, Feb 04, 2016 at 03:52:25PM +0100, Rob Verduijn wrote:
>> Hello,
>>
>> I've noticed that the sudorule-add-runasuser no longer has en --external
>> o
On Thu, Feb 04, 2016 at 03:52:25PM +0100, Rob Verduijn wrote:
> Hello,
>
> I've noticed that the sudorule-add-runasuser no longer has en --external
> option
>
> What is the current method to add a local service account to a sud
> rule list so that users may run sudo as that service account (ie
>