Public bug reported: As discussed on this page: https://pagure.io/freeipa/issue/6139
Sudo + SSSD doesn't work with hostgroups. As suggested, sudo upstream has a fix for this problem in https://www.sudo.ws/repos/sudo/rev/2eab4070dcf7 It looks similar to the issue https://bugs.launchpad.net/bugs/1688034 but is actually different. 1) root@ipa:~# lsb_release -rd Description: Ubuntu 16.04.2 LTS Release: 16.04 2) root@ipa:~# apt-cache policy sudo sudo: Installed: 1.8.16-0ubuntu1.3 Candidate: 1.8.16-0ubuntu1.3 Version table: *** 1.8.16-0ubuntu1.3 500 500 http://localapt/ubuntu xenial-updates/main amd64 Packages 100 /var/lib/dpkg/status 1.8.16-0ubuntu1 500 500 http://localapt/ubuntu xenial/main amd64 Packages 3) I expect to be able to grant sudo rights based on IPA hostgroups 4) "testuser is not allowed to run sudo on cw-st-ipa.catawiki.net. This incident will be reported." ** Affects: sudo (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1689796 Title: sudo + sssd does not work for IPA hostgroups To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/1689796/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs