Hi, > sssd is falling back to sssd even though we have the “files” entry first
That's not 'sssd' but 'sudo'. What is the output of: (1) `ps aux | grep sss` (2) `getent passwd $user` ? On Tue, Nov 29, 2022 at 8:44 PM Kevin Vasko <[email protected]> wrote: > passwd: compat systemd sss > group: compat systemd sss > > I changed it to be > > passwd: files compat systemd sss > group: files compat systemd sss > > and still had the same problem. > > id_provider=ipa > > Yes Ubuntu. > > sssd 2.2.3-3ubuntu0.9 > > This same named user that was created local is also in our IPA server but > want this local account and settings on this machine to override that. > > -Kevin > > On Nov 29, 2022, at 3:03 AM, Alexey Tikhonov <[email protected]> wrote: > > > Hi, > > On Tue, Nov 29, 2022 at 1:10 AM Kevin Vasko <[email protected]> wrote: > >> We have a local user that has an entry in sudoers for a “NOPASSWD”. >> >> In /etc/nsswitch.conf we have: >> >> sudoers: files sss >> > > What is in 'passwd:' and 'group:'? > Do you use 'id_provider=files' in 'sssd.conf'? > > >> >> For some reason sssd is falling back to sssd even though we have the >> “files” entry first and is checking our FreeIPA instance and rejecting it >> and prompts for password. >> >> if I make it >> >> sudoers: files >> >> It works. >> >> This was working without issue on 18.04, we upgraded to 20.04 and now see >> the problem. >> > > I guess this is Ubuntu version? > Could you please specify SSSD package versions? > > >> >> Is there a way to make it prioritize the local sudoers and stop looking >> on sssd? >> > > > _______________________________________________ > sssd-users mailing list -- [email protected] > To unsubscribe send an email to [email protected] > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedorahosted.org/archives/list/[email protected] > Do not reply to spam, report it: > https://pagure.io/fedora-infrastructure/new_issue > > _______________________________________________ > sssd-users mailing list -- [email protected] > To unsubscribe send an email to [email protected] > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedorahosted.org/archives/list/[email protected] > Do not reply to spam, report it: > https://pagure.io/fedora-infrastructure/new_issue >
_______________________________________________ sssd-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
