Public bug reported:
I have a home-lab setup with a FreeIPA server providing user info,
login, and sudoers rules. This worked well under legacy sudo (now
sudo.ws). On the client side (Ubuntu), it uses SSSD to make requests to
the FreeIPA server. PAM, NSS, and autofs still works.
However, this does not work with sudo-rs. It loads user info, but not
sudoers rules, from SSS. Looking at the source, it seems that sudo-rs
*only* looks at the sudoers files. Previously, I believe sudo had a
pluggable architecture that loaded libsss-sudo.
I know this is not in-keeping with sudo-rs's philosophy, but it seems
like this would be a dealbreaker for most enterprise users with
centralized sudo management.
It seems to me that either:
* sudo-rs should be able to get info from other sources, e.g., sssd, *or*
* sssd should write sudoers info to the file system for sudo-rs to read
Possibly sudo-rs should be listed as Breaks: libsss-sudo package
** Affects: rust-sudo-rs (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2130433
Title:
sudo-rs breaks SSSD centralized sudo rules
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/rust-sudo-rs/+bug/2130433/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
