[Freeipa-users] How to use sudo rules on ubuntu
Lukas Slebodnik
lslebodn at redhat.com
Mon Sep 1 11:27:12 UTC 2014
On (01/09/14 12:20), Alexander Bokovoy wrote:
>On Mon, 01 Sep 2014, Tevfik Ceydeliler wrote:
>>
>>libsss-sudo already installed.
>>Here is my sssd.conf:
>>[domain/ipa.grp]
>>krb5_realm = IPA.GRP
>>cache_credentials = True
>>krb5_store_password_if_offline = True
>>ipa_domain = ipa.grp
>>id_provider = ipa
>>auth_provider = ipa
>>access_provider = ipa
>>ipa_hostname = clnt.ipa.grp
>>chpass_provider = ipa
>>ipa_dyndns_update = True
>>ipa_server = _srv_, srv.ipa.grp
>>ldap_tls_cacert = /etc/ipa/ca.crt
>>[sssd]
>>services = nss, pam, ssh, sudo
>>config_file_version = 2
>>domains = ipa.grp
>
Alexander,
just for you information. These options are not necessary.
sssd-1-11 has sudo_provider ipa. It should work out of box.
Tevfik,
I wrote you that you should follow instructions for configurations of sudo
from manual page sssd-sudo.
If it does not help plesase send us log file. It will not help us to find
problem if you wote "It still the same". Follow slide 18 from presentation[1].
There is described how to obtain debugging informations.
LS
[1] http://www.freeipa.org/images/7/77/Freeipa30_SSSD_SUDO_Integration.pdf
More information about the Freeipa-users
mailing list