[Freeipa-users] Error while Enrolling Client
Lukas Slebodnik
lslebodn at redhat.com
Wed Aug 12 05:52:06 UTC 2015
On (11/08/15 20:53), Jakub Hrozek wrote:
>On Tue, Aug 11, 2015 at 09:29:46PM +0530, Yogesh Sharma wrote:
>> Yes Jakub...That was the issue. We have fixed it and update to List.
>>
>> Thanks Jakub.
>>
>> Would like to have one suggestion.
>>
>> We have implemented sudo, but every time we need to restart sssd to take
>> the changes. We have try implementing the cache timeout also, but not
>> working as expected.
>>
>> Any other config changes required?
>
>No, this is not expected. Can you get logs after you've added the sudo
>rule but before the client is restarted in order to capture the issue?
>It would be best to add debug_level=7 to sudo, nss and domain sections.
>
I thought it is an side effect of sudo rule caching mechanism
and periodic tasks. So it might be an expected behaviour.
Periodic task are fired few seconds after start of sssd.
It might explain why restarting sssd works.
@see more details in man sssd-sudo -> "THE SUDO RULE CACHING MECHANISM"
LS
More information about the Freeipa-users
mailing list