[Freeipa-users] sudo rules question on ubuntu 16.0.1
Cory Francis Myers
cory at trinitymobilenetworks.com
Tue Aug 30 16:45:11 UTC 2016
Pavel Březina | Tue, 30 Aug 2016 02:59:55 -0700:
> unfortunately sudo 1.8.16 introduced a bug in sssd plugin. 1.8.16
> contains a new option called netgroup_tuple, which tells whether a
> full netgroup tuply is check or only the host/user part in host/user
> check. However, the patch didn't make the sssd plugin to obey this
> option and it always check both hostname and username.
>
> It is fixed in 1.8.17 by this patch:
> https://www.sudo.ws/repos/sudo/rev/2eab4070dcf7
>
> Please, report bug against Ubuntu sudo to backport this patch or rebase
> sudo.
Already open on Launchpad, it looks like:
https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/1607666
sudo 1.8.17 installed from "sudo_1.8.17-2_amd64.deb"[1] is working for
us now. Thank you for the suggestion.
Jeff, I hope you have the same good luck.
--- cfm.
[1] https://www.sudo.ws/download.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 455 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20160830/0f5fb763/attachment.sig>
More information about the Freeipa-users
mailing list