> Brian Sanders via FreeIPA-users wrote: > > There is no concept of hostgroups in SUDO but it does understand > netgroups so hostgroups are represented as netgroups. In order for this > to work your NIS domain name needs to be set properly. > > You can try something like: > > $ getent netgroup hg1 > hg1 (ipa.example.test,-,example.test) > > nisdomainname will set the NIS domain name. > > rob > Brian Sanders via FreeIPA-users wrote: > > There is no concept of hostgroups in SUDO but it does understand > netgroups so hostgroups are represented as netgroups. In order for this > to work your NIS domain name needs to be set properly. > > You can try something like: > > $ getent netgroup hg1 > hg1 (ipa.example.test,-,example.test) > > nisdomainname will set the NIS domain name. > > rob Thank you for the quick reply.
I have tested the client side, and it would appear that my nisdomainname is set to the correct domain. The returned domain matches the domain used in /etc/hosts and what I would expect the domain to be. When I run getent netgroup project_a I receive back a list of hosts in that host group, including the local client. nisdomainname dev.zz getent netgroup project_a project_a (srv1.dev.zz,-,dev.zz) (vpn1.dev.zz,-,dev.zz) It would appear from the client side that it is finding the groups, since it is listing them all out to me. However my sudo rules still don't function. I didn't actually change anything, just looking into the nisgroups an this is what I have found. _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
