On 29/06/2023 07:31, Ronald Wimmer via FreeIPA-users wrote:
Is a correct hostname (FQDN) required for sudo rules to work properly?
I do have a host where the hostname is set to its shortname. My user is
allowed to perform sudo on this host (as it is a member of the admin
group which is allowed to do everything on every host) but another user
(who is not member of the admin group) cannot perform sudo on this
particular host. (according to IPA this user should be able to use sudo)
My suspicion is that this might have to do with the hostname incorrectly
set to its shortname and not to its FQDN.
See https://docs.pagure.org/sssd.sssd/users/sudo_troubleshooting.html
for how to enable sudo and sssd-sudo logs - you should be able to see
how sudo evaluates the rules recieved from the directory with the
information from the logs.
--
Sam Morris <https://robots.org.uk/>
PGP: rsa4096/CAAA AA1A CA69 A83A 892B 1855 D20B 4202 5CDA 27B9
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue