On 29.06.23 09:52, Sam Morris via FreeIPA-users wrote:
On 29/06/2023 07:31, Ronald Wimmer via FreeIPA-users wrote:
Is a correct hostname (FQDN) required for sudo rules to work properly?
I do have a host where the hostname is set to its shortname. My user
is allowed to perform sudo on this host (as it is a member of the
admin group which is allowed to do everything on every host) but
another user (who is not member of the admin group) cannot perform
sudo on this particular host. (according to IPA this user should be
able to use sudo)
My suspicion is that this might have to do with the hostname
incorrectly set to its shortname and not to its FQDN.
See https://docs.pagure.org/sssd.sssd/users/sudo_troubleshooting.html
for how to enable sudo and sssd-sudo logs - you should be able to see
how sudo evaluates the rules recieved from the directory with the
information from the logs.
In this particular case it does not help me as the IPA client is an AIX
7.3 machine that does not have SSSD.
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue