no problem, thanks for trying! I just figured it out. yum -y install libsss_sudo fixed it. Should this package be a dependency that gets pulled in when IPA client is installed? shall I file a bug?
Thanks, Brian --- Brian Cook Solutions Architect, Red Hat, Inc. 407-212-7079 On Mar 21, 2013, at 8:50 PM, Brian Cook <bc...@redhat.com> wrote: > Those packages are installed. The second part is against what I am trying to > accomplish. My sudo rule is already created in IPA. I just need SSSD to > fetch it. > > Thanks, > Brian > > > On Mar 21, 2013, at 8:37 PM, John Moyer <john.mo...@digitalreasoning.com> > wrote: > >> I had sudo issues similar to this, I can't remember the exact fix. I have >> the following two things in my notes. The second command would obviously >> need you to add the people you want to be able to sudo to the admins group >> after you add this. >> >> yum install ipa-client fprintd-pam -y >> echo "%admins ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers >> >> >> Thanks, >> _____________________________________________________ >> John Moyer >> >> >> On Mar 21, 2013, at 11:27 PM, Brian Cook <bc...@redhat.com> wrote: >> >>> Running F18 and following the instructions here: >>> http://jhrozek.fedorapeople.org/sssd/1.9.1/man/sssd-sudo.5.html >>> >>> When I try to run sudo -l as any user I get the following error: >>> >>> bash-4.2$ sudo -l >>> sudo: Unable to dlopen /usr/lib64/libsss_sudo.so: (null) >>> sudo: Unable to initialize SSS source. Is SSSD installed on your machine? >>> >>> >>> Nothing particularly interesting in the log with debug at 5. >>> >>> Can someone point me in the right direction? >>> >>> Thanks, >>> Brian >>> >>> >>> sssd.conf: >>> >>> [domain/example.com] >>> debug_level = 5 >>> cache_credentials = True >>> krb5_store_password_if_offline = True >>> ipa_domain = example.com >>> id_provider = ipa >>> auth_provider = ipa >>> access_provider = ipa >>> ipa_hostname = ipadevel.example.com >>> chpass_provider = ipa >>> ipa_server = ipadevel.example.com >>> ldap_tls_cacert = /etc/ipa/ca.crt >>> >>> sudo_provider = ldap >>> ldap_uri = ldap://ipadevel.example.com >>> ldap_sudo_search_base = ou=sudoers,dc=example,dc=com >>> ldap_sasl_mech = GSSAPI >>> ldap_sasl_authid = host/ipadevel.example.com >>> ldap_sasl_realm = EXAMPLE.COM >>> krb5_server = ipadevel.example.com >>> >>> >>> [sssd] >>> services = nss, pam, ssh, sudo >>> config_file_version = 2 >>> domains = example.com >>> >>> [nss] >>> >>> [pam] >>> >>> [sudo] >>> debug_level=5 >>> >>> [autofs] >>> >>> [ssh] >>> >>> [pac] >>> >>> >>> _______________________________________________ >>> Freeipa-users mailing list >>> Freeipa-users@redhat.com >>> https://www.redhat.com/mailman/listinfo/freeipa-users >> > > _______________________________________________ > Freeipa-users mailing list > Freeipa-users@redhat.com > https://www.redhat.com/mailman/listinfo/freeipa-users
_______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users