I have deployed FreeIPA on RedHat 7 and everything is working perfectly fine
except when I try to configure SUDO. All my clients are all centos 6 and
RedHat 6 clients and have the below config . I have followed every how-to
and I just can't seem to get it.I have configured the sudo commands and
rules mostly for reading files /usr/bin/vim and /usr/bin/less for reading
log files
/etc/nssswitch
sudoers: files sss
cat /etc/sssd/sssd.conf
[root@nemo ~]# cat /etc/sssd/sssd.conf
[domain/default]
autofs_provider = ldap
cache_credentials = True
krb5_realm = XX.XX.XX
krb5_server = XX.XX.XX.XX:88
id_provider = ldap
auth_provider = ldap
chpass_provider = ldap
ldap_id_use_start_tls = False
ldap_tls_cacertdir = /etc/openldap/cacerts
[domain/ai.co.zw]
debug_level = 0x07F0
cache_credentials = True
krb5_store_password_if_offline = True
ipa_domain = ai.co.zw
id_provider = ipa
auth_provider = ipa
access_provider = ipa
ipa_hostname = XX.XX.XX.XX
chpass_provider = ipa
ipa_server = _srv_, XX.XX.XX.XX
ldap_tls_cacert = /etc/ipa/ca.crt
[sssd]
services = nss, sudo, pam, autofs, ssh
config_file_version = 2
domains = default, XX.XX.XX
[nss]
homedir_substring = /home
[pam]
[sudo]
[autofs]
[ssh]
[pac]
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
