Good day I managed to configure sudo and its working for all my centos 6.6 and RHEL 6.6 clients. somehow i managed to change the sudo rules ,sudo comands and sudo groups to be less restrictive ,thats when i managed to access root owned files using sudo
thanx for your help My advice when configuring sudo , when configuring your sudo rules , start with a less restrictive access control e.g where they say Access this host ---- say any where they say Run Commands ---say any command and when its working ,thats when you can then fine tune your access policies ________________________________________ From: Jakub Hrozek [jhro...@redhat.com] Sent: Wednesday, April 08, 2015 2:01 PM To: Martin Chamambo Cc: freeipa-users@redhat.com Subject: Re: [Freeipa-users] FreeIPA, version: 4.1.0 and sudo configuration On Wed, Apr 08, 2015 at 01:39:44PM +0200, Chamambo Martin wrote: > Sudo seems to be configured correctly but somehow it's not working > > Even if I do a sudo -l under the admin user > > [admin@ironhide tmp]$ sudo -l > [sudo] password for admin: > Matching Defaults entries for admin on this host: > requiretty, !visiblepw, always_set_home, env_reset, env_keep="COLORS > DISPLAY HOSTNAME HISTSIZE INPUTRC KDEDIR LS_COLORS", env_keep+="MAIL PS1 > PS2 QTDIR USERNAME LANG LC_ADDRESS LC_CTYPE", env_keep+="LC_COLLATE > LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES", env_keep+="LC_MONETARY > LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE", env_keep+="LC_TIME LC_ALL > LANGUAGE LINGUAS _XKB_CHARSET XAUTHORITY", > secure_path=/sbin\:/bin\:/usr/sbin\:/usr/bin > > User admin may run the following commands on this host: > (admin, chamambom, kamoyob, kumalop, machangeteb, masaitit, masvivic, > matangiraa, nyahumap, pedzisail, tayengwaj : ALL) /usr/bin/vim, ~~~~~~~~~~~ > /usr/bin/less ~~~~~~~~~~~~~ According to this output, admin can run both vim and less... ?? -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project