On Mon, May 04, 2015 at 09:37:11PM -0400, Megan . wrote: > Good Evening! > > I'm running 3.0.0-42 on Centos 6.6. > > I setup a number of sudo commands today with regular expressions and > now users seem to be having issues running any sudo command. Are > there any known issues with having regex in sudo commands within the > IPA server? > > Here is an example of a sudo rule I have setup. When my user runs > sudo -ll he only sees the below command, and he should have a large > number of commands available (like /sbin/service httpd restart) > > SSSD Role: deploy for UAT > RunAsUsers: appusr > Commands: > /usr/bin/python /usr/share/appusr/onworld-tools/scripts/configure.py > -l [a-zA-Z0-9\-_/]* -e EPSG[0-9][0-9][0-9][0-9] -t [a-z]* > /usr/share/appusr/apache-ant-1.9.4/bin/ant -f > /usr/share/appusr/onworld-tools/scripts/config_deploy.xml > deploy-[a-zA-Z0-9\-] -Denv=uat > > > I also purged /var/lib/sss/db and restated sssd thinking it might be > related to caching but it didn't help. > > Thanks in advance!
Pavel (CC) might have a better idea but I think we need to see the logs and the ldb cache dump to make sure we're storing the value exactly as we should. -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
