On 12.10.23 09:57, Ronald Wimmer via FreeIPA-users wrote:
We do have two users with the same name. One exists locally. The other
one comes from IPA.
The problem is that the sudo rules also show up for the local user.
I know you do not officially support AIX... but would there probably be
a so
On 21.09.23 20:14, Rob Crittenden via FreeIPA-users wrote:
Ulf Volmer via FreeIPA-users wrote:
So with HBAC I'm able to let a user to run 'vim /etc/fstab' and prevent
him from escaping and start a shell?
That's great! I should try to look into it.
Not really. If you allow
On 21.09.23 19:17, Rob Crittenden via FreeIPA-users wrote:
HBAC can do this better.
HBAC controls who is allowed to use PAM services. sudo-i is a PAM
service. It is allowed now, I'm assuming, because you have the HBAC
allow_all rule enabled.
If you disable or delete it then nobody will do anyth
On 21.09.23 18:21, Nathanaƫl Blanchet via FreeIPA-users wrote:
I don't want my users to become root with simply executing the 'sudo
-i' command so they can execute all root commands. Users should only
execute with sudo the allowed defined commands.
I'm able to prevent them from executing 'sudo s
On 20.09.23 09:05, Jay Smith via FreeIPA-users wrote:
For a test setup I try to get running a FreeIPA server within a docker
container(DinD).
But I get some errors and I don't know why.
1. Create docker in docker container
=> docker run --privileged -itd --name docker_swarm -v
/sys/fs/cgroup:/
