On Mon, 22 Feb 2016, Prashant Bapat wrote:
Sorry not an option. I have couple of 1000s of instances. Aside from
switching OS is there any other option? I mean "*" char is allowed in
standard sudo implementation. To me it seems like there should not be a
host name check on sudo hosts.
Sorry not an option. I have couple of 1000s of instances. Aside from
switching OS is there any other option? I mean "*" char is allowed in
standard sudo implementation. To me it seems like there should not be a
host name check on sudo hosts.
On 22 February 2016 at 12:22, Alexander Bokovoy
On Mon, 22 Feb 2016, Prashant Bapat wrote:
SSSD on Amazon linux is a dead end! I have tried since a year without any
definitive answer.
Any other suggestions ?
Switch to CentOS AMIs.
--
/ Alexander Bokovoy
--
Manage your subscription for the Freeipa-users mailing list:
SSSD on Amazon linux is a dead end! I have tried since a year without any
definitive answer.
Any other suggestions ?
Thanks.
--Prashant
On 19 February 2016 at 21:32, Jakub Hrozek wrote:
> On Fri, Feb 19, 2016 at 09:10:19PM +0530, Prashant Bapat wrote:
> > Not using SSSD
On Fri, Feb 19, 2016 at 09:10:19PM +0530, Prashant Bapat wrote:
> Not using SSSD because Amazon Linux does not support samba libraries
> required to compile it.
Time to file a request against Amazon I guess :-)
--
Manage your subscription for the Freeipa-users mailing list:
Not using SSSD because Amazon Linux does not support samba libraries
required to compile it.
On 19 February 2016 at 14:28, Jakub Hrozek wrote:
> On Fri, Feb 19, 2016 at 11:27:16AM +0530, Prashant Bapat wrote:
> > Hi,
> >
> > I'm using FreeIPA 4.1.4 with nss-pam-ldapd and the
Hi,
I'm using FreeIPA 4.1.4 with nss-pam-ldapd and the compat schema.
I'm thinking of moving sudo rules to IPA and with *ou=sudoers* and
sudo-ldap this works.
In our setup we have lot of rules with wildcard matching for sudo
hostnames. For ex webserver*, dbserver* etc.
In the IPA UI, when I