URL: https://github.com/SSSD/sssd/pull/366 Title: #366: SUDO: Use initgr_with_views when looking up a sudo user
pbrezina commented: """ Nack. ```bash [root: /dev/shm/sssd]# sss_override user-add user-1 -n tuser1 -u 11111 [root: /dev/shm/sssd]# sss_override group-add group-1 -n tgroup1 [root: /dev/shm/sssd]# id user-1 uid=11111(tuser1) gid=10001(tgroup1) groups=10001(tgroup1),20001(sup-group-1),20002(sup-group-2) ``` ``` Searching sysdb with [(&(objectClass=sudoRule)(sudoUser=+*)(!(|(sudoUser=ALL)(sudoUser=tus...@ldap.pb)(sudoUser=#11111)(sudoUser=%sup-grou...@ldap.pb)(sudoUser=%sup-grou...@ldap.pb)(sudoUser=%grou...@ldap.pb))))] ``` We need to also get the original username and uid to be used in the filter. """ See the full comment at https://github.com/SSSD/sssd/pull/366#issuecomment-327115139
_______________________________________________ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
