Andrew Meyer wrote: > Yes, but what about adding the hostgroup to the sudo policy? Do I still > need to add the netgroup instead?
sudorule-add-host Add hosts and hostgroups affected by Sudo Rule. hostgroups are represented as netgroups. rob > > > On Wednesday, April 18, 2018 10:17 AM, Rob Crittenden via FreeIPA-users > <freeipa-users@lists.fedorahosted.org> wrote: > > > Andrew Meyer via FreeIPA-users wrote: >> Hello, >> I have been doing a lot of research on trying to get host groups to work >> with sudoers policies. However I'm finding that this can't be done and >> the only achieved by using netgroups. Is this true? I just would >> like some validation/confirmation before I go to far down the rabbit hole. > > A hostgroup automatically creates a netgroup of the same name. Lookups > are done on the end system as a netgroup so you need to be sure that the > NIS domainname is set (should be done automatically by ipa-client-install). > > rob > > _______________________________________________ > FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org > <mailto:freeipa-users@lists.fedorahosted.org> > To unsubscribe send an email to > freeipa-users-le...@lists.fedorahosted.org > <mailto:freeipa-users-le...@lists.fedorahosted.org> > > _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
