Hi All, Im having an issue getting a command to run properly, and the issue seems to be with Freeipa sudo permissions. Specifically 'sudo su - app_user -c "<command>"' prompts for a password when run.
However if I 'sudo su - app_user' and then run the '<command>' as app_user, it works fine. example: ``` $ ssh [email protected] Last login: Mon Aug 29 21:36:14 2016 from 10.20.3.15 ryan$ sudo su - app_user -c "df" [sudo] password for ryan: ^C ryan$ sudo su - app_user app_user$ df Filesystem 1K-blocks Used Available Use% Mounted on /dev/sda3 14845784 6667296 7417708 48% / tmpfs 1474228 0 1474228 0% /dev/shm /dev/sda1 487652 81221 380831 18% /boot 10.51.0.34:/srv/nfs/app 287687168 69111040 218576128 25% /var/app 10.51.0.54:/srv/nfs/ipa 16377088 3728640 11809792 24% /home/ipa ap_user$ ``` I have a sudo rule that allows `/bin/su - app_user` and `/bin/su - app_user -c` but I cant get the `-c` to work in a single command. I also tried giving sudo permission to `/bin/bash` in case the `-c` needed it to create a new shell for some reason, but it didn't work. Does anyone have any thoughts on what permissions I might be missing to allow the user to run `sudo su - app_user -c <command>`? Thanks, Ryan
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
