Thanks Dominik, that did the trick!
___
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/cod
On Fri, Jan 22, 2021 at 05:11:43PM -, Russ Long via FreeIPA-users wrote:
> OK, OK, I had a bad title, but as I mentioned in my original
> message, I've also tried creating a sudo rule that allows all
> commands to be run as
>
> "USER". Anyways, I'm now on to trying to figure out how to make
>
OK, OK, I had a bad title, but as I mentioned in my original message, I've also
tried creating a sudo rule that allows all commands to be run as
"USER". Anyways, I'm now on to trying to figure out how to make the
ipa_sudorule module work with this RunAs user config, since that doesn't seem
to b
On 1/22/2021 10:16 AM, Dominik Vogt via FreeIPA-users wrote:
__
On Fri, Jan 22, 2021 at 03:33:50PM -, Russ Long via FreeIPA-users wrote:
I'm trying to come up with a Sudo rule that will allow a user to
"su" to only a single
Thanks all, I'm trying to do this all in IPA as I have a fleet of boxes this
rule needs to be setup on.
I was able to create the rule in the IPA GUI, but now, trying to create it
using the `ipa_sudorule` Ansible module is giving me fits. I can't figure out
how to add the `Run As User` to the
On Fri, Jan 22, 2021 at 03:33:50PM -, Russ Long via FreeIPA-users wrote:
> I'm trying to come up with a Sudo rule that will allow a user to
> "su" to only a single specified user. I need to give a DBA access
> to the oracle user account.
>
> This serverfault article details exactly what I want
sss_cache -E to invalidate all cache, you can be more refined with other
options.
Regards
Angus
From: Russ Long via FreeIPA-users
Sent: 22 January 2021 16:39
To: freeipa-users@lists.fedorahosted.org
Cc: Russ Long
Subject: [Freeipa-users] Re: Allow "sudo su - U
I edited sudoers by hand however it should give you something to aim towards ...
[root@orable76 ~]# grep angus /etc/sudoers
angus ALL=NOPASSWD: /usr/bin/su - appuser
[root@orable76 ~]# su - angus
Last login: Fri Jan 22 17:01:30 CET 2021 on pts/0
[angus@orable76 ~]$ sudo su - appuser
Last login
And caching is no fun. The second option, to allow all commands to be run as
the specified user works if I wait for the cache to expire.
___
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-user
I'm trying to come up with a Sudo rule that will allow a user to "su" to only a
single specified user. I need to give a DBA access to the oracle user account.
This serverfault article details exactly what I want to do, however this is not
for FreeIPA.
I've tried creating a sudo command that
Hi, I can confirm that the computing for geeks link does work:
https://computingforgeeks.com/how-to-configure-jenkins-freeipa-ldap-authentication/
When testing LDAP settings Jenkins does determine my group membership correctly
however, I cannot see any IPA server groups appearing in the "User/gr
Hi,
I'm stuck since about a week when I updated to latest ipa-server. It
seems to be the same problem as Ian had ("FreeIPA centos8 update
Failed to authenticate to CA REST API"). He seem to resolve this using
a replicate which I dont have.
Any ideas on how I get this to work?
ipa-server-4.8.7-13
12 matches
Mail list logo
