[sudo-users] SudoUsers matching regardless of netgroup
Todd C. Miller
Todd.Miller at courtesan.com
Tue Dec 3 15:26:49 MST 2013
On Tue, 03 Dec 2013 22:00:15 +0000, "Choure, Sidd" wrote:
> Wow, would never have come across that easily. Thanks. I think I am
> getting closer. Now, none of the users are getting sudo access and it
> maybe because of the config option you mentioned in sssd.conf. I added
> ldap_include_netgroups = True but that made no difference.
There may be a bug that prevents "sudo -U otheruser -l" from working
with sssd when matching a user netgroup. You should be able to run
"sudo -l" as that user though.
It's also possible that the netgroup tuple:
(-, schoure, -)
is not matching due to the '-'. You might try:
(,schoure,)
instead.
- todd
More information about the sudo-users
mailing list