[sudo-users] Warning email when listing sudo perms
Paul Cantle
paul at cantle.me
Wed Dec 2 13:52:01 MST 2015
Hi,
Doesn’t seem to be the case with sssd.
I already have a root sudoRole (apologies, I referenced it as a “container” in my original email) and it was populated with some sudoAttributes, etc. I have cleared all sudo*attributes from it and restarted sssd.
Now it looks like this
sudoCommand = NULL
sudoHost = NULL
sudoNotAfter = NULL
sudoNotBefore = NULL
SudoOption = NULL
sudoOrder = NULL
sudoRunAs = NULL
sudoRunAsGroup = NULL
sudoRunAsUser = NULL
sudoUser = NULL
I executed a sudo -l (as root).
I still got the warning mail and the following still appears in the debug log
Dec 2 20:48:07 sudo[23093] sudo_sss_lookup(52)=0x62
Rgds
Paul
On 02/12/2015, 20:39, "Todd C. Miller" <Todd.Miller at courtesan.com> wrote:
>On Wed, 02 Dec 2015 13:18:57 -0700, "Todd C. Miller" wrote:
>
>> OK, that confirms it--the flags for no such user and no such host
>> are set. I don't think there is a configuration workaround for
>> this.
>
>Actually, just adding a sudoRole for root would avoid the problem.
>For the LDAP backend a sudoRole with no sudoCommand does the trick.
>I would expect it to work for SSSD as well.
>
> - todd
More information about the sudo-users
mailing list