Those packages are installed. The second part is against what I am trying to accomplish. My sudo rule is already created in IPA. I just need SSSD to fetch it.
Thanks, Brian On Mar 21, 2013, at 8:37 PM, John Moyer <[email protected]> wrote: > I had sudo issues similar to this, I can't remember the exact fix. I have > the following two things in my notes. The second command would obviously > need you to add the people you want to be able to sudo to the admins group > after you add this. > > yum install ipa-client fprintd-pam -y > echo "%admins ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers > > > Thanks, > _____________________________________________________ > John Moyer > > > On Mar 21, 2013, at 11:27 PM, Brian Cook <[email protected]> wrote: > >> Running F18 and following the instructions here: >> http://jhrozek.fedorapeople.org/sssd/1.9.1/man/sssd-sudo.5.html >> >> When I try to run sudo -l as any user I get the following error: >> >> bash-4.2$ sudo -l >> sudo: Unable to dlopen /usr/lib64/libsss_sudo.so: (null) >> sudo: Unable to initialize SSS source. Is SSSD installed on your machine? >> >> >> Nothing particularly interesting in the log with debug at 5. >> >> Can someone point me in the right direction? >> >> Thanks, >> Brian >> >> >> sssd.conf: >> >> [domain/example.com] >> debug_level = 5 >> cache_credentials = True >> krb5_store_password_if_offline = True >> ipa_domain = example.com >> id_provider = ipa >> auth_provider = ipa >> access_provider = ipa >> ipa_hostname = ipadevel.example.com >> chpass_provider = ipa >> ipa_server = ipadevel.example.com >> ldap_tls_cacert = /etc/ipa/ca.crt >> >> sudo_provider = ldap >> ldap_uri = ldap://ipadevel.example.com >> ldap_sudo_search_base = ou=sudoers,dc=example,dc=com >> ldap_sasl_mech = GSSAPI >> ldap_sasl_authid = host/ipadevel.example.com >> ldap_sasl_realm = EXAMPLE.COM >> krb5_server = ipadevel.example.com >> >> >> [sssd] >> services = nss, pam, ssh, sudo >> config_file_version = 2 >> domains = example.com >> >> [nss] >> >> [pam] >> >> [sudo] >> debug_level=5 >> >> [autofs] >> >> [ssh] >> >> [pac] >> >> >> _______________________________________________ >> Freeipa-users mailing list >> [email protected] >> https://www.redhat.com/mailman/listinfo/freeipa-users >
_______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
