On 06/24/2013 03:36 PM, Rob Crittenden wrote: > Dean Hunter wrote: >> On Mon, 2013-06-24 at 09:07 +0300, Alexander Bokovoy wrote: >>> On Sun, 23 Jun 2013, Dean Hunter wrote: >>> >Section 14.4. Applying the Configured sudo Policies to Hosts of the >>> >FreeIPA Guide, Edition 3.1.5 in the Fedora 18 documentation contains >>> >only an example of configuring sudo for use with FreeIPA 2.2. It differs >>> >in many regards from QA:Testcase freeipav3 sudo sssd in the Wiki at >>> >fedoraproject.org. >>> > >>> >What instructions should I use to configure an IPA 3.1.5-1 client with >>> >sudo? >>> This thread should clear it up: >>> https://www.redhat.com/archives/freeipa-users/2013-June/msg00064.html >>> >>> This presentation covers current state: >>> http://www.freeipa.org/images/7/77/Freeipa30_SSSD_SUDO_Integration.pdf >>> >> Thank you for the prompt response! I really appreciate how helpful >> y'all are on this list. The slide presentation is especially useful >> because of all the explanation. Have you identified a target release for: >> >> 1) SSSD doesn't support FreeIPA as SUDO provider yet > > To clarify, this is just to make SSSD use the native IPA schema instead of > ou=sudoers. https://fedorahosted.org/sssd/ticket/1108
Right. When talking about SUDO being able to select SSSD as a source database (instead of the native LDAP connection), this works already - SSSD reads ou=sudoers. There is an RFE ticket targeted to 3.4 already (it also contains steps how to configure it manually): https://fedorahosted.org/freeipa/ticket/3358 > >> 2) A command line tool to preform the client configuration > > https://fedorahosted.org/freeipa/ticket/3358 > > rob > > _______________________________________________ > Freeipa-users mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/freeipa-users _______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
