On Tue, Jun 25, 2013 at 08:19:11PM +0000, JR Aquino wrote: > On Jun 25, 2013, at 2:52 AM, Martin Kosek <[email protected]> > wrote: > > > On 06/24/2013 03:36 PM, Rob Crittenden wrote: > >> Dean Hunter wrote: > >>> On Mon, 2013-06-24 at 09:07 +0300, Alexander Bokovoy wrote: > >>>> On Sun, 23 Jun 2013, Dean Hunter wrote: > >>>>> Section 14.4. Applying the Configured sudo Policies to Hosts of the > >>>>> FreeIPA Guide, Edition 3.1.5 in the Fedora 18 documentation contains > >>>>> only an example of configuring sudo for use with FreeIPA 2.2. It differs > >>>>> in many regards from QA:Testcase freeipav3 sudo sssd in the Wiki at > >>>>> fedoraproject.org. > >>>>> > >>>>> What instructions should I use to configure an IPA 3.1.5-1 client with > >>>>> sudo? > >>>> This thread should clear it up: > >>>> https://www.redhat.com/archives/freeipa-users/2013-June/msg00064.html > >>>> > >>>> This presentation covers current state: > >>>> http://www.freeipa.org/images/7/77/Freeipa30_SSSD_SUDO_Integration.pdf > >>>> > >>> Thank you for the prompt response! I really appreciate how helpful > >>> y'all are on this list. The slide presentation is especially useful > >>> because of all the explanation. Have you identified a target release for: > >>> > >>> 1) SSSD doesn't support FreeIPA as SUDO provider yet > >> > >> To clarify, this is just to make SSSD use the native IPA schema instead of > >> ou=sudoers. https://fedorahosted.org/sssd/ticket/1108 > > > > Right. When talking about SUDO being able to select SSSD as a source > > database > > (instead of the native LDAP connection), this works already - SSSD reads > > ou=sudoers. There is an RFE ticket targeted to 3.4 already (it also contains > > steps how to configure it manually): > > Is there a specific version of Sudo that supports nsswitch.conf having: sudo > sss?
When speaking of sudo upstream, the first version where the sudo support landed was 1.8.6b4 > > Is that version of Sudo available on RHEL? In 6.4 it is. _______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
