I can't reproduce consistently on any OS including Fedora 20, but I was able to trigger the issue on a Ubuntu 13.10 client.
sssd: 1.11.1 sudo: 1.8.6p3-0ubuntu3 I have only just enabled the sudo logging so it should only contain the events below: [email protected]@ubu1310:~$ sudo su [sudo] password for [email protected]: [email protected] is not allowed to run sudo on ubu1310. This incident will be reported. [email protected]@ubu1310:~$ sudo su [sudo] password for [email protected]: root@ubu1310:/home/miovision.corp/sdainard-admin# Files attached outside of list. Thanks, *Steve Dainard * IT Infrastructure Manager Miovision <http://miovision.com/> | *Rethink Traffic* *Blog <http://miovision.com/blog> | **LinkedIn <https://www.linkedin.com/company/miovision-technologies> | Twitter <https://twitter.com/miovision> | Facebook <https://www.facebook.com/miovision>* ------------------------------ Miovision Technologies Inc. | 148 Manitou Drive, Suite 101, Kitchener, ON, Canada | N2C 1L3 This e-mail may contain information that is privileged or confidential. If you are not the intended recipient, please delete the e-mail and any attachments and notify us immediately. On Mon, Feb 17, 2014 at 3:46 AM, Pavel Březina <[email protected]> wrote: > On 02/16/2014 01:19 AM, Steve Dainard wrote: > >> Just experienced the same issue on Fedora 20: >> >> [[email protected]@fed20 ~]$ sudo systemctl stop firewalld >> [sudo] password for [email protected]: >> [email protected] is not allowed to run sudo on fed20. This >> incident will be reported. >> [[email protected]@fed20 ~]$ sudo systemctl stop firewalld >> [sudo] password for [email protected]: >> [[email protected]@fed20 ~]$ >> >> Sat Feb 15 19:10:30 2014 is the 2nd attempt in the logs (attached). >> >> /var/log/messages: >> Feb 15 19:10:31 fed20 systemd: Stopping firewalld - dynamic firewall >> daemon... >> Feb 15 19:10:31 fed20 systemd: Stopped firewalld - dynamic firewall >> daemon. >> >> >> >> *Steve Dainard * >> IT Infrastructure Manager >> Miovision <http://miovision.com/> | /Rethink Traffic/ >> >> *Blog <http://miovision.com/blog> | **LinkedIn >> <https://www.linkedin.com/company/miovision-technologies> | Twitter >> <https://twitter.com/miovision> | Facebook >> <https://www.facebook.com/miovision>* >> ------------------------------------------------------------------------ >> >> Miovision Technologies Inc. | 148 Manitou Drive, Suite 101, Kitchener, >> ON, Canada | N2C 1L3 >> This e-mail may contain information that is privileged or confidential. >> If you are not the intended recipient, please delete the e-mail and any >> attachments and notify us immediately. >> >> >> On Fri, Feb 14, 2014 at 4:33 PM, Steve Dainard <[email protected] >> <mailto:[email protected]>> wrote: >> >> On a Ubuntu 13.10 client after configuring sssd to provide sudo >> service I left the client idle for a few hours. On returning, I >> unlocked the screensaver and did the following: >> >> [email protected]@ubu1310:~$ sudo su >> [sudo] password for [email protected]: >> [email protected] is not allowed to run sudo on ubu1310. >> This incident will be reported. >> [email protected]@ubu1310:~$ sudo su >> [sudo] password for [email protected]: >> root@ubu1310:/home/miovision.corp/sdainard-admin# >> >> I haven't experienced this on a Fedora 20 or EL client so I'm >> guessing this is something specific to Ubuntu. >> >> I've attached the client sssd log if anyone can point me in the >> right direction. >> >> Thanks, >> >> >> *Steve Dainard * >> IT Infrastructure Manager >> Miovision <http://miovision.com/> | /Rethink Traffic/ >> >> *Blog <http://miovision.com/blog> | **LinkedIn >> <https://www.linkedin.com/company/miovision-technologies> | Twitter >> <https://twitter.com/miovision> | Facebook >> <https://www.facebook.com/miovision>* >> ------------------------------------------------------------ >> ------------ >> >> Miovision Technologies Inc. | 148 Manitou Drive, Suite 101, >> Kitchener, ON, Canada | N2C 1L3 >> This e-mail may contain information that is privileged or >> confidential. If you are not the intended recipient, please delete >> the e-mail and any attachments and notify us immediately. >> > > Hi, > provided logs did not reveal anything bad. Can you also attach > sssd_sudo.log, sssd_nss.log and sssd.conf please? Also what sssd and sudo > version do you run? > > Is this always reproducible or it happens only sporadically? > > Thanks. >
_______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
