Ok, Thank you. On Tue, May 5, 2015 at 5:35 AM, Pavel Březina <[email protected]> wrote: > On 05/05/2015 10:53 AM, Martin Kosek wrote: >> >> On 05/05/2015 03:37 AM, Megan . wrote: >>> >>> Good Evening! >>> >>> I'm running 3.0.0-42 on Centos 6.6. >>> >>> I setup a number of sudo commands today with regular expressions and >>> now users seem to be having issues running any sudo command. Are >>> there any known issues with having regex in sudo commands within the >>> IPA server? >>> >>> Here is an example of a sudo rule I have setup. When my user runs >>> sudo -ll he only sees the below command, and he should have a large >>> number of commands available (like /sbin/service httpd restart) >>> >>> SSSD Role: deploy for UAT >>> RunAsUsers: appusr >>> Commands: >>> /usr/bin/python /usr/share/appusr/onworld-tools/scripts/configure.py >>> -l [a-zA-Z0-9\-_/]* -e EPSG[0-9][0-9][0-9][0-9] -t [a-z]* >>> /usr/share/appusr/apache-ant-1.9.4/bin/ant -f >>> /usr/share/appusr/onworld-tools/scripts/config_deploy.xml >>> deploy-[a-zA-Z0-9\-] -Denv=uat >>> >>> >>> I also purged /var/lib/sss/db and restated sssd thinking it might be >>> related to caching but it didn't help. >>> >>> Thanks in advance! >>> >> >> CCing Pavel Brezina for reference as the sudo guru, but I think he will >> miss >> more information for your bug. For example, it would help to show the SUDO >> commands for IPA that should be applied for the respective users: >> >> $ ipa sudorule-show ... >> >> Martin >> > > I believe Tomas already provided the correct answer.
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
