On 13 Feb 2018, at 21:04, Jeff Goddard via FreeIPA-users
<freeipa-users(a)lists.fedorahosted.org> wrote:
First off thanks to everyone who makes FreeIPA. Its an awesome product that we love.
We're working at breaking our application up into micro services and using docker
containers and deployment automation. As part of this I have a deploy user in IPA and a
rundeck server that performs tasks as this user. However, we need this user to be part of
the local docker hosts "docker" group. Is this something I have to do manually
per host? Is it possible to create a docker IPA group that will substitute for the local
docker group and do it all in IPA? Our IPA version is 4.4. The servers are Centos 7.2 and
the clients are ubuntu 16.04 LTS.
Thanks for the insight, references and help,
I’m afraid the answer is ‘possible in general, but not with the versions you are running’,
see
https://sourceware.org/glibc/wiki/Proposals/GroupMerging and
https://sgallagh.wordpress.com/2016/01/28/remote-group-merging-for-fedora/