One further question about SSSD and sudo...is it possible to force a
cache refresh?
There's no mention of sudo in sss_cache(8), and doing "sss_cache -E"
doesn't appear to refresh the rules.
I've made a change to a sudo rule in AD, but it doesn't seem to be
very quick to propagate down to the SSSD client...
John
On 4 October 2016 at 10:52, John Beranek <john(a)redux.org.uk> wrote:
On 4 October 2016 at 10:37, Jakub Hrozek <jhrozek(a)redhat.com>
wrote:
>
> On Tue, Oct 04, 2016 at 10:32:51AM +0100, John Beranek wrote:
> > Hi,
> >
> > I've been following Jakub's useful blog post[1], attempting to get sudo
> > rules into our Active Directory, and usable by sudo via SSSD.
[snip]
> >
> >
> > Thoughts?
>
> Yes, sorry about this, it's a known bug:
>
https://fedorahosted.org/sssd/ticket/3203
> and we are working on a fix..
OK, thanks. Just to confirm, groups specified in the sudo rule are
also being matched with case sensitivity, not just users.
John
--
John Beranek To generalise is to be an idiot.
http://redux.org.uk/ -- William Blake
--
John Beranek To generalise is to be an idiot.
http://redux.org.uk/ -- William Blake