Ubuntu
sudo package

sudo + sssd does not work for IPA hostgroups

Bug #1689796 reported by 4tro
10
This bug affects 2 people
Affects Status Importance Assigned to Milestone
sudo (Ubuntu)
Confirmed
Undecided
Unassigned

Bug Description

As discussed on this page:
https://pagure.io/freeipa/issue/6139

Sudo + SSSD doesn't work with hostgroups.
As suggested, sudo upstream has a fix for this problem in https://www.sudo.ws/repos/sudo/rev/2eab4070dcf7

It looks similar to the issue https://bugs.launchpad.net/bugs/1688034 but is actually different.

1) root@ipa:~# lsb_release -rd
Description: Ubuntu 16.04.2 LTS
Release: 16.04

2)
root@ipa:~# apt-cache policy sudo
sudo:
  Installed: 1.8.16-0ubuntu1.3
  Candidate: 1.8.16-0ubuntu1.3
  Version table:
 *** 1.8.16-0ubuntu1.3 500
        500 http://localapt/ubuntu xenial-updates/main amd64 Packages
        100 /var/lib/dpkg/status
     1.8.16-0ubuntu1 500
        500 http://localapt/ubuntu xenial/main amd64 Packages

3) I expect to be able to grant sudo rights based on IPA hostgroups

4) "testuser is not allowed to run sudo on host.ipa.example.com. This incident will be reported."

See original description
Revision history for this message
4tro (finke-lamein) wrote :

It would be awesome if this could land in both 14.04 and 16.04

4tro (finke-lamein)
description: updated
Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in sudo (Ubuntu):
status: New → Confirmed
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.