IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2024-12-27 09:21:59 -06:00
Code Issues Packages Projects Releases Wiki Activity

Add missing example to sudorule

Browse Source 
https://fedorahosted.org/freeipa/ticket/4090
This commit is contained in:
Martin Kosek 2014-01-15 09:31:37 +01:00
parent 48ffe39b6b
commit 7cc8c3b14b
1 changed files with 20 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
ipalib/plugins/sudorule.py
View File

@ -52,7 +52,26 @@ LDAPTLS_CACERT=/etc/ipa/ca.crt /usr/bin/ldappasswd -S -W \
-h ipa.example.com -ZZ -D "cn=Directory Manager" \
uid=sudo,cn=sysaccounts,cn=etc,dc=example,dc=com
For more information, see the FreeIPA Documentation to Sudo.
EXAMPLES:
Create a new rule:
ipa sudorule-add readfiles
Add sudo command object and add it as allowed command in the rule:
ipa sudocmd-add /usr/bin/less
ipa sudorule-add-allow-command readfiles --sudocmds /usr/bin/less
Add a host to the rule:
ipa sudorule-add-host readfiles --hosts server.example.com
Add a user to the rule:
ipa sudorule-add-user readfiles --users jsmith
Add a special Sudo rule for default Sudo server configuration:
ipa sudorule-add defaults
Set a default Sudo option:
ipa sudorule-add-option defaults --sudooption '!authenticate'
""")
topic = ('sudo', _('Commands for controlling sudo configuration'))