Description of problem:
Options that are valid in /etc/sudoers seem to be invalid in IPA (they need
different formatting). I don't know about from the CL this was all done via web
For example from /etc/sudoers:
mail_badpass, mail_no_host, mail_no_perms, syslog = local2
All on one line, note the space by the =. You can put this into IPA as one sudo
option, there won't be any complaints, nor as far as I can tell any
documentation to to do this, however it won't work:
sudo: unknown defaults entry `mail_badpass, mail_no_host, mail_no_perms, syslog
Each part appears to need to broken into separate entries for ipa, as well it
appears you cannot have spaces surrounding an =.
env_keep = "COLORS DISPLAY EDITOR HOSTNAME HISTSIZE INPUTRC \
KDEDIR LESSSECURE LS_COLORS MAIL PATH PS1 PS2 \
QTDIR USERNAME LANG LC_ADDRESS LC_CTYPE LC_COLLATE \
LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES \
LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE \
LC_TIME LC_ALL LANGUAGE LINGUAS _XKB_CHARSET \
Ain't gonna fly apparently, must remove the spaces. So I would say the options
are, better documentation that you can't have white space there (which is valid
in sudoers) and that each needs to be put into its own "option" in the UI, a
validator to say that it is wrong ala visudo, or allow what is valid sudoers
syntax to work.
Version-Release number of selected component (if applicable):
Ticket would track the UI enhancement.
Changing 3.2 priority
As a data point, in thread https://www.redhat.com/archives/freeipa-users/2014-April/msg00176.html a user reports that env_keep="FOO BAR" doesn't work but this does:
Metadata Update from @dpal:
- Issue assigned to rcritten
- Issue set to the milestone: Future Releases
to comment on this ticket.