Login
[x]
Log in using an account from:
Fedora Account System
Red Hat Associate
Red Hat Customer
Or login using a Red Hat Bugzilla account
Forgot Password
Login:
Hide Forgot
Create an Account
Red Hat Bugzilla – Attachment 918075 Details for
Bug 1111121
[RFE] ipa-client-install should configure sudo automatically
[?]
New
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
|
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh83 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
This site requires JavaScript to be enabled to function correctly, please enable it.
snip from automation log
automation.log (text/x-log), 10.22 KB, created by
Kaleem
on 2014-07-15 08:08:10 UTC
(
hide
)
Description:
snip from automation log
Filename:
MIME Type:
Creator:
Kaleem
Created:
2014-07-15 08:08:10 UTC
Size:
10.22 KB
patch
obsolete
>:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: >:: [ LOG ] :: Setup for sudo functional tests on separate client >:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: > >ipa-admintools-3.0.0-42.el6.x86_64 >:: [ PASS ] :: ipa-admintools package is installed >ipa-client-3.0.0-42.el6.x86_64 >:: [ PASS ] :: ipa-client package is installed >:: [ PASS ] :: Creating tmp directory (Expected 0, got 0) >/tmp/tmp.y38oPFFZUX /mnt/tests/ipa-server/rhel66/ipa-sudo >:: [ PASS ] :: Running 'pushd /tmp/tmp.y38oPFFZUX' (Expected 0, got 0) >dell-pem610-01.testrelm.test >:: [ 00:15:08 ] :: creating expect file to add dell-pem610-01.testrelm.test to known hosts file >:: [ 00:15:08 ] :: Running expect script to add dell-pem610-01.testrelm.test to known hosts file > >MARK-LWD-LOOP -- 2014-07-15 00:15:16 -- >:: [ 00:16:44 ] :: creating expect file to add ibm-x3650m4-01-vm-06.testrelm.test to known hosts file >:: [ 00:16:44 ] :: Running expect script to add ibm-x3650m4-01-vm-06.testrelm.test to known hosts file >:: [ PASS ] :: Stop the firewall on the client (Expected 0, got 0) >:: [ PASS ] :: Running 'sed -i '/sudoers/d' /etc/nsswitch.conf' (Expected 0, got 0) >:: [ PASS ] :: File '/etc/nsswitch.conf' should not contain 'sudoers' >:: [ PASS ] :: Running 'echo "sudoers: files sss" >> /etc/nsswitch.conf' (Expected 0, got 0) >:: [ PASS ] :: Running 'nisdomainname testrelm.test' (Expected 0, got 0) >passwd: files sss >shadow: files sss >group: files sss >hosts: files dns >bootparams: nisplus [NOTFOUND=return] files >ethers: files >netmasks: files >networks: files >protocols: files >rpc: files >services: files sss >netgroup: files sss >publickey: nisplus >automount: files sss >aliases: files nisplus >sudoers: files sss >:: [ PASS ] :: Running 'grep ^[^#] /etc/nsswitch.conf' (Expected 0, got 0) > > >:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: >:: [ LOG ] :: sudorule-offline-caching-deny-command >:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: > >spawn /usr/bin/kinit -V admin >Using default cache: /tmp/krb5cc_0 >Using principal: admin@TESTRELM.TEST >Password for admin@TESTRELM.TEST: >Authenticated to Kerberos v5 >Default principal: admin@TESTRELM.TEST >:: [ 00:20:44 ] :: kinit as admin with password Secret123 was successful. >:: [ PASS ] :: Kinit as admin user (Expected 0, got 0) > Rule name: sudorule1 > Enabled: TRUE > Users: user1 > Hosts: dell-pem610-01.testrelm.test > Sudo Deny Commands: /bin/uname >------------------------- >Number of members added 1 >------------------------- >:: [ PASS ] :: Running 'ipa sudorule-add-deny-command --sudocmds=/bin/uname sudorule1' (Expected 0, got 0) >Stopping sssd: [ OK ] >Starting sssd: [ OK ] >:: [ PASS ] :: Running 'rm -rf /var/lib/sss/db/*;service sssd restart;sleep 3' (Expected 0, got 0) >#!/usr/bin/expect -f > >set timeout 30 >set send_slow {1 .1} >match_max 100000 > >spawn ssh -o StrictHostKeyChecking=no -l user1 dell-pem610-01.testrelm.test >expect "*: " >send -s "Secret123\r" >expect "*$ " >send -s "sudo -l > /tmp/sudo_list_client_26868.out 2>&1 \r" >expect "user1: " >send -s "Secret123\r" >expect "*$ " >send -s "sudo -u root uname >> /tmp/sudo_list_client_26868.out 2>&1 \r" >expect eof >spawn ssh -o StrictHostKeyChecking=no -l user1 dell-pem610-01.testrelm.test >user1@dell-pem610-01.testrelm.test's password: >Last login: Tue Jul 15 00:19:45 2014 from dell-pem610-01.testrelm.test > >** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** > This System is part of the Red Hat Test System. > > Please do not use this system for individual unit testing. > > RHTS Test information: > HOSTNAME=dell-pem610-01.rhts.eng.bos.redhat.com > JOBID=694076 > RECIPEID=1443409 > LAB_SERVER= > RESULT_SERVER=127.0.0.1:7092 > DISTRO=RHEL-6.6-20140714.n.1 >** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** >Could not chdir to home directory /home/user1: No such file or directory >-sh-4.1$ sudo -l > /tmp/sudo_list_client_26868.out 2>&1 >[sudo] password for user1: >-sh-4.1$ sudo -u root uname >> /tmp/sudo_list_client_26868.out 2>&1 >-sh-4.1$ dell-pem610-01.testrelm.test >Connecting to dell-pem610-01.testrelm.test... >Fetching /tmp/sudo_list_client_26868.out to /tmp/sudo_list.out >:: [ PASS ] :: Running 'sudo_list_client user1 root uname' (Expected 0, got 0) >:: [ PASS ] :: File '/tmp/sudo_list.out' should contain 'User user1 may run the following commands on this host:' >:: [ PASS ] :: File '/tmp/sudo_list.out' should contain 'Sorry, user user1 is not allowed to execute '/bin/uname' as root' >:: [ PASS ] :: File '/tmp/sudo_list.out' should contain '(root) !/bin/uname' >Matching Defaults entries for user1 on this host: > requiretty, !visiblepw, always_set_home, env_reset, env_keep="COLORS > DISPLAY HOSTNAME HISTSIZE INPUTRC KDEDIR LS_COLORS", env_keep+="MAIL PS1 > PS2 QTDIR USERNAME LANG LC_ADDRESS LC_CTYPE", env_keep+="LC_COLLATE > LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES", env_keep+="LC_MONETARY > LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE", env_keep+="LC_TIME LC_ALL > LANGUAGE LINGUAS _XKB_CHARSET XAUTHORITY", > secure_path=/sbin\:/bin\:/usr/sbin\:/usr/bin > >User user1 may run the following commands on this host: > (root) !/bin/uname >Sorry, user user1 is not allowed to execute '/bin/uname' as root on dell-pem610-01.testrelm.test. >:: [ PASS ] :: Running 'cat /tmp/sudo_list.out' (Expected 0, got 0) >Stopping pki-ca: [ OK ] >Stopping httpd: [ OK ] >Stopping ipa_memcached: [ OK ] >Stopping named: .[ OK ] >Stopping Kerberos 5 Admin Server: [ OK ] >Stopping Kerberos 5 KDC: [ OK ] >Shutting down dirsrv: > PKI-IPA...[ OK ] > TESTRELM-TEST...[ OK ] >Stopping CA Service >Stopping HTTP Service >Stopping MEMCACHE Service >Stopping DNS Service >Stopping KPASSWD Service >Stopping KDC Service >Stopping Directory Service >:: [ PASS ] :: Running 'stop_ipa_master' (Expected 0, got 0) >#!/usr/bin/expect -f > >set timeout 30 >set send_slow {1 .1} >match_max 100000 > >spawn ssh -o StrictHostKeyChecking=no -l user1 dell-pem610-01.testrelm.test >expect "*: " >send -s "Secret123\r" >expect "*$ " >send -s "sudo -l > /tmp/sudo_list_client_4586.out 2>&1 \r" >expect "user1: " >send -s "Secret123\r" >expect "*$ " >send -s "sudo -u root uname >> /tmp/sudo_list_client_4586.out 2>&1 \r" >expect eof >spawn ssh -o StrictHostKeyChecking=no -l user1 dell-pem610-01.testrelm.test >user1@dell-pem610-01.testrelm.test's password: >Last login: Tue Jul 15 00:20:55 2014 from dell-pem610-01.testrelm.test > >** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** > This System is part of the Red Hat Test System. > > Please do not use this system for individual unit testing. > > RHTS Test information: > HOSTNAME=dell-pem610-01.rhts.eng.bos.redhat.com > JOBID=694076 > RECIPEID=1443409 > LAB_SERVER= > RESULT_SERVER=127.0.0.1:7092 > DISTRO=RHEL-6.6-20140714.n.1 >** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** >Could not chdir to home directory /home/user1: No such file or directory >-sh-4.1$ sudo -l > /tmp/sudo_list_client_4586.out 2>&1 >[sudo] password for user1: >-sh-4.1$ sudo -u root uname >> /tmp/sudo_list_client_4586.out 2>&1 >-sh-4.1$ dell-pem610-01.testrelm.test >Connecting to dell-pem610-01.testrelm.test... >Fetching /tmp/sudo_list_client_4586.out to /tmp/sudo_list.out >:: [ PASS ] :: Running 'sudo_list_client user1 root uname' (Expected 0, got 0) >:: [ PASS ] :: File '/tmp/sudo_list.out' should contain 'User user1 may run the following commands on this host:' >:: [ PASS ] :: File '/tmp/sudo_list.out' should contain 'Sorry, user user1 is not allowed to execute '/bin/uname' as root' >:: [ PASS ] :: File '/tmp/sudo_list.out' should contain '(root) !/bin/uname' >Matching Defaults entries for user1 on this host: > requiretty, !visiblepw, always_set_home, env_reset, env_keep="COLORS > DISPLAY HOSTNAME HISTSIZE INPUTRC KDEDIR LS_COLORS", env_keep+="MAIL PS1 > PS2 QTDIR USERNAME LANG LC_ADDRESS LC_CTYPE", env_keep+="LC_COLLATE > LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES", env_keep+="LC_MONETARY > LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE", env_keep+="LC_TIME LC_ALL > LANGUAGE LINGUAS _XKB_CHARSET XAUTHORITY", > secure_path=/sbin\:/bin\:/usr/sbin\:/usr/bin > >User user1 may run the following commands on this host: > (root) !/bin/uname >Sorry, user user1 is not allowed to execute '/bin/uname' as root on dell-pem610-01.testrelm.test. >:: [ PASS ] :: Running 'cat /tmp/sudo_list.out' (Expected 0, got 0) >Starting dirsrv: > PKI-IPA...[ OK ] > TESTRELM-TEST...[ OK ] >Starting Kerberos 5 KDC: [ OK ] >Starting Kerberos 5 Admin Server: [ OK ] >Starting named: [ OK ] >Starting ipa_memcached: [ OK ] >Starting httpd: [ OK ] >Starting pki-ca: [ OK ] >Starting Directory Service >Starting KDC Service >Starting KPASSWD Service >Starting DNS Service >Starting MEMCACHE Service >Starting HTTP Service >Starting CA Service >:: [ PASS ] :: Running 'start_ipa_master' (Expected 0, got 0) > Rule name: sudorule1 > Enabled: TRUE > Users: user1 > Hosts: dell-pem610-01.testrelm.test >--------------------------- >Number of members removed 1 >--------------------------- >:: [ PASS ] :: Running 'ipa sudorule-remove-deny-command --sudocmds=/bin/uname sudorule1' (Expected 0, got 0) >:: [ PASS ] :: Running 'rm -fr /tmp/sudo_list.out' (Expected 0, got 0)
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=918075">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 1111121
: 918075