CRac example usage
Gabriele Cardosi
gcardosi at redhat.com
Thu Nov 3 10:25:16 UTC 2022
Hi guys,
I confirm that it works with `*sudo*`, but (at least for rhel 8.6) this is
what I had to do
1) create a "custom" authselect profile (I called it "crac" - see
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/configuring_authentication_and_authorization_in_rhel/configuring-user-authentication-using-authselect_configuring-authentication-and-authorization-in-rhel#creating-and-deploying-your-own-authselect-profile_configuring-user-authentication-using-authselect
)
2) load it with "*sudo authselect select custom/crac*"
3) start springboot application with "sudo"
There is still something not clear to me, i.e. on rhel 8.6 the default
authprofile is "sssd", so probably the following is true
*"If you run it without sudo and your non-root user is only available by
SSS(NIS?) the workaround will not work."*
so, even creating a "custom" profile, I have to run as "sudo".
Anyway, many thanks for the help, now I can keep going on with it!
Bye for now
On Thu, Nov 3, 2022 at 7:36 AM Anton Kozlov <akozlov at azul.com> wrote:
> On 11/2/22 21:25, Jan Kratochvil wrote:
> > https://mail.openjdk.org/pipermail/crac-dev/2022-January/000079.html
> > passwd: sss files systemd
> > group: sss files systemd
> > ->
> > passwd: files sss systemd
> > group: files sss systemd
> Thanks for the link.
>
> Does it help to remove "sss" from the list?
>
> Thanks,
> Anton
>
>
--
GABRIELE CARDOSI
SENIOR SOFTWARE ENGINEERS, MW
Red Hat Ltd <https://www.redhat.com/>
gcardosi at redhat.com M: +39-3461717132
<https://red.ht/sig>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/crac-dev/attachments/20221103/fe332289/attachment.htm>
More information about the crac-dev
mailing list