pam_krb5 questions
Russ Allbery
rra at stanford.edu
Thu Jul 15 17:54:59 EDT 2010
Techie <techchavez at gmail.com> writes:
>> I don't know of any reason why it shouldn't work with sudo, but I don't
>> personally use sudo and don't have any simple way to test. I'd need to
>> see the debug log output to understand exactly what it's doing.
> You are right Russ, It was my mistake.
> You don't use sudo! What do you use?
ksu, or probably more accurately, we use Puppet to do all of the regular
configuration management and to ensure services are running, so the small
handful of times when we need root access to debug something, we just ksu
or log in as root.
We do use sudo a few places to grant normal users access to do things like
run specific init scripts, but we always use NOPASSWD for those cases.
--
Russ Allbery (rra at stanford.edu) <http://www.eyrie.org/~eagle/>
More information about the Kerberos
mailing list