Query regarding ksu.
Russ Allbery
rra at stanford.edu
Wed Sep 1 13:25:33 EDT 2010
Use Nas <usenas at gmail.com> writes:
> =======
> Situation :
> =======
> Source User: root
> Target User: non_root_user
> There are no tickets in cache and currently we are logged in as "root" user.
> #ksu non_root_user
> Whats should be the expected behavior of the above command ?
> I believe that if the source user is "root" and target is "non root" &
> there is no ticket in the cache, then the it should prompt for the
> password for "non root" user. If there is ticket in the cache, then it
> doesn't prompt for the password and creates a valid context and ticket.
That sounds right to me, assuming that you mean a ticket for the target
user (not just any ticket).
> However, there is a believe that the we should be able to ksu to all the
> any non-root user ( when logged in as root ) similar to su command. but
If one wants su, I think one should just use su. "root" has no special
meaning for Kerberos, and the above behavior seems more useful to me for
ksu.
--
Russ Allbery (rra at stanford.edu) <http://www.eyrie.org/~eagle/>
More information about the Kerberos
mailing list