pan_krb5 not being called by su - root?
Russ Allbery
eagle at eyrie.org
Thu Mar 27 13:37:07 EDT 2014
Wendy Lin <wendlin1974 at gmail.com> writes:
> Does anyone have a good idea why pam_krb5 does not appear to be called
> for su - root while exec login root calls pam_krb5?
Check /etc/pam.d/su and see if su has special rules that cause it to
bypass your regular PAM configuration. Sometimes it does.
Also, note that su's PAM configuration generally bypasses the rest of the
PAM authentication stack if run as root, so it's normal to not see PAM
auth stack invocations unless you're running that command as a regular
user.
--
Russ Allbery (eagle at eyrie.org) <http://www.eyrie.org/~eagle/>
More information about the Kerberos
mailing list