pan_krb5 not being called by su - root?
Wendy Lin
wendlin1974 at gmail.com
Thu Mar 27 14:03:14 EDT 2014
On 27 March 2014 18:50, Russ Allbery <eagle at eyrie.org> wrote:
> Wendy Lin <wendlin1974 at gmail.com> writes:
>
>> Where is the pam config which controls whether pam_krb5 is not called
>> for user root?
>
> On Debian and Ubuntu, it's this part at the top of /etc/pam.d/su:
>
> # This allows root to su without passwords (normal operation)
> auth sufficient pam_rootok.so
No No. I was asking for s su - root, for a plain, normal user. In that
case pam_krb5 is not called, or does not fill in any tickets. But a
kinit afterwards as user root does fill in the tickets
Wendy
More information about the Kerberos
mailing list