[19247] in Kerberos
Re: Kerberos-Gssapi-ldap-pam interaction
daemon@ATHENA.MIT.EDU (Tillman)
Wed May 14 12:27:25 2003
Date: Wed, 14 May 2003 10:22:58 -0600
From: Tillman <tillman@seekingfire.com>
To: kerberos@mit.edu
Message-ID: <20030514102258.W29937@seekingfire.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <slrnbc4m4u.325.walter+SP@droopy.sun.efrei.fr>;
from walter+SP@M.efrei.fr on Wed, May 14, 2003 at 02:54:23PM +0000
Errors-To: kerberos-bounces@mit.edu
On Wed, May 14, 2003 at 02:54:23PM +0000, Jerome Walter wrote:
> > Jerome> Finally, is there something special to do to make sudo and
> > Jerome> ssh not requiring entering the password again ?
> > Jerome> try_first_pass does not seem to work...
> >
> > I don't care. I use 'ksu' instead :)
>
> Yep, but my administrator won't give the root password to the students who,
> like me, have some rights to rm, kill, renice or reboot some stations when
> needed (some other students do not use their unix account very properly ;)
`ksu` does that - it has a similar fine-grained control mechanism. A
user could be given the ability to run `rm` but not `passwd`, not
example.
-T
--
To know what one ought to do is not enough.
- Prince Rhombur Vernius
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
