[32519] in Kerberos
Re: pam_krb5 questions
daemon@ATHENA.MIT.EDU (Russ Allbery)
Thu Jul 15 17:55:45 2010
From: Russ Allbery <rra@stanford.edu>
To: kerberos@mit.edu
In-Reply-To: <AANLkTik89NzLA4w7pVXID7RepUFmoohoF1cNukaU6i_s@mail.gmail.com>
(Techie's message of "Thu, 15 Jul 2010 14:49:59 -0700")
Date: Thu, 15 Jul 2010 14:54:59 -0700
Message-ID: <877hkwquks.fsf@windlord.stanford.edu>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Errors-To: kerberos-bounces@mit.edu
Content-Transfer-Encoding: 8bit
Techie <techchavez@gmail.com> writes:
>> I don't know of any reason why it shouldn't work with sudo, but I don't>> personally use sudo and don't have any simple way to test. I'd need to>> see the debug log output to understand exactly what it's doing.
> You are right Russ, It was my mistake.> You don't use sudo! What do you use?
ksu, or probably more accurately, we use Puppet to do all of the regularconfiguration management and to ensure services are running, so the smallhandful of times when we need root access to debug something, we just ksuor log in as root.
We do use sudo a few places to grant normal users access to do things likerun specific init scripts, but we always use NOPASSWD for those cases.
-- Russ Allbery (rra@stanford.edu) <http://www.eyrie.org/~eagle/>
________________________________________________Kerberos mailing list Kerberos@mit.eduhttps://mailman.mit.edu/mailman/listinfo/kerberos
