[35938] in Kerberos
Re: pan_krb5 not being called by su - root?
daemon@ATHENA.MIT.EDU (Russ Allbery)
Thu Mar 27 14:12:00 2014
From: Russ Allbery <eagle@eyrie.org>
To: Wendy Lin <wendlin1974@gmail.com>
In-Reply-To: <CA+j=ERpdt_EvB+k1NCo6-LjXrq2qZkLPgvPdDftF67dv3tjCXA@mail.gmail.com>
(Wendy Lin's message of "Thu, 27 Mar 2014 19:03:14 +0100")
Date: Thu, 27 Mar 2014 11:11:42 -0700
Message-ID: <87k3bfo6jl.fsf@windlord.stanford.edu>
MIME-Version: 1.0
Cc: "<kerberos@mit.edu>" <kerberos@mit.edu>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
Wendy Lin <wendlin1974@gmail.com> writes:
> No No. I was asking for s su - root, for a plain, normal user. In that
> case pam_krb5 is not called, or does not fill in any tickets. But a
> kinit afterwards as user root does fill in the tickets
I don't know why it would not be called in that case. It certainly
normally is. You can try adding the "debug" parameter to the pam_krb5.so
configuration in PAM, which will give you more verbose syslog logging of
what the module sees and may be helpful in determining exactly what's
happening.
--
Russ Allbery (eagle@eyrie.org) <http://www.eyrie.org/~eagle/>
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
