[36002] in Kerberos
Re: root login via Kerberos5 - "User not known to the underlying
daemon@ATHENA.MIT.EDU (Wendy Lin)
Fri Apr 4 12:43:22 2014
MIME-Version: 1.0
In-Reply-To: <1396628995.16364.9.camel@vikktakkht.oh3.sinenomine.net>
Date: Fri, 4 Apr 2014 18:43:09 +0200
Message-ID: <CA+j=ERrVQy=Oj_NQPiZi9D-cbgFXXjhdzPmC9ZhnJUPNBE56Hg@mail.gmail.com>
From: Wendy Lin <wendlin1974@gmail.com>
To: Brandon Allbery <ballbery@sinenomine.net>
Cc: "kerberos@mit.edu" <kerberos@mit.edu>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
On 4 April 2014 18:29, Brandon Allbery <ballbery@sinenomine.net> wrote:
> On Fri, 2014-04-04 at 18:21 +0200, Wendy Lin wrote:
>> On 24 March 2014 11:31, Wendy Lin <wendlin1974@gmail.com> wrote:
>> Of course, I do not know why this suddenly works. Can someone explain
>> this? Why didn't it work when pam_unix came first?
>
> Because root will always have a local account (required for the system
> to operate) and the "sufficient" designation means that authentication
> succeeds at that point without trying other authentication modules.
But why did the other account (test001) had similar issues? Does it
mean I always have to use pam_krb5.so first?
Wendy
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
