Content-Type: text/plain; charset="UTF-8" Content-Length: 963 Yes, this is our goal, we already have services in execution on each host, for this reason ksu seems to fit well our needs but the fact it needs the TGTs is the only defect. I have never heard about this remctl, very interesting, I'll check it immediately. Great! Regards On 21 November 2017 at 22:00, Greg Hudson via RT wrote: > I can look into changing the code's behavior, but not on any specific > time table. ksu isn't a terribly high priority component for the > project. > > From your stated security motivation, it sounds like you are building a > scripted or programmatic system on top of ksu to allow specific > operations to be performed at an escalated privilege level. I don't > think ksu makes a great building block. Without knowing the full > parameters of the system I can't say what would make a better building > block, but perhaps remctl ( > https://www.eyrie.org/~eagle/software/remctl/ ) would be better. >