From: | Robbie Harwood <rharwood@redhat.com> |
To: | krb5-bugs@mit.edu |
Subject: | ksu does not obey k5login_directory |
Date: | Tue, 26 Apr 2016 15:17:42 -0400 |
ksu does not seem to care about the value of k5login_directory, instead
hardcoding $HOME/.k5login. This looks like so:
[root@kerberos.ravnica x86_64]# grep k5login_directory /etc/krb5.conf
k5login_directory = /etc/k5login
[root@kerberos.ravnica x86_64]# cat /etc/k5login/testuser
rharwood@RAVNICA
[root@kerberos.ravnica x86_64]# strace -f -o /tmp/ksu.out sudo -u rharwood ksu testuser -n rharwood
Authenticated rharwood@RAVNICA
Account testuser: authorization of rharwood@RAVNICA failed
[root@kerberos.ravnica x86_64]# grep k5login /tmp/ksu.out
1492 stat("/home/testuser/.k5login", 0x7ffdc4d07770) = -1 ENOENT (No such file or directory)
[root@kerberos.ravnica x86_64]#
This bug was reported downstream as
https://bugzilla.redhat.com/show_bug.cgi?id=1329998
Thanks!
hardcoding $HOME/.k5login. This looks like so:
[root@kerberos.ravnica x86_64]# grep k5login_directory /etc/krb5.conf
k5login_directory = /etc/k5login
[root@kerberos.ravnica x86_64]# cat /etc/k5login/testuser
rharwood@RAVNICA
[root@kerberos.ravnica x86_64]# strace -f -o /tmp/ksu.out sudo -u rharwood ksu testuser -n rharwood
Authenticated rharwood@RAVNICA
Account testuser: authorization of rharwood@RAVNICA failed
[root@kerberos.ravnica x86_64]# grep k5login /tmp/ksu.out
1492 stat("/home/testuser/.k5login", 0x7ffdc4d07770) = -1 ENOENT (No such file or directory)
[root@kerberos.ravnica x86_64]#
This bug was reported downstream as
https://bugzilla.redhat.com/show_bug.cgi?id=1329998
Thanks!
Message body not shown because it is not plain text.