>From: fedora-list-bounces@xxxxxxxxxx >[mailto:fedora-list-bounces@xxxxxxxxxx]On Behalf Of Dan >Sent: Monday, November 21, 2005 10:21 PM >To: For users of Fedora Core releases >Subject: Re: Granting su rights to users? Using PAM and Kerberos... > > >On Tue, November 22, 2005 7:12 am, Daniel B. Thurman wrote: >> >> Hmm.. I enabled Kerberos and setup pam files to use kerberos >> authenications, and I also added root principal (root@REALM) >but I am still >> being prevented as a normal user to use 'su' >> > >I am running FC4 with Kerberos and regularly use su (aswell as ksu). > >> I have been all over google and tried to find a solution but there >> was none to be found. I did see for BSD that you can use >the kdb_edit >> command to add per user , root permissions but I think that is for >> Kerberos IV only. >> > >Do your system logs show anything? In particular /var/log/messages and >/var/log/secure. > >> >> I am beginning to wonder if kerberos is even worth it anymore or >> if it is being replaced with something else like the >Directory Service? No >> one seems to be talking much about kerberos in this >newsgroup so it seems. >> > >Kerberos is worth it IMO, as it is the only solution to provide single >sign on under Linux or UNIX systems. > >> >> Anyway - can someone please shed some light here so that >> I can at least su root as a normal user? >> >> >> Kind regards, >> Dan Thurman >> >> > >Cheers, > >Dan > Thanks for responding, Dan. A respondent asked me to see if perhaps /bin/su was in mode 4755 and it wasn't so that was the reason for the denial of su root by a normal user. I guess my /bin and /sbin and who knows where else has improper chmod/chown settings. Need to figure out how to restore these. Kind regards, Dan -- No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.1.362 / Virus Database: 267.13.5/177 - Release Date: 11/21/2005
