2015-01-10 13:32 GMT+01:00 Gianluca Cecchi <gianluca.cec...@gmail.com>:

> To get the whole root environment you have to run
> su - root
> did you try with it?
>

ahh... that works fine Gianluca!

Final question, if I have a file on the share like:
     [john@ipaserver mountpoint]$ ll test.txt
     -rwxr-----. 1 root admins 12 11 jan 10.42 test.txt

Should I be able to access it if I aquire an admin ticket? Currently I get
Permission denied

[john@ipaserver mountpoint]$ id
uid=1434400004(john) gid=1434400004(john) grupper=1434400004(john)
context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023

[john@ipaserver mountpoint]$ getfacl test.txt
# file: test.txt
# owner: root
# group: admins
user::rwx
group::r--
other::---

[john@ipaserver mountpoint]$ id admin
uid=1434400000(admin) gid=1434400000(admins) groups=1434400000(admins)

[john@ipaserver mountpoint]$ klist
Ticket cache: KEYRING:persistent:1434400004:krb_ccache_MVjxTqf
Default principal: ad...@my.lan

Valid starting       Expires              Service principal
2015-01-11 10:43:52  2015-01-12 10:43:50  krbtgt/my....@my.lan

[john@ipaserver mountpoint]$ cat test.txt
cat: test.txt: Permission denied
-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go To http://freeipa.org for more info on the project

Reply via email to