In message <[EMAIL PROTECTED]> you write:
}
} I'm sure I've seen this somewhere, but can't find it at the moment - has
} someone modified "sudo" so that it uses (AFS) Kerberos passwords rather
} than looking in /etc/passwd?
}
I took sudo-1.1.1 (yech! icky code.) looooong ago (back in the days of
AFS 3.1), and hacked at it some to add AFS functionality.
I added:
1> Support for AFS authentication. [a call to ka_UserAuthenticate()]
2> Support for UNIX groups and PTS groups to be recipients of
sudo privs. (eg. let the members of its:operators have sudo
on reboot, etc.)
3> The ability to Host_Aliases consisting of Host_Aliases. (which
that version did not have. Perhaps newer versions do allow that
now.)
4> A very ugly -list option, to allow someone to list the possible
list of privs they had.
The code was more complicated that it need to be to start with, and
I don't think what I did helped it any! :-) But it seems to work.
You can pick up this version from:
/afs/rpi.edu/campus/other/sudo/1.1.1/common/src/
Good luck,
-Shiva
-=-
UNIX Systems Programmer, Rensselaer Polytechnic Institute, Troy NY 12180.
Phone: (518) 276 8733. Fax: (518) 276 2809. Internet: [EMAIL PROTECTED]
