From owner-freebsd-current Sun Mar 10 22:32:53 1996 Return-Path: owner-current Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id WAA06500 for current-outgoing; Sun, 10 Mar 1996 22:32:53 -0800 (PST) Received: from veda.is (root@veda.is [193.4.230.1]) by freefall.freebsd.org (8.7.3/8.7.3) with ESMTP id WAA06482 for ; Sun, 10 Mar 1996 22:32:45 -0800 (PST) Received: (from adam@localhost) by veda.is (8.7.4/8.7.3) id GAA16424; Mon, 11 Mar 1996 06:29:48 GMT From: Adam David Message-Id: <199603110629.GAA16424@veda.is> Subject: Re: HEADS UP! Please check... To: mark@grondar.za (Mark Murray) Date: Mon, 11 Mar 1996 06:29:44 +0000 (GMT) Cc: freebsd-current@freebsd.org In-Reply-To: <199603110558.HAA01535@grumble.grondar.za> from Mark Murray at "Mar 11, 96 07:58:39 am" X-Mailer: ELM [version 2.4ME+ PL10 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-current@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > > ubiq [1] % su > > su: kerberos: not in root's ACL. > > ubiq [2] % > > > > It used to prompt for a normal password and work. This is for all su to group > 0. > > Okay, kerberos is installed but not configured... but shouldn't this work? > > No. tell it not to use kerberos with `su -K'. Yes, I have been doing that. It was just a surprise to see the change in this behaviour for the case without the -K. I would expect it to ask for a normal password when kerberos is present but not available (for whatever reason). Or is this considered a security feature, to require non-kerberos handling to be explicitly requested?... but in that case why did the previous version ask for the password twice at all? -- Adam David