From owner-freebsd-current  Sun Mar 10 21:59:36 1996
Return-Path: owner-current
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.3/8.7.3) id VAA02234
          for current-outgoing; Sun, 10 Mar 1996 21:59:36 -0800 (PST)
Received: from grumble.grondar.za (root@grumble.grondar.za [196.7.18.130])
          by freefall.freebsd.org (8.7.3/8.7.3) with ESMTP id VAA02219
          for <freebsd-current@freebsd.org>; Sun, 10 Mar 1996 21:59:26 -0800 (PST)
Received: from grumble.grondar.za (mark@localhost [127.0.0.1]) by grumble.grondar.za (8.7.4/8.7.3) with ESMTP id HAA01535; Mon, 11 Mar 1996 07:58:39 +0200 (SAT)
Message-Id: <199603110558.HAA01535@grumble.grondar.za>
To: Adam David <adam@veda.is>
cc: freebsd-current@freebsd.org
Subject: Re: HEADS UP! Please check... 
Date: Mon, 11 Mar 1996 07:58:39 +0200
From: Mark Murray <mark@grondar.za>
Sender: owner-current@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

Adam David wrote:
> >I have just committed a change to su(1) to better integrate Kerberos
> >into it. BUT, this missive does not apply only to those of you with
> >Kerberos/eBones.
> 
> >The result of this change is that a user will not be prompted for
> >a password again if they get the Kerberos password wrong.
> 
> ubiq [1] % su
> su: kerberos: not in root's ACL.
> ubiq [2] %
> 
> It used to prompt for a normal password and work. This is for all su to group
 0.
> Okay, kerberos is installed but not configured... but shouldn't this work?

No. tell it not to use kerberos with `su -K'.

M
--
Mark Murray
46 Harvey Rd, Claremont, Cape Town 7700, South Africa
+27 21 61-3768 GMT+0200
Finger mark@grondar.za for PGP key