From owner-freebsd-current  Sun Mar 10 01:28:08 1996
Return-Path: owner-current
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.3/8.7.3) id BAA07347
          for current-outgoing; Sun, 10 Mar 1996 01:28:08 -0800 (PST)
Received: from grumble.grondar.za (root@grumble.grondar.za [196.7.18.130])
          by freefall.freebsd.org (8.7.3/8.7.3) with ESMTP id BAA07320
          for <current@freebsd.org>; Sun, 10 Mar 1996 01:28:01 -0800 (PST)
Received: from grumble.grondar.za (mark@localhost [127.0.0.1]) by grumble.grondar.za (8.7.4/8.7.3) with ESMTP id LAA16983; Sun, 10 Mar 1996 11:27:27 +0200 (SAT)
Message-Id: <199603100927.LAA16983@grumble.grondar.za>
To: =?KOI8-R?Q?=E1=CE=C4=D2=C5=CA_=FE=C5=D2=CE=CF=D7?= (aka Andrey A.
    Chernov, Black Mage) <ache@astral.msk.su>
cc: gibbs@freefall.freebsd.org (Justin T. Gibbs), current@freebsd.org
Subject: Re: HEADS UP! Please check... 
Date: Sun, 10 Mar 1996 11:27:26 +0200
From: Mark Murray <mark@grondar.za>
Sender: owner-current@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

=?KOI8-R?Q?=E1=CE=C4=D2=C5=CA_=FE=C5=D2=CE=CF=D7?= wrote:
> > What happens if your network is down to your kerberos server and your
> > user.root instance has a different password than your local root account?
> > How do you know which password to give?
> > 
> 
> I fear in this situation you even can't enter su in your client machine.
> It is especially bad on slip machine, because you need to enter
> su password first time to dial to provider to become kerberos
> client next. If it is so, please back out this change.

In both of these cases there is the -K option which tells su not to use
kerberos.

There is a little confusion about what my change actually does. In the
pre-cahnge version of su, the user could be prompted twice for a password.
in the post change version, the user is promped once, and the same
password may be used again _if_necessary_ by the "other" authentication
method (root password in /etc/passwd).

I did post the patch for review before committing it.

M

--
Mark Murray
46 Harvey Rd, Claremont, Cape Town 7700, South Africa
+27 21 61-3768 GMT+0200
Finger mark@grondar.za for PGP key