[sudo-users] Sudo and kerberos's ticket
JR.Aquino at citrix.com
Fri Apr 8 11:29:52 EDT 2011
On Apr 8, 2011, at 8:05 AM, "Stefano Elmopi" <stefano.elmopi at sociale.it> wrote:
> I'm setting up a centralized Kerberos/LDAP authentication system and trying to get sudo to use
> Kerberos's ticket, without asking for password when I use it, typing the password, everything works.
> I enter into the server with the Kerberos's ticket and I wish that when I type the commands
> permitted by the sudo, sudo use Kerberos's ticket.
> Is it possible ??
> My SO is CentOS release 5.5 and Sudo version 1.7.2p1 and is the default package of the distribution.
To the best of my knowledge, you need to manually set this option at compile time. I don't believe it's setup by default in the rpm.
Also, if you are trying to centralize Ldap/Kerberos and Sudo, I might suggest looking at http://freeipa.org (Identity, Policy, Audit)
It provides a framework method for administering ldap, Kerberos, and Sudo both with cli and webui.
Info. Security Specialist
Jr.Aquino at citrixonline.com
More information about the sudo-users