Am Wed, May 03, 2023 at 12:00:16PM -0000 schrieb Finn Fysj via FreeIPA-users: > I'm trying to setup new IPA server and when I run 'sudo su' I get > prompted with password, which is fine. > However, when I successfully type my password on a RHEL7 instance > running FreeIPA version 4.6 I get a kerberos ticket as the logged-in > user in "root-mode", but when I do the same in the newer IPA instance > I do not get any kerberos ticket when in root. > > How do I get kerberos ticket when I run 'sudo su'?
Hi, the behavior was changed due to https://bugzilla.redhat.com/show_bug.cgi?id=1879869 https://github.com/SSSD/sssd/issues/5660 To switch back to the old behavior you can add pam_response_filter=-ENV:KRB5CCNAME:sudo-i, -ENV:KRB5CCNAME:sudo to the [pam] section in sssd.conf or as snippet in /etc/sssd.d/conf.d. HTH bye, Sumit > _______________________________________________ > FreeIPA-users mailing list -- [email protected] > To unsubscribe send an email to [email protected] > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedorahosted.org/archives/list/[email protected] > Do not reply to spam, report it: > https://pagure.io/fedora-infrastructure/new_issue _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
