[OpenAFS-devel] Get no token when su-ing with sudo
Frank Bagehorn
FBA@zurich.ibm.com
Tue, 26 Mar 2002 18:24:57 +0100
Hi,
I run in a problem with sudo. (The machine runs OpenAFS 1.2.3 on a RH 7.1,
latest RH fix kernel.)
Having a token I run 'sudo su -' (which knows about the pam_afs). It'll
ask me for my AFS password
and then do the su command. I end up being root without having a token any
longer.
[heidegg]/u/fba1$ tokens
Tokens held by the Cache Manager:
User's (AFS ID 24642) tokens for afs@zurich.ibm.com [Expires Mar 27 06:27]
--End of list--
[tarasp]/u/fba1$ sudo su -
AFS Password:
[root@heidegg /root]# tokens
Tokens held by the Cache Manager:
--End of list--
[root@heidegg /root]#
I type 'exit' and do the same thing again. This time sudo will not ask for
the password (since it's configured to
ask only it's >10 min since the last sudo command), I become root and
(surprise!) this time I still have my token.
[heidegg]/u/fba1$ tokens
Tokens held by the Cache Manager:
User's (AFS ID 24642) tokens for afs@zurich.ibm.com [Expires Mar 27 06:27]
--End of list--
[heidegg]/u/fba1$ sudo su -
[root@heidegg /root]# tokens
Tokens held by the Cache Manager:
User's (AFS ID 24642) tokens for afs@zurich.ibm.com [Expires Mar 27 06:27]
--End of list--
[root@heidegg /root]#
This strangely remembers me the problem with ssh in version 1.2.2 . Does
sudo use different code in pam_afs,
or what could be the reason ?
Regards
Frank
----------------------------------------------------------------------
Dr. Frank Bagehorn
IBM Zurich Research Lab.
Saeumerstr. 4
CH-8803 Rueschlikon
Switzerland
----------------------------------------------------------------------
SMTP: fba@zurich.ibm.com
Notes: Frank Bagehorn/Zurich/IBM@IBMCH
phone: ++41 (01) 724 83 23 fax: ++41 (01) 724 89 59