Wendy Lin <wendlin1...@gmail.com> writes: > Where is the pam config which controls whether pam_krb5 is not called > for user root?
On Debian and Ubuntu, it's this part at the top of /etc/pam.d/su: # This allows root to su without passwords (normal operation) auth sufficient pam_rootok.so I'm not sure on Red Hat, but there's probably something similar. "sufficient" in PAM configuration means "return success immediately without running the rest of the stack." -- Russ Allbery (ea...@eyrie.org) <http://www.eyrie.org/~eagle/> ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
