On Fri, 17 Dec 2010 16:35:38 +0100 Anders Magnusson <ra...@ltu.se> wrote:
> > This doesn't require you to enter a password for a release, though, > > which I assumed John wanted (it might help to say which specific > > aspects of 'sudo' you're looking for). That is, you can still 'kinit > > foo/admin' and walk away and someone else can vos whatever. > > Eh, how? You loses your pag when kinit exits, so no credentials > left...? As long as you're using that script. Nothing prevents you from acquiring admin credentials manually and then doing whatever you want. I'm also assuming he wants to restrict the user to a certain subset of operations, or to be able to release a certain subset of volumes (like Russ' afs-backend scripts). You can't just give someone an admin principal for that. -- Andrew Deason adea...@sinenomine.net _______________________________________________ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info