Bug 465906
| Summary: | Exclude kerberos environement from being removed from sudo. | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 4 | Reporter: | Wade Mealing <wmealing> | ||||
| Component: | sudo | Assignee: | Daniel Kopeček <dkopecek> | ||||
| Status: | CLOSED ERRATA | QA Contact: | BaseOS QE <qe-baseos-auto> | ||||
| Severity: | medium | Docs Contact: | |||||
| Priority: | medium | ||||||
| Version: | 4.7 | CC: | mkoci, mvadkert, riek, sgrubb, tao | ||||
| Target Milestone: | rc | ||||||
| Target Release: | --- | ||||||
| Hardware: | All | ||||||
| OS: | Linux | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||
| Doc Text: |
* when run, the sudo command removes all but a small group of environment
variables. Previously, the Kerberos environment variable KRB5CCNAME was not
among the variables retained. This prevented Kerberos from working with
sudo when credentials not in the standard directory in /tmp were required.
For example, Kerberos could not be used with sudo in a Windows Active
Directory environment. Sudo now retains the KRB5CCNAME environment
variable, allowing Kerberos to work with sudo correctly.
|
Story Points: | --- | ||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2009-02-18 09:55:32 UTC | Type: | --- | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Attachments: |
|
||||||
|
Description
Wade Mealing
2008-10-07 02:21:06 UTC
Created attachment 319609 [details]
Patch to skip on krb5ccname
This request was evaluated by Red Hat Product Management for inclusion, but this component is not scheduled to be updated in the current Red Hat Enterprise Linux release. If you would like this request to be reviewed for the next minor release, ask your support representative to set the next rhel-x.y flag to "?". Release note added. If any revisions are required, please set the "requires_release_notes" flag to "?" and edit the "Release Notes" field accordingly. All revisions will be proofread by the Engineering Content Services team. New Contents: * when run, the sudo command removes all but a small group of environment variables. Previously, the Kerberos environment variable KRB5CCNAME was not among the variables retained. This prevented Kerberos from working with sudo when credentials not in the standard directory in /tmp were required. For example, Kerberos could not be used with sudo in a Windows Active Directory environment. Sudo now retains the KRB5CCNAME environment variable, allowing Kerberos to work with sudo correctly. Reproduced and tested as fixed in sudo-1.6.7p5-30.1.5. The enviroment variable KRB5CCNAME is retained after zero_env function. An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2009-0263.html |