* when run, the sudo command removes all but a small group of environment
variables. Previously, the Kerberos environment variable KRB5CCNAME was not
among the variables retained. This prevented Kerberos from working with
sudo when credentials not in the standard directory in /tmp were required.
For example, Kerberos could not be used with sudo in a Windows Active
Directory environment. Sudo now retains the KRB5CCNAME environment
variable, allowing Kerberos to work with sudo correctly.