Ticket #530 (new defect)
su/sudo shouldn't break if you lose network
Reported by: | geofft | Owned by: | |
---|---|---|---|
Priority: | normal | Milestone: | The Distant Future |
Component: | -- | Keywords: | |
Cc: | Fixed in version: | ||
Upstream bug: |
Description
It is kind of annoying that you cannot become root on a -workstation/-cluster machine if you lose network (in case you needed root access to be able to restore your network connectivity).
I think this is mainly due to losing name service information. The obvious solution is nscd, but that has its own set of problems with nss_nonlocal. Possibly #486 will address this, but I'd like to not wait until we do that development work _and_ switch to LDAP to solve this, if possible.
I don't know if there's anything other than NSS that it's trying to fetch from the network.
Change History
comment:2 Changed 13 years ago by geofft
On the possibly-bad-ideas list is pam_ccreds, which implements the Windows-and-Active-Directory-style solution of caching your password locally for some time so you don't need to go back to the KDC (unless you change your password or something, in which case it falls through and calls pam_krb5).