On Sun, Jan 16, 2005 at 07:22:01PM +0100, Emmanuel Dreyfus wrote:
> Jason Thorpe <thorpej@shagadelic.org> wrote:
> 
> > > I use -K or -l when I need to be root _quickly_ during Kerberos
> > > failures (less common than it used to be since I don't hack on
> > > Kerberos itself any more, but I used to have to do it quite a
> > > bit).  I would be annoyed if they disappeared.
> > 
> > So, does that mean we should have -Y (disable YP, in case there are NIS
> > problems) and -H (disable Hesiod, in case there are DNS problems) to 
> > force su to access the local passwd database?
> 
> No, because offering theses will cause us problems with PAM. We already
> have enough with -K which is already there.

Sigh.  I had su -K and passwd -l confused.  I apologize -- it was very
late, and I'd been trying to deal with Panix' domain hijacking all day
(and continued to do so all night.  No luck yet!).

I use both su -K and passwd -l in the case of Kerberos failures.  I find
both invaluable in that situation.  I'd be bummed if they disappeared and
I suspect that others who regularly maintain Kerberos installations would
as well.

Thor