Mailing List Archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tlug] openldap and su



Hi Christian
> > I need to implement kerberos or remove root from
> > certain users for certain machines
> 
> Ok, what i suspected, you export the homedirs via
> nfs and that relies
> just on the uid-information it gets from the client.
> Having the client properly authenticate for the
> mount i.e. with ker-
> beros and nfsv4 should work, i hope the clients in
> your environment 
> already support this already.
I`ve to support RH7.2 so will run tests on it but
can workaround it.

I should have looked at your web site beforehand
http://www.fluxcoil.net and "freeipa"


> 
> Another idea could be to put a crypto-container into
> each homedir
> and having the user manually mount it by hand once
> logged in or having
> this done by an other pam-module.
I was thinking of truecrypt(due to windows support as
well) but i leave that as a last option

Will try kerberos over the Golden week 

thank
g
> 
> Christian
> 
> -- 
> To unsubscribe from this mailing list, 
> please see the instructions at
> http://www.tlug.jp/list.html
> 
> Please visit our sponsor at
> http://www.primustel.co.jp/tlug/
> 



      ____________________________________________________________________________________
Be a better friend, newshound, and 
know-it-all with Yahoo! Mobile.  Try it now.  http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ


Home | Main Index | Thread Index

Home Page Mailing List Linux and Japan TLUG Members Links