Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

become_method: Add support for ksu #17143

Closed
wants to merge 1 commit into from
Closed

become_method: Add support for ksu #17143

wants to merge 1 commit into from

Conversation

dsommers
Copy link

ISSUE TYPE
  • Feature Pull Request
COMPONENT NAME

playbook/play_context.py

ANSIBLE VERSION

git devel commit 677a34a

SUMMARY

On kerberized systems using ksu will simplify privilege escalation.

The requirements for ksu to work is that the calling user have
a valid kerberos ticket, that the remote system supports GSSAPI
authentication where the kerberos ticket is forwarded and that
the target user have a .k5login file with the kerberos principal
of the user calling ksu listed. With this in place, no password
will be needed.

@dsommers
become_method: Add support for ksu
9c5f7b3 
On kerberized systems using ksu will simplify privilege escalation.

The requirements for ksu to work is that the calling user have
a valid kerberos ticket, that the remote system supports GSSAPI
authentication where the kerberos ticket is forwarded and that
the target user have a .k5login file with the kerberos principal
of the user calling ksu listed.  With this in place, no password
will be needed.
@ansibot ansibot added affects_2.3 This issue/PR affects Ansible v2.3 needs_rebase https://docs.ansible.com/ansible/devel/dev_guide/developing_rebasing.html needs_revision This PR fails CI tests or a maintainer has requested a review/revision of the PR. labels Dec 13, 2016
@ansibot ansibot added needs_rebase https://docs.ansible.com/ansible/devel/dev_guide/developing_rebasing.html and removed needs_rebase https://docs.ansible.com/ansible/devel/dev_guide/developing_rebasing.html labels Jan 2, 2017
@dsommers
Copy link
Author

I see that a similar solution have been merged already from a different contributor in commit d54f527. Closing this one.

@dsommers dsommers closed this Feb 18, 2017
@ansibot ansibot added feature This issue/PR relates to a feature request. and removed feature_pull_request labels Mar 4, 2018
@ansible ansible locked and limited conversation to collaborators Apr 26, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
affects_2.3 This issue/PR affects Ansible v2.3 c:playbook/play_context c:playbook/play feature This issue/PR relates to a feature request. needs_rebase https://docs.ansible.com/ansible/devel/dev_guide/developing_rebasing.html needs_revision This PR fails CI tests or a maintainer has requested a review/revision of the PR.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@dsommers @ansibot @nitzmahone