[Freeipa-users] Mount cifs share using kerberos
John Obaterspok
john.obaterspok at gmail.com
Sun Jan 11 10:00:16 UTC 2015
2015-01-10 13:32 GMT+01:00 Gianluca Cecchi <gianluca.cecchi at gmail.com>:
> To get the whole root environment you have to run
> su - root
> did you try with it?
>
ahh... that works fine Gianluca!
Final question, if I have a file on the share like:
[john at ipaserver mountpoint]$ ll test.txt
-rwxr-----. 1 root admins 12 11 jan 10.42 test.txt
Should I be able to access it if I aquire an admin ticket? Currently I get
Permission denied
[john at ipaserver mountpoint]$ id
uid=1434400004(john) gid=1434400004(john) grupper=1434400004(john)
context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
[john at ipaserver mountpoint]$ getfacl test.txt
# file: test.txt
# owner: root
# group: admins
user::rwx
group::r--
other::---
[john at ipaserver mountpoint]$ id admin
uid=1434400000(admin) gid=1434400000(admins) groups=1434400000(admins)
[john at ipaserver mountpoint]$ klist
Ticket cache: KEYRING:persistent:1434400004:krb_ccache_MVjxTqf
Default principal: admin at MY.LAN
Valid starting Expires Service principal
2015-01-11 10:43:52 2015-01-12 10:43:50 krbtgt/MY.LAN at MY.LAN
[john at ipaserver mountpoint]$ cat test.txt
cat: test.txt: Permission denied
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20150111/e4c840a0/attachment.htm>
More information about the Freeipa-users
mailing list