File klsu.1 of Package klsu

.Dd $Mdocdate$
.Dt KLSU 1 "MIT Kerberos"
.Os AKSW 1.0
.as doc-volume MIT Kerberos
.Sh NAME
.Nm klsu
.Nd Kerberized Group-based super-user
.Sh SYNOPSIS
.Nm klsu
.Bk -words
.\" klsu [-n principal] [-c source cachename] [-k] [-zZ] [-q] [-a command [args... ] ]
.Op Fl n Ar principal
.Op Fl c Ar "source cachename"
.Op Fl kzZq
.Op Fl a Ar command Op Ar args...
.Ek
.Sh DESCRIPTION
.Nm
is a Kerberized version of the su program that allows the user to
become root if they are a member of the
.Pf % Ar hostname Ns
-admins group.
.Sh AUTHENTICATION
To authenticate to
.Nm ,
the user first needs to be in the possession of a valid
ticket-granting ticket.  Such a ticket can be obtained using
.Xr kinit 1 .
.Sh AUTHORIZATION
The user is granted the right to become root when they are members of
the
.Pf % Ar hostname Ns
-admins group.  The contents of this group can be viewed
with
.Ql "ldgroups -l admins" .
.Pp
For further possibilities to authorize users based on their Kerberos accounts, see
.Xr ksu 1 .
.Sh EXECUTION OF THE TARGET SHELL
Upon successful authentication and authorization,
.Nm
proceeds in a similar fashion to su.  The environment is unmodified
with the exception of the HOME and SHELL variables.  HOME and SHELL are
set to the target login's default values.  In addition, the
environment variable KRB5CCNAME gets set to the name of the target
cache.  The real and effective user ID are changed to root.  The root
shell is then invoked (the shell name is specified in the password
file).  Upon termination of the shell,
.Nm
deletes the target cache
(unless
.Nm
is invoked with the
.Fl k
option).  This is implemented by first doing a
fork and then an exec, instead of just exec, as done by su.
.Sh CREATING A NEW SECURITY CONTEXT
.Nm
can be used to create a new security context for the target program
(either the target shell, or command specified via the
.Fl a
option).  The target program inherits a set of credentials from the
source user.  By default, this set includes all of the credentials in
the source cache.  The
.Fl Z
option provides the target user with a fresh target cache (no creds in
the cache).
.Sh OPTIONS
.Bl -tag -width X
.It Fl n Ar "target principal name"
Specify a Kerberos target principal name.  Used in authentication and
authorization phases of
.Nm .
.Pp
If
.Nm
is invoked without
.Fl n ,
.Nm
defaults to the default principal name of the source cache.
.It Fl c Ar "source cache name"
Specify source cache name (e.g.,
.Ql "-c FILE:/tmp/my_cache" Ns
).
If
.Fl c
option is not used then the name is obtained from
.Ev KRB5CCNAME
environment variable.  If
.Ev KRB5CCNAME
is not defined the source cache name is set to
.Dv krb5cc_ Ns Aq source uid .
The target cache name is automatically set to
.Dv krb5cc_ Ns Aq target uid Ns
.Dv .(gen_sym()) ,
where
.Dv gen_sym
generates a new number such that the resulting cache does not already
exist.
.It Fl k
Do not delete the target cache upon termination of the target shell or
a command
.No ( Ns
.Fl e Ar command Ns
).  Without
.Fl k ,
ksu deletes the target cache.
.It Fl z
Restrict the copy of tickets from the source cache to the target
cache.  Use the
.Fl n
option if you want the tickets for other then the default principal.
Note that the
.Fl z
option is mutually exclusive with the
.Fl Z
option.
.It Fl Z
Don't copy any tickets from the source cache to the target cache.
Just create a fresh target cache, where the default principal name of
the cache is initialized to the target principal name.  Note that the
.Fl z
option is mutually exclusive with the
.Fl Z
option.
.It Fl q
Suppress the printing of status messages.
.It Fl a Ar command Op Ar args ...
.Nm
proceeds exactly the same as if it was invoked without the
.Fl a
option,
except instead of executing the target shell,
.Nm
executes the specified command. Example of usage:
.Bd -unfilled -offset indent 
.Sy Nm No
.Fl a No
.Sy ls No
.Fl lag
.Ed
.Sh SEE ALSO
.Xr kinit 1
.Xr ksu 1
.Sh AUTHORS
.An AKSW Infrastructure Group