From owner-FreeBSD-users-jp@jp.freebsd.org  Mon Jul 13 16:49:40 1998
Received: (from daemon@localhost)
	by jaz.jp.freebsd.org (8.8.8+3.0Wbeta13/8.7.3) id QAA21297;
	Mon, 13 Jul 1998 16:49:40 +0900 (JST)
	(envelope-from owner-FreeBSD-users-jp@jp.FreeBSD.org)
Received: from leonardo.imme.co.jp (leonardo.imme.co.jp [210.172.85.2])
	by jaz.jp.freebsd.org (8.8.8+3.0Wbeta13/8.7.3) with ESMTP id QAA21292
	for <FreeBSD-users-jp@jp.freebsd.org>; Mon, 13 Jul 1998 16:49:34 +0900 (JST)
	(envelope-from vikke@imme.co.jp)
Received: from vikke.imme.co.jp (INS89.tokyo-ap5.dti.ne.jp [210.159.154.89])
	by leonardo.imme.co.jp (8.8.8/3.6W) with SMTP id QAA11289
	for <FreeBSD-users-jp@jp.freebsd.org>; Mon, 13 Jul 1998 16:48:17 +0900 (JST)
Message-Id: <199807131935.AA00013@vikke.imme.co.jp>
From: Ichiro Matsunaga <vikke@imme.co.jp>
Date: Tue, 14 Jul 1998 04:35:06 +0900
To: FreeBSD-users-jp@jp.freebsd.org
MIME-Version: 1.0
X-Mailer: AL-Mail32 Version 1.01
Content-Type: text/plain; charset=iso-2022-jp
Reply-To: FreeBSD-users-jp@jp.freebsd.org
Precedence: bulk
X-Distribute: distribute [version 2.1 (Alpha) patchlevel=24e+ JFUG special]
X-Sequence: FreeBSD-users-jp 30645
Subject: [FreeBSD-users-jp 30645] what is "su: kerberos: not in root's ACL."?
Errors-To: owner-FreeBSD-users-jp@jp.freebsd.org
Sender: owner-FreeBSD-users-jp@jp.freebsd.org

$B>>1J$G$9!#(B

$B2f$,2H$N4D6-(B
FreeBSD2.2.6
iijppp + nat-980406.patch
des

$BLdBjE@(B
 1.su$B$r$9$k$HJQ$J%a%C%;!<%8$,=P$k(B
 2.$B$=$N:]!">!<j$K%@%$%"%k%"%C%W$9$k!#(B

$B>\:Y(B
1.$B$3$N4D6-$G(Bsu$B$r$9$k$H!"0J2<$N$h$&$J%a%C%;!<%8$,I=<($5$l$^$9!#(B
$B$$$C$?$$2?$,5/$3$C$F$$$k$N$G$7$g$&!)?4Ev$?$j$O$"$j$^$9!#(Bppp$B$r;H$C$?$H$-$K(BDES$B$,$J$$$H!"E\$i$l$?$N(B
$B$G!"(Bjaz.jp.freebsd.org$B$N(B/pub/internat/2.2.6-RELEASE/des/$B$N%U%!%$%k$r%$%s%9%H!<%k$7$^$7$?(B
$B!J(Bfaq$B$+2?$+$G$=$N$h$&$J5-=R$,$"$C$?$N$G!K!#$=$l$^$G$O!"(Bsu$B$r$7$F$b!"$3$N$h$&$J%a%C%;!<%8$O=P$F$$(B
$B$^$;$s$G$7$?!#(B

vikke:/usr/home/vikke% su
su: kerberos: not in root's ACL.
root:/usr/home/vikke%



2.$B$^$?!"(BOnDemandPPP$B$N%;%C%F%#%s%0$r$7$F$"$j$^$9$,!"$=$N:]!"(Bsu$B$r$9$k$H!"%W%m%P%$%@$K@\B3$K9T$C$F(B
$B$7$^$$!"@\B3$,3NN)$5$l$k$H!"(B

su: kerberos: not in root's ACL.
root:/usr/home/vikke%

$B$HI=<($5$l$^$9!#(B

$B$$$m$$$mD4$Y$F$_$k$H(Bhttp://www.yk.rim.or.jp/~george/freebsd226_ppp.html $B$G!"(BKerberos$B!J(BMD5$B$N(B
$B$3$H$G$9$h$M!)$b$7$+$7$F0c$$$^$9!)(B)$B$r%$%s%9%H!<%k$7$F$O$$$1$J$$$H$+$+$l$F$$$^$9!#$b$7$+$7$F!";d(B
$B$O%$%s%9%H!<%k;vBN$r<:GT$7!"$5$i$K!"(BDES$B$r>e>h$;$G%$%s%9%H!<%k$7$?$N$,$$$1$J$$$N$G$7$g$&$+!)(B

ppp.conf
default:
 set device /dev/cuaa0

 set log Phase Chat Connect Carrier LCP IPCP CCP tun

 set speed 115200
 disable lqr
 deny lqr
 disable pred1
 deny pred1
 set timeout 60
 set dial "ABORT BUSY ABORT NO\\sCARRIER TIMEOUT 5 \"\" AT$N11=0 OK-AT-OK \\dATDT\\T 
TIMEOUT 40 CONNECT"
 
provider:
 set openmode active
 set phone 12345678
 accept pap
 deny chap
 set authname iha
 set authkey ihaiha
 set taddr 192.168.0.0/24
 set ifaddr 10.0.0.1/0 10.0.0.2/0 255.255.255.0

provider-auto:
 set server 3000 hogehoge
 set openmode active
 set phone 12345678
 accept pap
 deny chap
 set authname hoge
 set authkey hogehoge
 set taddr 192.168.0.0/24
 set ifaddr 10.0.0.1/0 10.0.0.2/0 255.255.255.0
 delete ALL
 add default HISADDR

 set dfilter 0 permit 0/32 0/0 tcp
 set dfilter 1 deny 0/0 0/0 tcp
 set dfilter 2 deny udp src eq 520
 set dfilter 3 permit 0/0 0/0
 set afilter 0 deny udp src eq 520
 set afilter 1 permit 0/0 0/0


----
Ichiro Matsunaga  vikke@imme.co.jp
