From: Todd C. Miller <Todd.Miller@courtesan.com>
Date: Fri, 28 Sep 2012 13:05:40 +0000 (-0400)
Subject: Mention HP-UX pam.conf settings.
X-Git-Tag: SUDO_1_7_10p4~14
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=009599bb34e2f89e9431df86438d5b2e0857209b;p=sudo

Mention HP-UX pam.conf settings.

--HG--
branch : 1.7
---

diff --git a/TROUBLESHOOTING b/TROUBLESHOOTING
index 3e339b2d4..e5e1bdebd 100644
--- a/TROUBLESHOOTING
+++ b/TROUBLESHOOTING
@@ -243,6 +243,18 @@ A) On systems that use a Mozilla-derived LDAP SDK there must be a
     Enter new password: <return>
     Re-enter password: <return>
 
+Q) On HP-UX, when I run command via sudo it displays information
+   about the last successful login and last authentication failure
+   for every command.  How can I fix this?
+A) This output comes from /usr/lib/security/libpam_hpsec.so.1.
+   To suppress it, add a line like the following to /etc/pam.conf:
+   sudo session required libpam_hpsec.so.1 bypass_umask bypass_last_login
+
+Q) On HP-UX, the umask setting in sudoers has no effect.
+A) If your /etc/pam.conf file has the libpam_hpsec.so.1 session module
+   enabled, you may need to a add line like the following to pam.conf:
+   sudo session required libpam_hpsec.so.1 bypass_umask
+
 Q) When I run sudo on AIX I get the following error:
     sudo: unable to change to sudoers gid: Operation not permitted.
 A) AIX's Enhanced RBAC is preventing sudo from running.  To fix