From: Todd C. Miller Date: Thu, 12 Jan 2012 19:51:27 +0000 (-0500) Subject: Mention how to configure pam_hpsec on HP-UX to play nicely with X-Git-Tag: SUDO_1_7_9~39 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=b354c7f4e340fdbe66f5e954dc2e815986b2fa7c;p=sudo Mention how to configure pam_hpsec on HP-UX to play nicely with sudo. --HG-- branch : 1.7 --- diff --git a/INSTALL b/INSTALL index a8b0e37dc..0c2637762 100644 --- a/INSTALL +++ b/INSTALL @@ -737,6 +737,12 @@ HP-UX: sudo session required libpam_hpsec.so.1 bypass_umask + If every command run via sudo displays information about the last + successful login and the last authentication failure you should + make use an /etc/pam.conf line like: + + sudo session required libpam_hpsec.so.1 bypass_umask bypass_last_login + Digital UNIX: By default, sudo will use SIA (Security Integration Architecture) to validate a user. If you want to use an alternative authentication diff --git a/configure b/configure index cc1db331e..8c19e5c09 100755 --- a/configure +++ b/configure @@ -22111,6 +22111,14 @@ fi if test "$with_pam" = "yes"; then case $host in + *-*-hpux*) + if -f /usr/lib/security/libpam_hpsec.so.1 ; then + { $as_echo "$as_me:${as_lineno-$LINENO}: You may wish to add the following line to /etc/pam.conf" >&5 +$as_echo "$as_me: You may wish to add the following line to /etc/pam.conf" >&6;} + { $as_echo "$as_me:${as_lineno-$LINENO}: sudo session required libpam_hpsec.so.1 bypass_umask bypass_last_login" >&5 +$as_echo "$as_me: sudo session required libpam_hpsec.so.1 bypass_umask bypass_last_login" >&6;} + fi + ;; *-*-linux*) { $as_echo "$as_me:${as_lineno-$LINENO}: You will need to customize sample.pam and install it as /etc/pam.d/sudo" >&5 $as_echo "$as_me: You will need to customize sample.pam and install it as /etc/pam.d/sudo" >&6;} diff --git a/configure.in b/configure.in index 3351322c7..ccce9ba9c 100644 --- a/configure.in +++ b/configure.in @@ -2978,6 +2978,12 @@ dnl Spew any text the user needs to know about dnl if test "$with_pam" = "yes"; then case $host in + *-*-hpux*) + if [ -f /usr/lib/security/libpam_hpsec.so.1 ]; then + AC_MSG_NOTICE([You may wish to add the following line to /etc/pam.conf]) + AC_MSG_NOTICE([sudo session required libpam_hpsec.so.1 bypass_umask bypass_last_login]) + fi + ;; *-*-linux*) AC_MSG_NOTICE([You will need to customize sample.pam and install it as /etc/pam.d/sudo]) ;;