version 1.1.1.1, 2012/02/21 16:23:01
|
version 1.1.1.2, 2012/05/29 12:26:48
|
Line 166 Special features/options:
|
Line 166 Special features/options:
|
|
|
--with-SecurID[=DIR] |
--with-SecurID[=DIR] |
Enable SecurID support. If specified, DIR is directory containing |
Enable SecurID support. If specified, DIR is directory containing |
sdiclient.a, sdi_athd.h, sdconf.h, and sdacmvls.h. | libaceclnt.a, acexport.h, and sdacmvls.h. |
|
|
--with-fwtk[=DIR] |
--with-fwtk[=DIR] |
Enable TIS Firewall Toolkit (FWTK) 'authsrv' support. If specified, |
Enable TIS Firewall Toolkit (FWTK) 'authsrv' support. If specified, |
DIR is the base directory containing the compiled FWTK package |
DIR is the base directory containing the compiled FWTK package |
(or at least the library and header files). |
(or at least the library and header files). |
|
|
--with-kerb4[=DIR] |
|
Enable Kerberos IV support. If specified, DIR is the base |
|
directory containing the Kerberos IV include and lib dirs. |
|
This uses Kerberos passphrases for authentication but does |
|
not use the Kerberos cookie scheme. |
|
|
|
--with-kerb5[=DIR] |
--with-kerb5[=DIR] |
Enable Kerberos V support. If specified, DIR is the base |
Enable Kerberos V support. If specified, DIR is the base |
directory containing the Kerberos V include and lib dirs. |
directory containing the Kerberos V include and lib dirs. |
Line 186 Special features/options:
|
Line 180 Special features/options:
|
does not use the Kerberos cookie scheme. Will not work for |
does not use the Kerberos cookie scheme. Will not work for |
Kerberos V older than version 1.1. |
Kerberos V older than version 1.1. |
|
|
|
--enable-kerb5-instance=string |
|
By default, the user name is used as the principal name |
|
when authenticating via Kerberos V. If this option is |
|
enabled, the specified instance string will be appended to |
|
the user name (separated by a slash) when creating the |
|
principal name. |
|
|
--with-ldap[=DIR] |
--with-ldap[=DIR] |
Enable LDAP support. If specified, DIR is the base directory |
Enable LDAP support. If specified, DIR is the base directory |
containing the LDAP include and lib directories. Please see |
containing the LDAP include and lib directories. Please see |
Line 285 Special features/options:
|
Line 286 Special features/options:
|
older PAM implementations or on operating systems where |
older PAM implementations or on operating systems where |
opening a PAM session changes the utmp or wtmp files. If |
opening a PAM session changes the utmp or wtmp files. If |
PAM session support is disabled, resource limits may not |
PAM session support is disabled, resource limits may not |
be updatedin for command being run. | be updated for the command being run. |
|
|
--disable-root-mailer |
--disable-root-mailer |
By default sudo will run the mailer as root when tattling |
By default sudo will run the mailer as root when tattling |
Line 743 HP-UX:
|
Line 744 HP-UX:
|
you will need to add a line like the following to /etc/pam.conf: |
you will need to add a line like the following to /etc/pam.conf: |
|
|
sudo session required libpam_hpsec.so.1 bypass_umask |
sudo session required libpam_hpsec.so.1 bypass_umask |
|
|
|
If every command run via sudo displays information about the last |
|
successful login and the last authentication failure you should |
|
make use an /etc/pam.conf line like: |
|
|
|
sudo session required libpam_hpsec.so.1 bypass_umask bypass_last_login |
|
|
Digital UNIX: |
Digital UNIX: |
By default, sudo will use SIA (Security Integration Architecture) |
By default, sudo will use SIA (Security Integration Architecture) |