[sudo-users] sudo on Solaris 10 non global zone with Powerbroker Open 7
Martin, Jeff
Jeff.Martin at tais.toshiba.com
Wed Jun 27 13:41:13 EDT 2012
Hello,
I have 20 Solaris 10u10 Sparc non-global zones running with Powerbroker
Open 7 running for AD authentication.
I have compiled sudo from the source and it work just fine, but users
are complaining that it takes upwards of 3-5 minutes for the sudo
command to come back. I am not sure and by no means blaming sudo, I am
just inquiring if perhaps I missed a compile option or if there is a
setting that can perhaps be tweaked to get the performance a bit
quicker. Any ideas/thoughts are appreciated, thanks!
Jeff
Here is the sudo -V:
Sudo version 1.8.4
Configure options: --prefix=/usr/sfw --with-pam
Sudoers policy plugin version 1.8.4
Sudoers file grammar version 41
Sudoers path: /etc/sudoers
Authentication methods: 'pam'
Syslog facility if syslog is being used for logging: auth
Syslog priority to use when user authenticates successfully: notice
Syslog priority to use when user authenticates unsuccessfully: alert
Send mail if the user is not in sudoers
Use a separate timestamp for each user/tty combo
Lecture user the first time they run sudo
Require users to authenticate by default
Root may run sudo
Allow some information gathering to give useful error messages
Set the LOGNAME and USER environment variables
Length at which to wrap log file lines (0 for no wrap): 80
Authentication timestamp timeout: 5.0 minutes
Password prompt timeout: 5.0 minutes
Number of tries to enter a password: 3
Umask to use or 0777 to use user's: 022
Path to mail program: /usr/sbin/sendmail
Flags for mail program: -t
Address to send mail to: root
Subject line for mail messages: *** SECURITY information for %h ***
Incorrect password message: Sorry, try again.
Path to authentication timestamp dir: /var/lib/sudo
Default password prompt: Password:
Default user to run commands as: root
Path to the editor for use by visudo: /usr/bin/vi
When to require a password for 'list' pseudocommand: any
When to require a password for 'verify' pseudocommand: all
File descriptors >= 3 will be closed before executing a command
Reset the environment to a default set of variables
Environment variables to check for sanity:
TERM
LINGUAS
LC_*
LANGUAGE
LANG
COLORTERM
Environment variables to remove:
RUBYOPT
RUBYLIB
PYTHONUSERBASE
PYTHONINSPECT
PYTHONPATH
PYTHONHOME
TMPPREFIX
ZDOTDIR
READNULLCMD
NULLCMD
FPATH
PERL5DB
PERL5OPT
PERL5LIB
PERLLIB
PERLIO_DEBUG
JAVA_TOOL_OPTIONS
SHELLOPTS
GLOBIGNORE
PS4
BASH_ENV
ENV
TERMCAP
TERMPATH
TERMINFO_DIRS
TERMINFO
_RLD*
LD_*
PATH_LOCALE
NLSPATH
HOSTALIASES
RES_OPTIONS
LOCALDOMAIN
CDPATH
IFS
Environment variables to preserve:
XAUTHORIZATION
XAUTHORITY
TZ
PS2
PS1
PATH
LS_COLORS
KRB5CCNAME
HOSTNAME
DISPLAY
COLORS
Locale to use while parsing sudoers: C
Compress I/O logs using zlib
Directory in which to store input/output logs: /var/log/sudo-io
File in which to store the input/output log: %{seq}
Add an entry to the utmp/utmpx file when allocating a pty
Local IP address and netmask pairs:
xxx.xxx.xxx.xxx/255.255.255.0
Sudoers I/O plugin version 1.8.4
________________________________
This message may contain confidential information. If you are not the intended recipient of this e-mail, do not disseminate, distribute or copy this e-mail and delete this e-mail from your system.
More information about the sudo-users
mailing list