Solaris 8 compat mode

Greene Jason-RB512C RB512C at motorola.com
Thu Feb 6 12:50:36 EST 2003 

Aaron,

  Thanks for the response.  Unfortunately the '--with-pam' did not change the behavior.  I put debug in the pam.conf file but it did not produce any output in /var/adm/messages.

#
login   auth required   /usr/lib/security/$ISA/pam_unix.so.1
login   auth required   /usr/lib/security/$ISA/pam_dial_auth.so.1
#
rlogin  auth sufficient /usr/lib/security/$ISA/pam_rhosts_auth.so.1
rlogin  auth required   /usr/lib/security/$ISA/pam_unix.so.1
#
dtlogin auth required   /usr/lib/security/$ISA/pam_unix.so.1
#
rsh     auth required   /usr/lib/security/$ISA/pam_rhosts_auth.so.1
other   auth required   /usr/lib/security/$ISA/pam_unix.so.1    debug

Any other thoughts???

Thanks,

Jason


-----Original Message-----
From: Aaron Spangler [mailto:as at insight.rr.com]
Sent: Wednesday, February 05, 2003 9:07 PM
To: sudo-users at sudo.ws; Jason Greene
Subject: Re: Solaris 8 compat mode


Try compiling using '--with-pam'.  This tells sudo to invoke the default system behavior.  (Which by default on Solaris 8 if you don't modify /etc/pam.conf tells it to call pam_unix.so.1 which tells it to act like /bin/login, /bin/su, etc.)  BTW on any
Solaris you should not need to modify /etc/pam.conf unless you want to change the way the system behaves.  (regardless of nsswitch.conf  or compat mode)

That should do the trick.
 - Aaron


> From: Greene Jason-RB512C <RB512C at motorola.com>
> Subject: Solairs 8 compat mode
>
> Hello All,
>
> I am having an issue using sudo in (NIS) compat mode on solaris 8.
>
> I currently have several solaris 2.6 machines in this configuration that work.  The passwd file has entries for the users I want to allow on the machine.
> /etc/passwd
> +rb512c
> +:x:::::/bin/false
>
> /etc/nsswitch.conf
> passwd: compat
> group: compat
>
> Sudo works perfect on solaris 2.6 with this setup.  But on solaris 8, sudo will never accept the valid password.  If I change /etc/nsswitch.conf back to "passwd: files nis" then sudo works fine, but I do not get the restricted login I am looking for.
>
> I'm I way off here?  Should I be looking into pam modules now?  I cannot seem to find this problem searching the web.
>
> Thanks in advance,
>
> --
> Jason Greene (rb512c)

More information about the sudo-users mailing list