[sudo-users] Disabling timestamp message on HP-UX

Powell_Stuart spowell at aetinc.com
Thu Aug 28 12:52:50 EDT 2008 

Todd,

That did not help the situation.  The time-stamp output remained the
same, and syslog.sys began including a lot more information for each
sudo command executed.  
I posted the same request on an HP forum and found the solution there:
"Change DISPLAY_LAST_LOGIN to 0 in smh->security attributes
configuration->system defaults."
After I did that there was no longer a time message after each sudo
command.

Stuart

-----Original Message-----
From: Todd C. Miller [mailto:Todd.Miller at courtesan.com] 
Sent: Wednesday, August 27, 2008 1:57 PM
To: Powell_Stuart
Cc: sudo-users at sudo.ws
Subject: Re: [sudo-users] Disabling timestamp message on HP-UX

In message <A0109B26D9F05041ACFA5A8DF254135D8A8742 at sthmail.aetinc.net>
	so spake "Powell_Stuart" (spowell):

> I recently installed sudo 1.6.9p8 on two new HP-UX 11i V3 integrity
> systems.  I haven't made many modifications to the sudoers files.
There
> are only three users configured so far and they are all in the root
> group with full access to everything.  Whenever I enter a command via
> sudo I receive the message detailing the last successful login on the
> system and the last authentication failure on the system.  Similar to
> below:
> Last successful login:       Tue Aug 26 08:53:35 EDT 2008
> pthspowell.aetinc.net 
>  
> Last authentication failure: Wed Jul 30 11:46:07 EDT 2008
> pthspowell.aetinc.net
> This text is distracting when troubleshooting a problem.  Any
> suggestions on eliminating the prompts?  

That text is coming from PAM.  My guess is that it is the hpsec PAM
module that prints it.  Try adding the following to your
pam.conf and see if it changes the behavior:

sudo     auth required          libpam_hpsec.so.1 bypass_setaud
sudo     auth sufficient        libpam_unix.so.1
sudo     auth required          libpam_ldap.so.1 try_first_pass
sudo     account required       libpam_hpsec.so.1
sudo     account sufficient     libpam_unix.so.1
sudo     account required       libpam_ldap.so.1

 - todd

More information about the sudo-users mailing list