PAM, AIX auth, BSD auth and login_cap are now on by default if the OS
supports them.
This commit is contained in:
Todd C. Miller
35
INSTALL
35
INSTALL
@@ -184,16 +184,16 @@ Special features/options:
|
||||
Path to LDAP configuration file. If specified, sudo reads
|
||||
this file instead of /etc/ldap.conf to locate the LDAP server.
|
||||
|
||||
--with-authenticate
|
||||
--with-aixauth
|
||||
Enable support for the AIX 4.x general authentication function.
|
||||
This will use the authentication scheme specified for the user
|
||||
on the machine.
|
||||
on the machine. It is on by default for AIX systems that
|
||||
support it.
|
||||
|
||||
--with-pam
|
||||
Enable PAM support. Tested on:
|
||||
Redhat Linux >= 5.x
|
||||
Solaris >= 2.6
|
||||
HP-UX >= 11.0
|
||||
Enable PAM support. This is on by default for Darwin, FreeBSD,
|
||||
Linux, Solaris and HP-UX (version 11 and higher).
|
||||
|
||||
NOTE: on RedHat Linux and Fedora you *must* have an /etc/pam.d/sudo
|
||||
file install. You may either use the sample.pam file included with
|
||||
sudo or use /etc/pam.d/su as a reference. The sample.pam file
|
||||
@@ -217,19 +217,20 @@ Special features/options:
|
||||
DCE PAM module (usually libpam_dce) should be used instead.
|
||||
|
||||
--with-logincap
|
||||
Enable support for BSD login classes where available (OS-dependent).
|
||||
This adds support for the login classes specified in /etc/login.conf.
|
||||
By default, a login class is not applied unless the 'use_loginclass'
|
||||
option is defined in sudoers or the user specifies a class on the
|
||||
command line.
|
||||
This adds support for login classes specified in /etc/login.conf.
|
||||
It is enabled by default on BSD/OS, Darwin, FreeBSD, OpenBSD and
|
||||
NetBSD (where available). By default, a login class is not applied
|
||||
unless the 'use_loginclass' option is defined in sudoers or the user
|
||||
specifies a class on the command line.
|
||||
|
||||
--with-bsdauth
|
||||
Enable support for BSD authentication on BSD/OS and OpenBSD.
|
||||
This option implies --with-logincap. It is not possible
|
||||
to mix BSD authentication with other authentication methods
|
||||
(and there really should be no need to do so). Note that
|
||||
only the newer BSD authentication API is supported. If you
|
||||
don't have /usr/include/bsd_auth.h then you cannot use this.
|
||||
Enable support for BSD authentication. This is the default
|
||||
for BSD/OS and OpenBSD systems that support it.
|
||||
It is not possible to mix BSD authentication with other
|
||||
authentication methods (and there really should be no need
|
||||
to do so). Note that only the newer BSD authentication API
|
||||
is supported. If you don't have /usr/include/bsd_auth.h
|
||||
then you cannot use this.
|
||||
|
||||
--with-noexec[=PATH]
|
||||
Enable support for the "noexec" functionality which prevents
|
||||
|
||||
Reference in New Issue
Block a user