There is a /etc/pam.d and a /usr/local/etc/pam.d.
/etc/pam.d has no sudo file in it but /usr/local/etc/pam.d does.
I had never edited that file before but it seems to change
slightly in 2007.
The sudo file on the system that did not display the "last
login" message has a modification date of December 20, 2007 and
sudo, itself also has that date.
Here is that file.
#
# $Id$
#
# PAM configuration for the "sudo" service
#
# auth
auth include system
# account
account include system
# session
# XXX: pam_lastlog (used in system) causes users to appear as though
# they are no longer logged in in system logs.
session required pam_permit.so
# password
password include system
This line makes the difference.
# XXX: pam_lastlog (used in system) causes users to appear as though
# they are no longer logged in in system logs.
This version effectively has no include system directive for
that file.
The system that did display the "last login" message had
a pam.d/sudo file dated July of 2007. /usr/local/bin/sudo had a
modification date of April 8 of 2008. I may have removed sudo
and reinstalled it to try to get rid of the problem but I
obviously did not also get a new /usr/local/etc/pam.d/sudo file
which would probably have been the only change necessary.
Here is the older file.
#
# $Id$
#
# PAM configuration for the "sudo" service
#
# auth
auth include system
# account
account include system
# session
session include system
# password
password include system
Here's the big difference.
session include system
As soon as I commented it out, the problem went away.
One needs to be xtremely careful in not restoring the
old /usr/local/pam.d directory when building a new system and
restoring files from the old system. I have been chasing this
monster since the Summer of 2007. The new 8.0 system is
presently turned off but I bet when I look at it on Monday, it
has the 2007 /usr/local/etc/pam.d directory since I completely
forgot about making sure it didn't get in to the new system.
Martin McCormick
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
