X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/blobdiff_plain/c6b2ec35fea0ea09d5d4620781412cb4dea5f4f3..b661b7fb181696ef8f600d5df52eee0d6691b7cc:/README.platform

diff --git a/README.platform b/README.platform
index ba555d08..7356c105 100644
--- a/README.platform
+++ b/README.platform
@@ -32,8 +32,27 @@ openssl-devel, zlib, minres, minires-devel.
 
 Solaris
 -------
-Currently, sshd does not support BSM auditting.  This can show up as errors
-when editting cron entries via crontab.  See.
-http://bugzilla.mindrot.org/show_bug.cgi?id=125
+If you enable BSM auditing on Solaris, you need to update audit_event(4)
+for praudit(1m) to give sensible output.  The following line needs to be
+added to /etc/security/audit_event:
+
+	32800:AUE_openssh:OpenSSH login:lo
+
+The BSM audit event range available for third party TCB applications is
+32768 - 65535.  Event number 32800 has been choosen for AUE_openssh.
+There is no official registry of 3rd party event numbers, so if this
+number is already in use on your system, you may change it at build time
+by configure'ing --with-cflags=-DAUE_openssh=32801 then rebuilding.
+
+
+Platforms using PAM
+-------------------
+As of OpenSSH 4.3p1, sshd will no longer check /etc/nologin itself when
+PAM is enabled.  To maintain existing behaviour, pam_nologin should be
+added to sshd's session stack which will prevent users from starting shell
+sessions.  Alternatively, pam_nologin can be added to either the auth or
+account stacks which will prevent authentication entirely, but will still
+return the output from pam_nologin to the client.
+
 
 $Id$