Written by
on
on
pam_fm_notify
While many Solaris admins are aware of the Fault Management Architecture inside of Solaris, it’s often not a natural habit to them to look at the output of fmlist
just for a quick look what the FMA has seen. In Solaris 11.4 is now a PAM module that gives you an hint, that looking at the FMA may be a good idea. It’s implemented via an PAM module.
>root@ldap:/etc/pam.d# grep -i "session" other
# Default definition for Session management
# Used when service name is not explicitly mentioned for session management
session definitive pam_user_policy.so.1
session required pam_unix_session.so.1
session optional pam_fm_notify.so.1
As the information about the number of errors is probably an information that you don’t want to share too broadly, the output of this module is dependent on the condition, that the user has the solaris.fm.read
authorization. To add this authorization to an user, you can use the usermod
command:
>root@ldap:/etc/pam.d# usermod -A +solaris.fm.read jmoekamp
Next time you login as jmoekamp
you will see a useful addition to the output:
>root@ldap:/etc/pam.d# ssh jmoekamp@localhost
Password:
Last login: Fri Apr 27 17:04:12 2018 from ::1
<b>NOTE: system has 1 active defect; run 'fmadm list' for details.</b>
Oracle Corporation SunOS 5.11 Solaris_11/11.4[...] March 2018