Context Navigation

source: postlfs/security/cracklib.xml@ f8dd4ec

Visit:

12.0 12.1 kea ken/TL2024 ken/tuningfonts lazarus lxqt plabs/newcss python3.11 rahul/power-profiles-daemon renodr/vulkan-addition trunk xry111/llvm18 xry111/xf86-video-removal

Last change on this file since f8dd4ec was 0b8fb2f, checked in by Bruce Dubbs <bdubbs@…>, 15 months ago
Update to cracklib-2.9.11.
Property mode set to `100644`
File size: 12.3 KB

Line
1	<?xml version="1.0" encoding="ISO-8859-1"?>
2	<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3	"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4	<!ENTITY % general-entities SYSTEM "../../general.ent">
5	%general-entities;
6
7	<!ENTITY cracklib-url "https://github.com/cracklib/cracklib/releases/download">
8
9	<!ENTITY cracklib-download-http "&cracklib-url;/v&cracklib-version;/cracklib-&cracklib-version;.tar.xz">
10	<!ENTITY cracklib-download-ftp " ">
11	<!ENTITY cracklib-md5sum "a6dfb1766aab43a54e1cbd78abf0a20a">
12	<!ENTITY cracklib-size "452 KB">
13	<!ENTITY cracklib-buildsize "6.8 MB">
14	<!ENTITY cracklib-time "0.1 SBU">
15
16	<!ENTITY crackdict-download "&cracklib-url;/v&cracklib-version;/cracklib-words-&cracklib-version;.xz">
17	<!ENTITY crackdict-size "4.0 MB">
18	<!ENTITY crackdict-md5sum "f27804022dbf2682a7f7c353317f9a53">
19	]>
20
21	<sect1 id="cracklib" xreflabel="CrackLib-&cracklib-version;">
22	<?dbhtml filename="cracklib.html"?>
23
24
25	<title>CrackLib-&cracklib-version;</title>
26
27	<indexterm zone="cracklib">
28	<primary sortas="a-CrackLib">CrackLib</primary>
29	</indexterm>
30
31	<sect2 role="package">
32	<title>Introduction to CrackLib</title>
33
34	<para>
35	The <application>CrackLib</application> package contains a
36	library used to enforce strong passwords by comparing user selected
37	passwords to words in chosen word lists.
38	</para>
39
40	&lfs113_checked;
41
42	<bridgehead renderas="sect3">Package Information</bridgehead>
43	<itemizedlist spacing="compact">
44	<listitem>
45	<para>
46	Download (HTTP): <ulink url="&cracklib-download-http;"/>
47	</para>
48	</listitem>
49	<listitem>
50	<para>
51	Download (FTP): <ulink url="&cracklib-download-ftp;"/>
52	</para>
53	</listitem>
54	<listitem>
55	<para>
56	Download MD5 sum: &cracklib-md5sum;
57	</para>
58	</listitem>
59	<listitem>
60	<para>
61	Download size: &cracklib-size;
62	</para>
63	</listitem>
64	<listitem>
65	<para>
66	Estimated disk space required: &cracklib-buildsize;
67	</para>
68	</listitem>
69	<listitem>
70	<para>
71	Estimated build time: &cracklib-time;
72	</para>
73	</listitem>
74	</itemizedlist>
75
76	<bridgehead renderas="sect3">Additional Downloads</bridgehead>
77	<itemizedlist spacing="compact">
78	<para>Recommended word list for English-speaking countries:</para>
79	<listitem>
80	<para>
81	Download (HTTP): <ulink url="&crackdict-download;"/>
82	</para>
83	</listitem>
84	<listitem>
85	<para>
86	Download MD5 sum: &crackdict-md5sum;
87	</para>
88	</listitem>
89	<listitem>
90	<para>
91	Download size: &crackdict-size;;
92	</para>
93	</listitem>
94	</itemizedlist>
95
96	<para>
97	There are additional word lists available for download, e.g., from
98	<ulink url="https://wiki.skullsecurity.org/index.php/Passwords"/>.
99	<application>CrackLib</application> can utilize as many, or as few word
100	lists you choose to install.
101	</para>
102
103	<important>
104	<para>
105	Users tend to base their passwords on regular words of the spoken
106	language, and crackers know that. <application>CrackLib</application>
107	is intended to filter out such bad passwords at the source using a
108	dictionary created from word lists. To accomplish this, the word
109	list(s) for use with <application>CrackLib</application> must be an
110	exhaustive list of words and word-based keystroke combinations likely
111	to be chosen by users of the system as (guessable) passwords.
112	</para>
113
114	<para>
115	The default word list recommended above for downloading mostly
116	satisfies this role in English-speaking countries. In other situations,
117	it may be necessary to download (or even create) additional word lists.
118	</para>
119
120	<para>
121	Note that word lists suitable for spell-checking are not usable
122	as <application>CrackLib</application> word lists in countries with
123	non-Latin based alphabets, because of <quote>word-based keystroke
124	combinations</quote> that make bad passwords.
125	</para>
126	</important>
127
128	<para condition="html" role="usernotes">User Notes:
129	<ulink url="&blfs-wiki;/cracklib"/>
130	</para>
131	</sect2>
132
133	<sect2 role="installation">
134	<title>Installation of CrackLib</title>
135
136	<para>
137	Install <application>CrackLib</application> by running the following
138	commands:
139	</para>
140
141	<screen><userinput>autoreconf -fiv &&
142
143	PYTHON=python3 \
144	./configure --prefix=/usr \
145	--disable-static \
146	--with-default-dict=/usr/lib/cracklib/pw_dict &&
147	make</userinput></screen>
148
149	<para>
150	Now, as the <systemitem class="username">root</systemitem> user:
151	</para>
152
153	<screen role="root"><userinput>make install</userinput></screen>
154
155	<para>
156	Issue the following commands as the
157	<systemitem class="username">root</systemitem> user to install the
158	recommended word list and create the <application>CrackLib</application>
159	dictionary. Other word lists (text based, one word per line) can also be
160	used by simply installing them into
161	<filename class="directory">/usr/share/dict</filename> and adding them
162	to the <command>create-cracklib-dict</command> command.
163	</para>
164
165	<screen role="root"><userinput>install -v -m644 -D ../cracklib-words-&cracklib-version;.xz \
166	/usr/share/dict/cracklib-words.xz &&
167
168	unxz -v /usr/share/dict/cracklib-words.xz &&
169	ln -v -sf cracklib-words /usr/share/dict/words &&
170	echo $(hostname) >> /usr/share/dict/cracklib-extra-words &&
171	install -v -m755 -d /usr/lib/cracklib &&
172
173	create-cracklib-dict /usr/share/dict/cracklib-words \
174	/usr/share/dict/cracklib-extra-words</userinput></screen>
175
176	<para>
177	If desired, check the proper operation of the library as an
178	unprivileged user by issuing the following command:
179	</para>
180
181	<screen remap="test"><userinput>make test</userinput></screen>
182
183	<important>
184	<para>
185	If you are installing <application>CrackLib</application> after
186	your LFS system has been completed and you have the
187	<application>Shadow</application> package installed, you must
188	reinstall <xref linkend="shadow"/> if you wish to provide strong
189	password support on your system. If you are now going to install the
190	<xref linkend="linux-pam"/> package, you may disregard this note as
191	<application>Shadow</application> will be reinstalled after the
192	<application>Linux-PAM</application> installation.
193	</para>
194	</important>
195
196	</sect2>
197
198	<sect2 role="commands">
199	<title>Command Explanations</title>
200
201	<para>
202	<command>autoreconf -fiv</command>: The configure script shipped with
203	the package is too old to get the right version string of Python
204	3.10 or later. This command regenerates it with a more recent version
205	of autotools, which fixes the issue.
206	</para>
207
208	<para>
209	<envar>PYTHON=python3</envar>: This forces the installation of
210	python bindings for Python 3, even if Python 2 is installed.
211	</para>
212
213	<para>
214	<parameter>--with-default-dict=/lib/cracklib/pw_dict</parameter>:
215	This parameter forces the installation of the
216	<application>CrackLib</application> dictionary to the
217	<filename class="directory">/lib</filename> hierarchy.
218	</para>
219
220	<xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
221	href="../../xincludes/static-libraries.xml"/>
222
223	<para>
224	<command>install -v -m644 -D ...</command>: This command creates the
225	<filename class="directory">/usr/share/dict</filename> directory (if it
226	doesn't already exist) and installs the compressed word list there.
227	</para>
228
229	<para>
230	<command>ln -v -s cracklib-words /usr/share/dict/words</command>: The
231	word list is linked to <filename>/usr/share/dict/words</filename> as
232	historically, <filename>words</filename> is the primary word list in the
233	<filename class="directory">/usr/share/dict</filename> directory. Omit
234	this command if you already have a
235	<filename>/usr/share/dict/words</filename> file installed on your system.
236	</para>
237
238	<para>
239	<command>echo $(hostname) >>...</command>: The value of
240	<command>hostname</command> is echoed to a file called
241	<filename>cracklib-extra-words</filename>. This extra file is intended
242	to be a site specific list which includes easy to guess passwords such
243	as company or department names, user names, product names, computer
244	names, domain names, etc.
245	</para>
246
247	<para>
248	<command>create-cracklib-dict ...</command>: This command creates the
249	<application>CrackLib</application> dictionary from the word lists.
250	Modify the command to add any additional word lists you have installed.
251	</para>
252
253	</sect2>
254
255	<sect2 role="content">
256	<title>Contents</title>
257
258	<segmentedlist>
259	<segtitle>Installed Programs</segtitle>
260	<segtitle>Installed Libraries</segtitle>
261	<segtitle>Installed Directories</segtitle>
262
263	<seglistitem>
264	<seg>cracklib-check, cracklib-format, cracklib-packer,
265	cracklib-unpacker, cracklib-update, and create-cracklib-dict</seg>
266
267	<seg>libcrack.so and the _cracklib.so
268	(<application>Python</application> module)</seg>
269
270	<seg>/usr/lib/cracklib, /usr/share/dict and /usr/share/cracklib</seg>
271	</seglistitem>
272	</segmentedlist>
273
274	<variablelist>
275	<bridgehead renderas="sect3">Short Descriptions</bridgehead>
276	<?dbfo list-presentation="list"?>
277	<?dbhtml list-presentation="table"?>
278
279	<varlistentry id="cracklib-check">
280	<term><command>cracklib-check</command></term>
281	<listitem>
282	<para>
283	is used to determine if a password is strong
284	</para>
285	<indexterm zone="cracklib cracklib-check">
286	<primary sortas="b-cracklib-check">cracklib-check</primary>
287	</indexterm>
288	</listitem>
289	</varlistentry>
290
291	<varlistentry id="cracklib-format">
292	<term><command>cracklib-format</command></term>
293	<listitem>
294	<para>
295	is used to format text files (lowercases all words,
296	removes control characters and sorts the lists)
297	</para>
298	<indexterm zone="cracklib cracklib-format">
299	<primary sortas="b-cracklib-format">cracklib-format</primary>
300	</indexterm>
301	</listitem>
302	</varlistentry>
303
304	<varlistentry id="cracklib-packer">
305	<term><command>cracklib-packer</command></term>
306	<listitem>
307	<para>
308	creates a database with words read from standard input
309	</para>
310	<indexterm zone="cracklib cracklib-packer">
311	<primary sortas="b-cracklib-packer">cracklib-packer</primary>
312	</indexterm>
313	</listitem>
314	</varlistentry>
315
316	<varlistentry id="cracklib-unpacker">
317	<term><command>cracklib-unpacker</command></term>
318	<listitem>
319	<para>
320	displays on standard output the database specified
321	</para>
322	<indexterm zone="cracklib cracklib-packer">
323	<primary sortas="b-cracklib-packer">cracklib-packer</primary>
324	</indexterm>
325	</listitem>
326	</varlistentry>
327
328	<varlistentry id="create-cracklib-dict">
329	<term><command>create-cracklib-dict</command></term>
330	<listitem>
331	<para>
332	is used to create the <application>CrackLib</application>
333	dictionary from the given word list(s)
334	</para>
335	<indexterm zone="cracklib create-cracklib-dict">
336	<primary sortas="b-create-cracklib-dict">create-cracklib-dict</primary>
337	</indexterm>
338	</listitem>
339	</varlistentry>
340
341	<varlistentry id="libcrack">
342	<term><filename class="libraryfile">libcrack.so</filename></term>
343	<listitem>
344	<para>
345	provides a fast dictionary lookup method for strong
346	password enforcement
347	</para>
348	<indexterm zone="cracklib libcrack">
349	<primary sortas="c-libcrack">libcrack.so</primary>
350	</indexterm>
351	</listitem>
352	</varlistentry>
353
354	</variablelist>
355
356	</sect2>
357
358	</sect1>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: