1 | <?xml version="1.0" encoding="ISO-8859-1"?>
|
---|
2 | <!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
|
---|
3 | "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
|
---|
4 | <!ENTITY % general-entities SYSTEM "../../general.ent">
|
---|
5 | %general-entities;
|
---|
6 |
|
---|
7 | <!ENTITY libpwquality-download-http "https://github.com/libpwquality/libpwquality/releases/download/libpwquality-&libpwquality-version;/libpwquality-&libpwquality-version;.tar.bz2">
|
---|
8 | <!ENTITY libpwquality-download-ftp " ">
|
---|
9 | <!ENTITY libpwquality-md5sum "6b70e355269aef0b9ddb2b9d17936f21">
|
---|
10 | <!ENTITY libpwquality-size "424 KB">
|
---|
11 | <!ENTITY libpwquality-buildsize "5.4 MB">
|
---|
12 | <!ENTITY libpwquality-time "0.1 SBU">
|
---|
13 | ]>
|
---|
14 |
|
---|
15 | <sect1 id="libpwquality" xreflabel="libpwquality-&libpwquality-version;">
|
---|
16 | <?dbhtml filename="libpwquality.html"?>
|
---|
17 |
|
---|
18 | <sect1info>
|
---|
19 | <date>$Date$</date>
|
---|
20 | </sect1info>
|
---|
21 |
|
---|
22 | <title>libpwquality-&libpwquality-version;</title>
|
---|
23 |
|
---|
24 | <indexterm zone="libpwquality">
|
---|
25 | <primary sortas="a-libpwquality">libpwquality</primary>
|
---|
26 | </indexterm>
|
---|
27 |
|
---|
28 | <sect2 role="package">
|
---|
29 | <title>Introduction to libpwquality</title>
|
---|
30 |
|
---|
31 | <para>
|
---|
32 | The <application>libpwquality</application> package provides common
|
---|
33 | functions for password quality checking and also scoring them based on
|
---|
34 | their apparent randomness. The library also provides a function for
|
---|
35 | generating random passwords with good pronounceability.
|
---|
36 | </para>
|
---|
37 |
|
---|
38 | &lfs112_checked;
|
---|
39 |
|
---|
40 | <bridgehead renderas="sect3">Package Information</bridgehead>
|
---|
41 | <itemizedlist spacing="compact">
|
---|
42 | <listitem>
|
---|
43 | <para>
|
---|
44 | Download (HTTP): <ulink url="&libpwquality-download-http;"/>
|
---|
45 | </para>
|
---|
46 | </listitem>
|
---|
47 | <listitem>
|
---|
48 | <para>
|
---|
49 | Download (FTP): <ulink url="&libpwquality-download-ftp;"/>
|
---|
50 | </para>
|
---|
51 | </listitem>
|
---|
52 | <listitem>
|
---|
53 | <para>
|
---|
54 | Download MD5 sum: &libpwquality-md5sum;
|
---|
55 | </para>
|
---|
56 | </listitem>
|
---|
57 | <listitem>
|
---|
58 | <para>
|
---|
59 | Download size: &libpwquality-size;
|
---|
60 | </para>
|
---|
61 | </listitem>
|
---|
62 | <listitem>
|
---|
63 | <para>
|
---|
64 | Estimated disk space required: &libpwquality-buildsize;
|
---|
65 | </para>
|
---|
66 | </listitem>
|
---|
67 | <listitem>
|
---|
68 | <para>
|
---|
69 | Estimated build time: &libpwquality-time;
|
---|
70 | </para>
|
---|
71 | </listitem>
|
---|
72 | </itemizedlist>
|
---|
73 |
|
---|
74 | <bridgehead renderas="sect3">libpwquality Dependencies</bridgehead>
|
---|
75 |
|
---|
76 | <bridgehead renderas="sect4">Required</bridgehead>
|
---|
77 | <para role="required">
|
---|
78 | <xref linkend="cracklib"/>
|
---|
79 | </para>
|
---|
80 |
|
---|
81 | <bridgehead renderas="sect4">Recommended</bridgehead>
|
---|
82 | <para role="recommended">
|
---|
83 | <xref linkend="linux-pam"/>
|
---|
84 | </para>
|
---|
85 | <!-- Do not advertise python 2 since python 3 can be used
|
---|
86 | <bridgehead renderas="sect4">Optional</bridgehead>
|
---|
87 | <para role="optional">
|
---|
88 | <xref linkend="python2"/>
|
---|
89 | </para>
|
---|
90 | -->
|
---|
91 | <para condition="html" role="usernotes">User Notes:
|
---|
92 | <ulink url="&blfs-wiki;/libpwquality"/>
|
---|
93 | </para>
|
---|
94 | </sect2>
|
---|
95 |
|
---|
96 | <sect2 role="installation">
|
---|
97 | <title>Installation of libpwquality</title>
|
---|
98 |
|
---|
99 | <para>
|
---|
100 | Install <application>libpwquality</application> by running the following
|
---|
101 | commands:
|
---|
102 | </para>
|
---|
103 |
|
---|
104 | <screen><userinput>./configure --prefix=/usr \
|
---|
105 | --disable-static \
|
---|
106 | --with-securedir=/usr/lib/security \
|
---|
107 | --with-python-binary=python3 &&
|
---|
108 | make</userinput></screen>
|
---|
109 |
|
---|
110 | <para>
|
---|
111 | This package does not come with a test suite.
|
---|
112 | </para>
|
---|
113 |
|
---|
114 | <para>
|
---|
115 | Now, as the <systemitem class="username">root</systemitem> user:
|
---|
116 | </para>
|
---|
117 |
|
---|
118 | <screen role="root"><userinput>make install</userinput></screen>
|
---|
119 |
|
---|
120 | </sect2>
|
---|
121 |
|
---|
122 | <sect2 role="commands">
|
---|
123 | <title>Command Explanations</title>
|
---|
124 |
|
---|
125 | <para>
|
---|
126 | <parameter>--with-python-binary=python3</parameter>: This parameter gives
|
---|
127 | the location of the <application>Python</application> binary. The default
|
---|
128 | is <parameter>python</parameter>, and requires <xref linkend="python2"/>.
|
---|
129 | </para>
|
---|
130 |
|
---|
131 | </sect2>
|
---|
132 |
|
---|
133 | <sect2 role="configuration">
|
---|
134 | <title>Configuring libpwquality</title>
|
---|
135 |
|
---|
136 | <para>
|
---|
137 | <application>libpwquality</application> is intended to be a
|
---|
138 | functional replacement for the now-obsolete
|
---|
139 | <filename>pam_cracklib.so</filename> PAM module. To configure the system
|
---|
140 | to use the <filename>pam_pwquality</filename> module, execute the
|
---|
141 | following commands as the
|
---|
142 | <systemitem class="username">root</systemitem> user:
|
---|
143 | </para>
|
---|
144 |
|
---|
145 | <screen role="root"><userinput>mv /etc/pam.d/system-password{,.orig} &&
|
---|
146 | cat > /etc/pam.d/system-password << "EOF"
|
---|
147 | <literal># Begin /etc/pam.d/system-password
|
---|
148 |
|
---|
149 | # check new passwords for strength (man pam_pwquality)
|
---|
150 | password required pam_pwquality.so authtok_type=UNIX retry=1 difok=1 \
|
---|
151 | minlen=8 dcredit=0 ucredit=0 \
|
---|
152 | lcredit=0 ocredit=0 minclass=1 \
|
---|
153 | maxrepeat=0 maxsequence=0 \
|
---|
154 | maxclassrepeat=0 geoscheck=0 \
|
---|
155 | dictcheck=1 usercheck=1 \
|
---|
156 | enforcing=1 badwords="" \
|
---|
157 | dictpath=/usr/lib/cracklib/pw_dict
|
---|
158 | # use sha512 hash for encryption, use shadow, and use the
|
---|
159 | # authentication token (chosen password) set by pam_pwquality
|
---|
160 | # above (or any previous modules). Also set the number of crypt rounds
|
---|
161 | # to the value used in shadow.
|
---|
162 | password required pam_unix.so sha512 shadow use_authtok \
|
---|
163 | rounds=500000
|
---|
164 |
|
---|
165 | # End /etc/pam.d/system-password</literal>
|
---|
166 | EOF
|
---|
167 | </userinput></screen>
|
---|
168 |
|
---|
169 | </sect2>
|
---|
170 |
|
---|
171 | <sect2 role="content">
|
---|
172 | <title>Contents</title>
|
---|
173 |
|
---|
174 | <segmentedlist>
|
---|
175 | <segtitle>Installed Programs</segtitle>
|
---|
176 | <segtitle>Installed Libraries</segtitle>
|
---|
177 | <segtitle>Installed Directories</segtitle>
|
---|
178 |
|
---|
179 | <seglistitem>
|
---|
180 | <seg>
|
---|
181 | pwscore and pwmake
|
---|
182 | </seg>
|
---|
183 | <seg>
|
---|
184 | pam_pwquality.so and libpwquality.so
|
---|
185 | </seg>
|
---|
186 | <seg>
|
---|
187 | None
|
---|
188 | <!-- /etc/security was installed by Linux-PAM -->
|
---|
189 | </seg>
|
---|
190 | </seglistitem>
|
---|
191 | </segmentedlist>
|
---|
192 |
|
---|
193 | <variablelist>
|
---|
194 | <bridgehead renderas="sect3">Short Descriptions</bridgehead>
|
---|
195 | <?dbfo list-presentation="list"?>
|
---|
196 | <?dbhtml list-presentation="table"?>
|
---|
197 |
|
---|
198 | <varlistentry id="pwmake">
|
---|
199 | <term><command>pwmake</command></term>
|
---|
200 | <listitem>
|
---|
201 | <para>
|
---|
202 | is a simple configurable tool for generating random
|
---|
203 | and relatively easily pronounceable passwords
|
---|
204 | </para>
|
---|
205 | <indexterm zone="libpwquality pwmake">
|
---|
206 | <primary sortas="b-pwmake">pwmake</primary>
|
---|
207 | </indexterm>
|
---|
208 | </listitem>
|
---|
209 | </varlistentry>
|
---|
210 |
|
---|
211 | <varlistentry id="pwscore">
|
---|
212 | <term><command>pwscore</command></term>
|
---|
213 | <listitem>
|
---|
214 | <para>
|
---|
215 | is a simple tool for checking quality of a password
|
---|
216 | </para>
|
---|
217 | <indexterm zone="libpwquality pwscore">
|
---|
218 | <primary sortas="b-pwscore">pwscore</primary>
|
---|
219 | </indexterm>
|
---|
220 | </listitem>
|
---|
221 | </varlistentry>
|
---|
222 |
|
---|
223 | <varlistentry id="libpwquality-lib">
|
---|
224 | <term><filename class="libraryfile">libpwquality.so</filename></term>
|
---|
225 | <listitem>
|
---|
226 | <para>
|
---|
227 | contains API functions for checking the password quality
|
---|
228 | </para>
|
---|
229 | <indexterm zone="libpwquality libpwquality-lib">
|
---|
230 | <primary sortas="c-libpwquality">libpwquality.so</primary>
|
---|
231 | </indexterm>
|
---|
232 | </listitem>
|
---|
233 | </varlistentry>
|
---|
234 |
|
---|
235 | <varlistentry id="pam_pwquality">
|
---|
236 | <term><filename class="libraryfile">pam_pwquality.so</filename></term>
|
---|
237 | <listitem>
|
---|
238 | <para>
|
---|
239 | is a <application>Linux PAM</application> module used to perform
|
---|
240 | password quality checking
|
---|
241 | </para>
|
---|
242 | <indexterm zone="libpwquality pam_pwquality">
|
---|
243 | <primary sortas="c-pam_pwquality">pam_pwquality.so</primary>
|
---|
244 | </indexterm>
|
---|
245 | </listitem>
|
---|
246 | </varlistentry>
|
---|
247 |
|
---|
248 | </variablelist>
|
---|
249 |
|
---|
250 | </sect2>
|
---|
251 |
|
---|
252 | </sect1>
|
---|