source: postlfs/security/libpwquality.xml@ 024fb949

11.3 12.0 12.1 12.2 gimp3 kea ken/TL2024 ken/inkscape-core-mods ken/tuningfonts lazarus lxqt plabs/newcss plabs/python-mods python3.11 qt5new rahul/power-profiles-daemon renodr/vulkan-addition trunk xry111/for-12.3 xry111/llvm18 xry111/spidermonkey128 xry111/xf86-video-removal
Last change on this file since 024fb949 was 024fb949, checked in by Pierre Labastie <pierre.labastie@…>, 23 months ago

Returns to a more reasonable value of rounds in shadow

  • Property mode set to 100644
File size: 8.0 KB
Line 
1<?xml version="1.0" encoding="ISO-8859-1"?>
2<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3 "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4 <!ENTITY % general-entities SYSTEM "../../general.ent">
5 %general-entities;
6
7 <!ENTITY libpwquality-download-http "https://github.com/libpwquality/libpwquality/releases/download/libpwquality-&libpwquality-version;/libpwquality-&libpwquality-version;.tar.bz2">
8 <!ENTITY libpwquality-download-ftp " ">
9 <!ENTITY libpwquality-md5sum "6b70e355269aef0b9ddb2b9d17936f21">
10 <!ENTITY libpwquality-size "424 KB">
11 <!ENTITY libpwquality-buildsize "5.4 MB">
12 <!ENTITY libpwquality-time "0.1 SBU">
13]>
14
15<sect1 id="libpwquality" xreflabel="libpwquality-&libpwquality-version;">
16 <?dbhtml filename="libpwquality.html"?>
17
18 <sect1info>
19 <date>$Date$</date>
20 </sect1info>
21
22 <title>libpwquality-&libpwquality-version;</title>
23
24 <indexterm zone="libpwquality">
25 <primary sortas="a-libpwquality">libpwquality</primary>
26 </indexterm>
27
28 <sect2 role="package">
29 <title>Introduction to libpwquality</title>
30
31 <para>
32 The <application>libpwquality</application> package provides common
33 functions for password quality checking and also scoring them based on
34 their apparent randomness. The library also provides a function for
35 generating random passwords with good pronounceability.
36 </para>
37
38 &lfs112_checked;
39
40 <bridgehead renderas="sect3">Package Information</bridgehead>
41 <itemizedlist spacing="compact">
42 <listitem>
43 <para>
44 Download (HTTP): <ulink url="&libpwquality-download-http;"/>
45 </para>
46 </listitem>
47 <listitem>
48 <para>
49 Download (FTP): <ulink url="&libpwquality-download-ftp;"/>
50 </para>
51 </listitem>
52 <listitem>
53 <para>
54 Download MD5 sum: &libpwquality-md5sum;
55 </para>
56 </listitem>
57 <listitem>
58 <para>
59 Download size: &libpwquality-size;
60 </para>
61 </listitem>
62 <listitem>
63 <para>
64 Estimated disk space required: &libpwquality-buildsize;
65 </para>
66 </listitem>
67 <listitem>
68 <para>
69 Estimated build time: &libpwquality-time;
70 </para>
71 </listitem>
72 </itemizedlist>
73
74 <bridgehead renderas="sect3">libpwquality Dependencies</bridgehead>
75
76 <bridgehead renderas="sect4">Required</bridgehead>
77 <para role="required">
78 <xref linkend="cracklib"/>
79 </para>
80
81 <bridgehead renderas="sect4">Recommended</bridgehead>
82 <para role="recommended">
83 <xref linkend="linux-pam"/>
84 </para>
85<!-- Do not advertise python 2 since python 3 can be used
86 <bridgehead renderas="sect4">Optional</bridgehead>
87 <para role="optional">
88 <xref linkend="python2"/>
89 </para>
90-->
91 <para condition="html" role="usernotes">User Notes:
92 <ulink url="&blfs-wiki;/libpwquality"/>
93 </para>
94 </sect2>
95
96 <sect2 role="installation">
97 <title>Installation of libpwquality</title>
98
99 <para>
100 Install <application>libpwquality</application> by running the following
101 commands:
102 </para>
103
104<screen><userinput>./configure --prefix=/usr \
105 --disable-static \
106 --with-securedir=/usr/lib/security \
107 --with-python-binary=python3 &amp;&amp;
108make</userinput></screen>
109
110 <para>
111 This package does not come with a test suite.
112 </para>
113
114 <para>
115 Now, as the <systemitem class="username">root</systemitem> user:
116 </para>
117
118<screen role="root"><userinput>make install</userinput></screen>
119
120 </sect2>
121
122 <sect2 role="commands">
123 <title>Command Explanations</title>
124
125 <para>
126 <parameter>--with-python-binary=python3</parameter>: This parameter gives
127 the location of the <application>Python</application> binary. The default
128 is <parameter>python</parameter>, and requires <xref linkend="python2"/>.
129 </para>
130
131 </sect2>
132
133 <sect2 role="configuration">
134 <title>Configuring libpwquality</title>
135
136 <para>
137 <application>libpwquality</application> is intended to be a
138 functional replacement for the now-obsolete
139 <filename>pam_cracklib.so</filename> PAM module. To configure the system
140 to use the <filename>pam_pwquality</filename> module, execute the
141 following commands as the
142 <systemitem class="username">root</systemitem> user:
143 </para>
144
145<screen role="root"><userinput>mv /etc/pam.d/system-password{,.orig} &amp;&amp;
146cat &gt; /etc/pam.d/system-password &lt;&lt; "EOF"
147<literal># Begin /etc/pam.d/system-password
148
149# check new passwords for strength (man pam_pwquality)
150password required pam_pwquality.so authtok_type=UNIX retry=1 difok=1 \
151 minlen=8 dcredit=0 ucredit=0 \
152 lcredit=0 ocredit=0 minclass=1 \
153 maxrepeat=0 maxsequence=0 \
154 maxclassrepeat=0 geoscheck=0 \
155 dictcheck=1 usercheck=1 \
156 enforcing=1 badwords="" \
157 dictpath=/usr/lib/cracklib/pw_dict
158# use sha512 hash for encryption, use shadow, and use the
159# authentication token (chosen password) set by pam_pwquality
160# above (or any previous modules). Also set the number of crypt rounds
161# to the value used in shadow.
162password required pam_unix.so sha512 shadow use_authtok \
163 rounds=500000
164
165# End /etc/pam.d/system-password</literal>
166EOF
167</userinput></screen>
168
169 </sect2>
170
171 <sect2 role="content">
172 <title>Contents</title>
173
174 <segmentedlist>
175 <segtitle>Installed Programs</segtitle>
176 <segtitle>Installed Libraries</segtitle>
177 <segtitle>Installed Directories</segtitle>
178
179 <seglistitem>
180 <seg>
181 pwscore and pwmake
182 </seg>
183 <seg>
184 pam_pwquality.so and libpwquality.so
185 </seg>
186 <seg>
187 None
188 <!-- /etc/security was installed by Linux-PAM -->
189 </seg>
190 </seglistitem>
191 </segmentedlist>
192
193 <variablelist>
194 <bridgehead renderas="sect3">Short Descriptions</bridgehead>
195 <?dbfo list-presentation="list"?>
196 <?dbhtml list-presentation="table"?>
197
198 <varlistentry id="pwmake">
199 <term><command>pwmake</command></term>
200 <listitem>
201 <para>
202 is a simple configurable tool for generating random
203 and relatively easily pronounceable passwords
204 </para>
205 <indexterm zone="libpwquality pwmake">
206 <primary sortas="b-pwmake">pwmake</primary>
207 </indexterm>
208 </listitem>
209 </varlistentry>
210
211 <varlistentry id="pwscore">
212 <term><command>pwscore</command></term>
213 <listitem>
214 <para>
215 is a simple tool for checking quality of a password
216 </para>
217 <indexterm zone="libpwquality pwscore">
218 <primary sortas="b-pwscore">pwscore</primary>
219 </indexterm>
220 </listitem>
221 </varlistentry>
222
223 <varlistentry id="libpwquality-lib">
224 <term><filename class="libraryfile">libpwquality.so</filename></term>
225 <listitem>
226 <para>
227 contains API functions for checking the password quality
228 </para>
229 <indexterm zone="libpwquality libpwquality-lib">
230 <primary sortas="c-libpwquality">libpwquality.so</primary>
231 </indexterm>
232 </listitem>
233 </varlistentry>
234
235 <varlistentry id="pam_pwquality">
236 <term><filename class="libraryfile">pam_pwquality.so</filename></term>
237 <listitem>
238 <para>
239 is a <application>Linux PAM</application> module used to perform
240 password quality checking
241 </para>
242 <indexterm zone="libpwquality pam_pwquality">
243 <primary sortas="c-pam_pwquality">pam_pwquality.so</primary>
244 </indexterm>
245 </listitem>
246 </varlistentry>
247
248 </variablelist>
249
250 </sect2>
251
252</sect1>
Note: See TracBrowser for help on using the repository browser.