source: postlfs/security/libpwquality.xml@ 62066a5

10.0 10.1 11.0 8.4 9.0 9.1 bdubbs/svn ken/refactor-virt lazarus qt5new trunk upgradedb xry111/git-date xry111/git-date-for-trunk xry111/git-date-test
Last change on this file since 62066a5 was 62066a5, checked in by DJ Lucas <dj@…>, 3 years ago

Update pam_cracklib configuration with modern options and provide replacement configuration with pam_pwqaulity.

git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@20872 af4574ff-66df-0310-9fd7-8a98e5e911e0

  • Property mode set to 100644
File size: 7.4 KB
Line 
1<?xml version="1.0" encoding="ISO-8859-1"?>
2<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3 "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4 <!ENTITY % general-entities SYSTEM "../../general.ent">
5 %general-entities;
6
7 <!ENTITY libpwquality-download-http "https://github.com/libpwquality/libpwquality/releases/download/libpwquality-&libpwquality-version;/libpwquality-&libpwquality-version;.tar.bz2">
8 <!ENTITY libpwquality-download-ftp " ">
9 <!ENTITY libpwquality-md5sum "b8defcc7280a90e9400d6689c93a279c">
10 <!ENTITY libpwquality-size "440 KB">
11 <!ENTITY libpwquality-buildsize "4.0 MB">
12 <!ENTITY libpwquality-time "less than 0.1 SBU">
13]>
14
15<sect1 id="libpwquality" xreflabel="libpwquality-&libpwquality-version;">
16 <?dbhtml filename="libpwquality.html"?>
17
18 <sect1info>
19 <othername>$LastChangedBy: fernando $</othername>
20 <date>$Date: 2015-09-25 08:48:24 -0500 (Fri, 25 Sep 2015) $</date>
21 </sect1info>
22
23 <title>libpwquality-&libpwquality-version;</title>
24
25 <indexterm zone="libpwquality">
26 <primary sortas="a-libpwquality">libpwquality</primary>
27 </indexterm>
28
29 <sect2 role="package">
30 <title>Introduction to libpwquality</title>
31
32 <para>
33 The <application>libpwquality</application> package provides common
34 functions for password quality checking and also scoring them based on
35 their apparent randomness. The library also provides a function for
36 generating random passwords with good pronounceability.
37 </para>
38
39 &lfs83_checked;
40
41 <bridgehead renderas="sect3">Package Information</bridgehead>
42 <itemizedlist spacing="compact">
43 <listitem>
44 <para>
45 Download (HTTP): <ulink url="&libpwquality-download-http;"/>
46 </para>
47 </listitem>
48 <listitem>
49 <para>
50 Download (FTP): <ulink url="&libpwquality-download-ftp;"/>
51 </para>
52 </listitem>
53 <listitem>
54 <para>
55 Download MD5 sum: &libpwquality-md5sum;
56 </para>
57 </listitem>
58 <listitem>
59 <para>
60 Download size: &libpwquality-size;
61 </para>
62 </listitem>
63 <listitem>
64 <para>
65 Estimated disk space required: &libpwquality-buildsize;
66 </para>
67 </listitem>
68 <listitem>
69 <para>
70 Estimated build time: &libpwquality-time;
71 </para>
72 </listitem>
73 </itemizedlist>
74
75 <bridgehead renderas="sect3">libpwquality Dependencies</bridgehead>
76
77 <bridgehead renderas="sect4">Required</bridgehead>
78 <para role="required">
79 <xref linkend="cracklib"/>
80 </para>
81
82 <bridgehead renderas="sect4">Recommended</bridgehead>
83 <para role="recommended">
84 <xref linkend="linux-pam"/>
85 </para>
86
87 <para condition="html" role="usernotes">User Notes:
88 <ulink url="&blfs-wiki;/libpwquality"/>
89 </para>
90 </sect2>
91
92 <sect2 role="installation">
93 <title>Installation of libpwquality</title>
94
95 <para>
96 Install <application>libpwquality</application> by running the following
97 commands:
98 </para>
99
100<screen><userinput>./configure --prefix=/usr --disable-static \
101 --with-securedir=/lib/security &amp;&amp;
102make</userinput></screen>
103
104 <para>
105 This package does not come with a test suite.
106 </para>
107
108 <para>
109 Now, as the <systemitem class="username">root</systemitem> user:
110 </para>
111
112<screen role="root"><userinput>make install</userinput></screen>
113
114 </sect2>
115
116 <sect2 role="configuration">
117 <title>Configuring Libpwquality</title>
118
119 <para>
120 <application>Libpwquality</application> is intended to be a
121 functional replacement for the <filename>pam_cracklib.so</filename>
122 module with additional options. To replace the
123 <filename>pam_cracklib.so</filename> module with the
124 <filename>pam_pwquality.so</filename> module, execute the following
125 commands as the <systemitem class="username">root</systemitem> user:
126 </para>
127
128<screen role="root"><userinput>mv /etc/pam.d/system-password{,.orig} &amp;&amp;
129cat &gt; /etc/pam.d/system-password &lt;&lt; "EOF"
130<literal># Begin /etc/pam.d/system-password
131
132# check new passwords for strength (man pam_pwquality)
133password required pam_pwquality.so authtok_type=UNIX retry=1 difok=1 \
134 minlen=8 dcredit=0 ucredit=0 \
135 lcredit=0 ocredit=0 minclass=1 \
136 maxrepeat=0 maxsequence=0 \
137 maxclassrepeat=0 geoscheck=0 \
138 dictcheck=1 usercheck=1 \
139 enforcing=1 badwords="" \
140 dictpath=/lib/cracklib/pw_dict
141# use sha512 hash for encryption, use shadow, and use the
142# authentication token (chosen password) set by pam_pwquality
143# above (or any previous modules)
144password required pam_unix.so sha512 shadow use_authtok
145
146# End /etc/pam.d/system-password</literal>
147EOF
148</userinput></screen>
149
150 </sect2>
151
152 <sect2 role="content">
153 <title>Contents</title>
154
155 <segmentedlist>
156 <segtitle>Installed Programs</segtitle>
157 <segtitle>Installed Libraries</segtitle>
158 <segtitle>Installed Directories</segtitle>
159
160 <seglistitem>
161 <seg>
162 pwscore and pwmake
163 </seg>
164 <seg>
165 pam_pwquality.so and libpwquality.so
166 </seg>
167 <seg>
168 None
169 <!-- /etc/security was installed by Linux-PAM -->
170 </seg>
171 </seglistitem>
172 </segmentedlist>
173
174 <variablelist>
175 <bridgehead renderas="sect3">Short Descriptions</bridgehead>
176 <?dbfo list-presentation="list"?>
177 <?dbhtml list-presentation="table"?>
178
179 <varlistentry id="pwmake">
180 <term><command>pwmake</command></term>
181 <listitem>
182 <para>
183 is a simple configurable tool for generating random
184 and relatively easily pronounceable passwords.
185 </para>
186 <indexterm zone="libpwquality pwmake">
187 <primary sortas="b-pwmake">pwmake</primary>
188 </indexterm>
189 </listitem>
190 </varlistentry>
191
192 <varlistentry id="pwscore">
193 <term><command>pwscore</command></term>
194 <listitem>
195 <para>
196 is a simple tool for checking quality of a password.
197 </para>
198 <indexterm zone="libpwquality pwscore">
199 <primary sortas="b-pwscore">pwscore</primary>
200 </indexterm>
201 </listitem>
202 </varlistentry>
203
204 <varlistentry id="libpwquality-lib">
205 <term><filename class="libraryfile">libpwquality.so</filename></term>
206 <listitem>
207 <para>
208 contains API functions for checking the password quality.
209 </para>
210 <indexterm zone="libpwquality libpwquality-lib">
211 <primary sortas="c-libpwquality">libpwquality.so</primary>
212 </indexterm>
213 </listitem>
214 </varlistentry>
215
216 <varlistentry id="pam_pwquality">
217 <term><filename class="libraryfile">pam_pwquality.so</filename></term>
218 <listitem>
219 <para>
220 is a <application>Linux PAM</application> module used to perform
221 password quality checking.
222 </para>
223 <indexterm zone="libpwquality pam_pwquality">
224 <primary sortas="c-pam_pwquality">pam_pwquality.so</primary>
225 </indexterm>
226 </listitem>
227 </varlistentry>
228
229 </variablelist>
230
231 </sect2>
232
233</sect1>
Note: See TracBrowser for help on using the repository browser.