Changeset 286cd58c
- Timestamp:
- 02/07/2016 05:48:56 AM (8 years ago)
- Branches:
- systemd-13485
- Children:
- 6ef90edf
- Parents:
- f2457995
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
packages.ent
rf2457995 r286cd58c 22 22 <!ENTITY libpwquality-version "1.3.0"> 23 23 <!ENTITY linux-pam-version "1.2.1"> 24 <!ENTITY linux-pam-docs-version "1.2.0"> 24 25 <!ENTITY mitkrb-major-version "1.14"> 25 26 <!ENTITY mitkrb-version "&mitkrb-major-version;"> -
postlfs/security/linux-pam.xml
rf2457995 r286cd58c 7 7 <!ENTITY linux-pam-download-http "http://linux-pam.org/library/Linux-PAM-&linux-pam-version;.tar.bz2"> 8 8 <!ENTITY linux-pam-download-ftp " "> 9 <!ENTITY linux-pam-md5sum "9dc53067556d2dd567808fd5095 29dd6">10 <!ENTITY linux-pam-size "1. 2MB">11 <!ENTITY linux-pam-buildsize "3 2 MB">12 <!ENTITY linux-pam-time "0. 4 SBU">13 14 <!ENTITY linux-pam-docs-download "http://linux-pam.org/documentation/Linux-PAM-&linux-pam- version;-docs.tar.bz2">9 <!ENTITY linux-pam-md5sum "9dc53067556d2dd567808fd509519dd6"> 10 <!ENTITY linux-pam-size "1.3 MB"> 11 <!ENTITY linux-pam-buildsize "33 MB (with tests)"> 12 <!ENTITY linux-pam-time "0.3 SBU (with tests)"> 13 14 <!ENTITY linux-pam-docs-download "http://linux-pam.org/documentation/Linux-PAM-&linux-pam-docs-version;-docs.tar.bz2"> 15 15 <!ENTITY linux-pam-docs-md5sum "558378b8be9b8b5c987326f4529f2130"> 16 16 <!ENTITY linux-pam-docs-size "480 KB"> … … 130 130 </para> 131 131 132 <screen><userinput>tar -xf ../Linux-PAM-&linux-pam- version;-docs.tar.bz2 --strip-components=1</userinput></screen>132 <screen><userinput>tar -xf ../Linux-PAM-&linux-pam-docs-version;-docs.tar.bz2 --strip-components=1</userinput></screen> 133 133 134 134 <para> … … 165 165 <filename class="directory">/etc/security</filename> as well as 166 166 <filename>/etc/environment</filename>. In case you 167 have modified those files, be sure to back them up.167 have modified those files, be sure to backup them. 168 168 </para> 169 169 </caution> … … 175 175 </para> 176 176 177 <screen role="root"><userinput>install -v - dm755/etc/pam.d &&177 <screen role="root"><userinput>install -v -m755 -d /etc/pam.d && 178 178 179 179 cat > /etc/pam.d/other << "EOF" 180 <literal>auth required pam_deny.so180 auth required pam_deny.so 181 181 account required pam_deny.so 182 182 password required pam_deny.so 183 session required pam_deny.so </literal>183 session required pam_deny.so 184 184 EOF</userinput></screen> 185 185 … … 187 187 Now run the tests by issuing <command>make check</command>. 188 188 Ensure there are no errors produced by the tests before continuing the 189 installation. 189 installation. Note that the checks are quite long. It may be useful to 190 redirect the output to a log file in order to inspect it thoroughly. 190 191 </para> 191 192 … … 196 197 </para> 197 198 198 <screen role="root"><userinput>rm - rfv /etc/pam.d</userinput></screen>199 <screen role="root"><userinput>rm -fv /etc/pam.d/*</userinput></screen> 199 200 200 201 <para> … … 273 274 <para>Now set up some generic files. As root:</para> 274 275 275 <screen role="root"><userinput>install -v -dm755 /etc/pam.d 276 277 cat > /etc/pam.d/system-account << "EOF" 276 <screen role="root"><userinput>cat > /etc/pam.d/system-account << "EOF" 278 277 <literal># Begin /etc/pam.d/system-account 279 278 … … 299 298 EOF</userinput></screen> 300 299 301 <para>The remaining generic file depends on whe ther <xref linkend="cracklib"/>302 is installed. If it is installed, issue:</para>300 <para>The remaining generic file depends on wheather <xref linkend="cracklib"/> 301 is installed. If it is installed, use:</para> 303 302 304 303 <screen role="root"><userinput>cat > /etc/pam.d/system-password << "EOF" … … 329 328 330 329 <para>If <xref linkend="cracklib"/> is <emphasis>NOT</emphasis> installed, 331 issue:</para>330 use:</para> 332 331 333 332 <screen role="root"><userinput>cat > /etc/pam.d/system-password << "EOF" … … 342 341 343 342 <para>Now add a restrictive <filename>/etc/pam.d/other</filename> 344 configuration file. With this file, PAM aware services can't be345 used unless a configuration file specifically for that serviceis343 configuration file. With this file, programs that are PAM aware will not 344 run unless a configuration file specifically for that application is 346 345 created.</para> 347 346
Note:
See TracChangeset
for help on using the changeset viewer.