Context Navigation

← Previous Changeset
Next Changeset →

Changeset 5443006d

Timestamp:

03/11/2012 12:39:56 PM (12 years ago)

Author:

Krejzi <krejzi@…>

Branches:

10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 12.0, 12.1, 7.10, 7.4, 7.5, 7.6, 7.6-blfs, 7.6-systemd, 7.7, 7.8, 7.9, 8.0, 8.1, 8.2, 8.3, 8.4, 9.0, 9.1, basic, bdubbs/svn, elogind, gnome, kde5-13430, kde5-14269, kde5-14686, kea, ken/TL2024, ken/inkscape-core-mods, ken/tuningfonts, krejzi/svn, lazarus, lxqt, nosym, perl-modules, plabs/newcss, plabs/python-mods, python3.11, qt5new, rahul/power-profiles-daemon, renodr/vulkan-addition, systemd-11177, systemd-13485, trunk, upgradedb, xry111/intltool, xry111/llvm18, xry111/soup3, xry111/test-20220226, xry111/xf86-video-removal

Children:

14aeac4

Parents:

b7a53c2

Message:

shadow 4.1.5

git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@9670 af4574ff-66df-0310-9fd7-8a98e5e911e0

Files:

: 3 edited

general.ent (modified) (3 diffs)
introduction/welcome/changelog.xml (modified) (1 diff)
postlfs/security/shadow.xml (modified) (11 diffs)

Legend:

: Unmodified
: Added
: Removed

general.ent

-              rb7a53c2
+              r5443006d
 -->
 <!ENTITY day          "10">                   <!-- Always 2 digits -->
+<!ENTITY day          "11">                   <!-- Always 2 digits -->
 <!ENTITY month        "03">                   <!-- Always 2 digits -->
 <!ENTITY year         "2012">
 …
 <!ENTITY lfs-m4-version               "1.4.14">
 <!ENTITY lfs-perl-version             "5.12.1">
 <!ENTITY lfs-shadow-version           "4.1.4.2">
+<!ENTITY lfs-shadow-version           "4.1.5">
 <!ENTITY lfs-vim-version              "7.3">
 <!-- End LFS versions -->
 …
 <!ENTITY polkit-version               "0.104">
 <!ENTITY polkit-gnome-version         "0.104">
 <!ENTITY shadow-version               "4.1.4.3">
+<!ENTITY shadow-version               "4.1.5">
 <!ENTITY stunnel-version              "4.52">
 <!ENTITY sudo-version                 "1.8.2">

introduction/welcome/changelog.xml

-              rb7a53c2
+              r5443006d
 -->
     <listitem>
+      <para>March 11th, 2012</para>
+      <itemizedlist>
+        <listitem>
+          <para>[krejzi] - shadow 4.1.5.</para>
+        </listitem>
+      </itemizedlist>
+    </listitem>
+    <listitem>
       <para>March 10th, 2012</para>
       <itemizedlist>

postlfs/security/shadow.xml

-              rb7a53c2
+              r5443006d
   <!ENTITY shadow-download-http "http://pkg-shadow.alioth.debian.org/releases/shadow-&shadow-version;.tar.bz2 ">
   <!ENTITY shadow-download-ftp  " ">
   <!ENTITY shadow-md5sum        "b8608d8294ac88974f27b20f991c0e79">
   <!ENTITY shadow-size          "1.8 MB">
   <!ENTITY shadow-buildsize     "30 MB">
+  <!ENTITY shadow-md5sum        "d5f7a588fadb79faeb4b08b1eee82e9a">
+  <!ENTITY shadow-size          "2.1 MB">
+  <!ENTITY shadow-buildsize     "35 MB">
   <!ENTITY shadow-time          "0.3 SBU">
 ]>
 …
         <para>Download (HTTP): <ulink url="&shadow-download-http;"/></para>
       </listitem>
       <listitem>
+<!--      <listitem>
         <para>Download (FTP): <ulink url="&shadow-download-ftp;"/></para>
       </listitem>
+      </listitem> -->
       <listitem>
         <para>Download MD5 sum: &shadow-md5sum;</para>
 …
     </itemizedlist>
     <!-- <bridgehead renderas="sect3">Additional Downloads</bridgehead>
+    <bridgehead renderas="sect3">Additional Downloads</bridgehead>
     <itemizedlist spacing='compact'>
       <listitem>
         <para>Required patch: <ulink
+        url="&patch-root;/shadow-&shadow-version;-useradd_fix-2.patch"/></para>
+        url="http://www.&lfs-domainname;/patches/lfs/development/shadow-&shadow-version;-nscd-1.patch"/>
+        </para>
       </listitem>
     </itemizedlist> -->
+    </itemizedlist>
     <bridgehead renderas="sect3">Shadow Dependencies</bridgehead>
     <bridgehead renderas="sect4">Required</bridgehead>
     <para role="required"><xref linkend="linux-pam"/> and/or
+    <para role="required"><xref linkend="linux-pam"/> or
     <xref linkend="cracklib"/></para>
 …
     commands:</para>
 <screen><userinput>sed -i 's/groups$(EXEEXT) //' src/Makefile.in                   &amp;&amp;
+<screen><userinput>sed -i 's/groups$(EXEEXT) //' src/Makefile.in &amp;&amp;
 find man -name Makefile.in -exec sed -i 's/groups\.1 / /' {} \; &amp;&amp;
 sed -i -e 's/ ko//' -e 's/ zh_CN zh_TW//' man/Makefile.in       &amp;&amp;
+sed -i -e 's/ ko//' -e 's/ zh_CN zh_TW//' man/Makefile.in &amp;&amp;
 sed -i -e 's@#ENCRYPT_METHOD DES@ENCRYPT_METHOD SHA512@' \
+       -e 's@/var/spool/mail@/var/mail@' etc/login.defs         &amp;&amp;
+./configure --sysconfdir=/etc                                   &amp;&amp;
+       -e 's@/var/spool/mail@/var/mail@' etc/login.defs &amp;&amp;
+sed -i -e 's@PATH=/sbin:/bin:/usr/sbin:/usr/bin@&amp;:/usr/local/sbin:/usr/local/bin@' \
+       -e 's@PATH=/bin:/usr/bin@&amp;:/usr/local/bin@' etc/login.defs &amp;&amp;
+patch -Np1 -i ../shadow-&shadow-version;-nscd-1.patch &amp;&amp;
+./configure --prefix=/usr --sysconfdir=/etc \
+            --without-acl --without-attr &amp;&amp;
 make</userinput></screen>
 …
     <application>Man-DB</application> cannot format them properly.</para>
     <para><command>sed -i -e 's@#ENCRYPT_METHOD DES@ENCRYPT_METHOD SHA512'
+    <para><command>sed -i -e 's@#ENCRYPT_METHOD DES@ENCRYPT_METHOD SHA512@'
     -e 's@/var/spool/mail@/var/mail@' etc/login.defs</command>:
     Instead of using the default 'crypt' method, this command modifies the
+    Instead of using the default 'DES' method, this command modifies the
     installation to use the more secure 'SHA512' method of hashing passwords,
     which also allows passwords longer than eight characters. It also changes
 …
     default to the <filename class="directory">/var/mail</filename>
     location.</para>
+    <para><command>sed -i -e
+    's@PATH=/sbin:/bin:/usr/sbin:/usr/bin@&amp;:/usr/local/sbin:/usr/local/bin@'
+    -e 's@PATH=/bin:/usr/bin@&amp;:/usr/local/bin@' etc/login.defs</command>:
+    This sed expands PATH to <filename class="directory">/usr/local/bin</filename>
+    for normal and <systemitem class="username">root</systemitem> user and to
+    <filename class="directory">/usr/local/sbin</filename> for
+    <systemitem class="username">root</systemitem> user only.</para>
+    <para><command>--without-acl</command>: Disables linking with <xref linkend="acl"/>
+    since <application>Shadow</application> fails to compile if it is present.</para>
+    <para><command>--without-attr</command>: Disables linking with <xref linkend="attr"/>
+    since <application>Shadow</application> fails to compile if it is present.</para>
     <para><command>mv -v /usr/bin/passwd /bin</command>: The
 …
       <application>Shadow</application>, <application>Linux-PAM</application>
       and <application>CrackLib</application>, you can visit the following
       links:</para>
+      link:</para>
       <itemizedlist spacing="compact">
-      <listitem>
-        <para><ulink
-        url="http://www.kernel.org/pub/linux/libs/pam/Linux-PAM-html/sag-pam_cracklib.html"/></para>
-      </listitem>
       <listitem>
         <para><ulink
 …
 <screen role="root"><userinput>install -v -m644 /etc/login.defs /etc/login.defs.orig &amp;&amp;
+for FUNCTION in LASTLOG_ENAB MAIL_CHECK_ENAB \
+                PORTTIME_CHECKS_ENAB CONSOLE \
+                MOTD_FILE NOLOGINS_FILE PASS_MIN_LEN \
+                SU_WHEEL_ONLY MD5_CRYPT_ENAB \
+                CONSOLE_GROUPS ENVIRON_FILE \
+                ULIMIT ENV_TZ ENV_HZ ENV_SUPATH \
+                ENV_PATH QMAIL_DIR MAIL_DIR MAIL_FILE \
+                CHFN_AUTH FAILLOG_ENAB QUOTAS_ENAB FTMP_FILE \
+                OBSCURE_CHECKS_ENAB CRACKLIB_DICTPATH \
+                PASS_CHANGE_TRIES PASS_ALWAYS_WARN ISSUE_FILE
+for FUNCTION in FAIL_DELAY LASTLOG_ENAB \
+                MAIL_CHECK_ENAB \
+                OBSCURE_CHECKS_ENAB \
+                PORTTIME_CHECKS_ENAB \
+                CONSOLE MOTD_FILE \
+                NOLOGINS_FILE ENV_HZ \
+                SU_WHEEL_ONLY \
+                CRACKLIB_DICTPATH \
+                SYS_UID_MIN SYS_UID_MAX \
+                SYS_GID_MIN SYS_GID_MAX \
+                PASS_CHANGE_TRIES \
+                PASS_ALWAYS_WARN \
+                CHFN_AUTH ENVIRON_FILE
 do
     sed -i "s/^$FUNCTION/# &amp;/" /etc/login.defs
 …
 #session   optional    pam_mail.so      standard quiet
-# Use xauth keys (if available)
-session   optional    pam_xauth.so
 # include the default session and password settings
 session   include     system-session
 …
 # include the default account settings
 account   include     system-account
-# Use xauth keys (if available)
-session   optional    pam_xauth.so
 # Set default environment variables for the service user
 …
       </sect4>
-      <sect4 id="pam-env">
-        <title>Configuring Default Environment</title>
-          <para>During previous configuration, several items were removed from
-          <filename>/etc/login.defs</filename>.  Some of these items are now
-          controlled by the <filename class='libraryfile'>pam_env.so</filename>
-          module and the <filename>/etc/security/pam_env.conf</filename>
-          configuration file.  In particular, the default path has been
-          changed.  To recover your default path, execute the following
-          commands:</para>
-<screen role="root"><userinput>ENV_PATH=`grep '^ENV_PATH' /etc/login.defs.orig | \
-    awk '{ print $2 }' | sed 's/PATH=//'` &amp;&amp;
-echo 'PATH        DEFAULT='`echo "${ENV_PATH}"`\
-'        OVERRIDE=${PATH}' \
-    >> /etc/security/pam_env.conf &amp;&amp;
-unset ENV_PATH</userinput></screen>
-          <note>
-            <para>The ENV_SUPATH option used to modify root's default path
-            does not work with PAM. You have to set the path in root's login
-            scripts instead.
-            </para>
-          </note>
-      </sect4>
     </sect3>

Note: See TracChangeset for help on using the changeset viewer.