- Timestamp:
- 11/29/2005 04:27:40 PM (18 years ago)
- Branches:
- 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 12.0, 12.1, 6.2, 6.2.0, 6.2.0-rc1, 6.2.0-rc2, 6.3, 6.3-rc1, 6.3-rc2, 6.3-rc3, 7.10, 7.4, 7.5, 7.6, 7.6-blfs, 7.6-systemd, 7.7, 7.8, 7.9, 8.0, 8.1, 8.2, 8.3, 8.4, 9.0, 9.1, basic, bdubbs/svn, elogind, gnome, kde5-13430, kde5-14269, kde5-14686, kea, ken/TL2024, ken/inkscape-core-mods, ken/tuningfonts, krejzi/svn, lazarus, lxqt, nosym, perl-modules, plabs/newcss, plabs/python-mods, python3.11, qt5new, rahul/power-profiles-daemon, renodr/vulkan-addition, systemd-11177, systemd-13485, trunk, upgradedb, xry111/intltool, xry111/llvm18, xry111/soup3, xry111/test-20220226, xry111/xf86-video-removal
- Children:
- 90bc173
- Parents:
- 5caa3a2
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
postlfs/security/shadow.xml
r5caa3a2 rd8684cbc 7 7 <!ENTITY shadow-download-http "http://ftp.pld.org.pl/software/shadow/shadow-&shadow-version;.tar.bz2"> 8 8 <!ENTITY shadow-download-ftp "ftp://ftp.pld.org.pl/software/shadow/shadow-&shadow-version;.tar.bz2"> 9 <!ENTITY shadow-md5sum " 609a417a45827c36ba6e33f9dc785371">9 <!ENTITY shadow-md5sum "5c6a105d89afb0900922260e9c5650cc"> 10 10 <!ENTITY shadow-size "1.0 MB"> 11 <!ENTITY shadow-buildsize "13. 4MB">11 <!ENTITY shadow-buildsize "13.6 MB"> 12 12 <!ENTITY shadow-time "0.3 SBU"> 13 13 ]> … … 32 32 <para><application>Shadow</application> was indeed installed in LFS and 33 33 there is no reason to reinstall it unless you installed 34 <application>Linux-PAM</application>. If you did, this will allow programs 35 like <command>login</command> and <command>su</command> to utilize 36 PAM.</para> 34 <application>Linux-PAM</application>. If you did install 35 <application>Linux-PAM</application>, reinstalling 36 <application>Shadow</application> will allow programs such as 37 <command>login</command> and <command>su</command> to utilize PAM.</para> 37 38 38 39 <bridgehead renderas="sect3">Package Information</bridgehead> … … 58 59 </itemizedlist> 59 60 60 <!--61 61 <bridgehead renderas="sect3">Additional Downloads</bridgehead> 62 62 <itemizedlist spacing='compact'> 63 63 <listitem> 64 <para>Patch to fix several invalid warning messages when used with 65 <application>Linux-PAM</application>: <ulink 66 url="&patch-root;/shadow-&shadow-version;-Linux_PAM_fixes-1.patch"/></para> 64 <para>Required patch: <ulink 65 url="&patch-root;/shadow-&shadow-version;-configure_fix-1.patch"/></para> 67 66 </listitem> 68 67 </itemizedlist> 69 -->70 68 71 69 <bridgehead renderas="sect3">Shadow Dependencies</bridgehead> … … 81 79 <para>Reinstall <application>Shadow</application> by running the following 82 80 commands:</para> 83 84 <!--85 <screen><userinput>patch -Np1 -i ../shadow-&shadow-version;-Linux_PAM_fixes-1.patch &&86 <-->87 81 88 82 <screen><userinput>./configure --libdir=/lib --enable-shared \ 89 83 --with-libpam --without-libcrack && 90 84 sed -i 's/groups$(EXEEXT) //' src/Makefile && 91 sed -i '/groups/d' man/Makefile&&85 find man -name Makefile -exec sed -i '/groups/d' && 92 86 make</userinput></screen> 93 87 … … 110 104 <application>Shadow</application> not to use 111 105 <filename class='libraryfile'>libcrack</filename>. This is desired as 112 <application>Linux-PAM</application> already contains 113 <filename class='libraryfile'>libcrack</filename>.</para> 114 115 <para><parameter>--enable-shadowgrp</parameter>: This version of 116 <application>Shadow</application> defaults to not enabling 117 its group functionality, which causes <command>grpconv</command> to 118 fail.</para> 106 <application>Linux-PAM</application> will provide 107 <filename class='libraryfile'>libcrack</filename> functionality.</para> 119 108 120 109 <para><command>sed -i ...</command>: These commands are used to suppress 121 the installation of the <command>groups</command> program a s the version122 from the <application>Coreutils</application> package installed during123 LFS is preferred.</para>110 the installation of the <command>groups</command> program and man pages 111 as the version from the <application>Coreutils</application> package 112 installed during LFS is preferred.</para> 124 113 125 114 </sect2> … … 165 154 stop <command>login</command> from performing these functions (a backup 166 155 file named <filename>/etc/login.defs.orig</filename> is also created 167 to preserve the original file's contents):</para> 156 to preserve the original file's contents). Issue the following commands 157 as the <systemitem class="username">root</systemitem> user:</para> 168 158 169 159 <indexterm zone="shadow pam-login-defs"> … … 181 171 CHFN_AUTH FAILLOG_ENAB QUOTAS_ENAB FTMP_FILE 182 172 do 183 sed -i -e"s/^$FUNCTION/# &/" /etc/login.defs173 sed -i "s/^$FUNCTION/# &/" /etc/login.defs 184 174 done</userinput></screen> 185 175 186 176 <para>If you have <application>CrackLib</application> installed, 187 also comment out four more lines using the following command:</para> 177 also comment out four more lines using the following command as the 178 <systemitem class="username">root</systemitem> user:</para> 188 179 189 180 <screen role="root"><userinput>for FUNCTION in OBSCURE_CHECKS_ENAB CRACKLIB_DICTPATH \ 190 181 PASS_CHANGE_TRIES PASS_ALWAYS_WARN 191 182 do 192 sed -i -e"s/^$FUNCTION/# &/" /etc/login.defs183 sed -i "s/^$FUNCTION/# &/" /etc/login.defs 193 184 done</userinput></screen> 194 185 … … 201 192 files to <filename class="directory">/etc/pam.d/</filename> (or add them 202 193 to <filename>/etc/pam.conf</filename> with the additional field for 203 the program).</para> 194 the program). Issue the commands as the 195 <systemitem class="username">root</systemitem> user:</para> 204 196 205 197 </sect4> … … 328 320 do 329 321 install -v -m644 /etc/pam.d/chage /etc/pam.d/$PROGRAM 330 sed -i -e"s/chage/$PROGRAM/" /etc/pam.d/$PROGRAM322 sed -i "s/chage/$PROGRAM/" /etc/pam.d/$PROGRAM 331 323 done</userinput></screen> 332 324 … … 417 409 </sect4> 418 410 419 420 411 <sect4 id="pam-env"> 421 412 <title>Configuring Default Environment</title> … … 429 420 commands:</para> 430 421 431 <screen ><userinput><command>ENV_PATH=`grep '^ENV_PATH' /etc/login.defs.orig | \422 <screen role="root"><userinput>ENV_PATH=`grep '^ENV_PATH' /etc/login.defs.orig | \ 432 423 awk '{ print $2 }' | sed 's/PATH=//'` && 433 echo 'PATH DEFAULT='`echo "${ENV_PATH}"`' OVERRIDE=${PATH}' \ 424 echo 'PATH DEFAULT='`echo "${ENV_PATH}"`\ 425 ' OVERRIDE=${PATH}' \ 434 426 >> /etc/security/pam_env.conf && 435 unset ENV_PATH</command></userinput></screen> 436 437 <note><para>ENV_SUPATH is no longer supported. You must create 438 a valid <filename>/root/.bashrc</filename> file to provide a 439 modified path for the super-user.</para></note> 427 unset ENV_PATH</userinput></screen> 428 429 <note> 430 <para>ENV_SUPATH is no longer supported. You must create 431 a valid <filename>/root/.bashrc</filename> file to provide a 432 modified path for the super-user.</para> 433 </note> 440 434 441 435 </sect4>
Note:
See TracChangeset
for help on using the changeset viewer.