Changeset da84909
- Timestamp:
- 12/27/2021 06:03:46 PM (2 years ago)
- Branches:
- 11.1, 11.2, 11.3, 12.0, 12.1, kea, ken/TL2024, ken/inkscape-core-mods, ken/tuningfonts, lazarus, lxqt, plabs/newcss, plabs/python-mods, python3.11, qt5new, rahul/power-profiles-daemon, renodr/vulkan-addition, trunk, xry111/intltool, xry111/llvm18, xry111/soup3, xry111/test-20220226, xry111/xf86-video-removal
- Children:
- 8ddd8400
- Parents:
- 0a0ad3a (diff), a17c33d (diff)
Note: this is a merge changeset, the changes displayed below correspond to the merge itself.
Use the(diff)
links above to see all the changes relative to each parent. - Files:
-
- 1 added
- 5 edited
Legend:
- Unmodified
- Added
- Removed
-
general/sysutils/systemd.xml
r0a0ad3a rda84909 395 395 396 396 <para> 397 Listed below are the newly installed libraries and directories397 Listed below are the newly installed programs 398 398 along with short descriptions. 399 399 </para> … … 401 401 <segmentedlist> 402 402 <segtitle>Installed Programs</segtitle> 403 <segtitle>Installed Libraries</segtitle>404 <segtitle>Installed Directories</segtitle>405 403 406 404 <seglistitem> … … 409 407 homectl (if <xref linkend="cryptsetup"/> is installed) 410 408 and userdbctl (optionally) 411 </seg>412 <seg>413 pam_systemd.so414 (in <filename class="directory">/lib/security</filename>)415 </seg>416 <seg>417 None418 409 </seg> 419 410 </seglistitem> -
packages.ent
r0a0ad3a rda84909 40 40 <!ENTITY sudo-version "1.9.8p2"> 41 41 <!ENTITY tripwire-version "2.4.3.7"> 42 <!ENTITY util-linux-minor "2.37"> 43 <!ENTITY util-linux-version "&util-linux-minor;.2"> 42 44 <!ENTITY volume_key-version "0.3.12"> 43 45 -
postlfs/security/linux-pam.xml
r0a0ad3a rda84909 450 450 <para> 451 451 You should now reinstall the <xref linkend="shadow"/> 452 <phrase revision="sysv">package .</phrase>452 <phrase revision="sysv">package</phrase> 453 453 <phrase revision="systemd"> and <xref linkend="systemd"/> 454 packages.</phrase> 454 packages</phrase>, and install <command>su</command> from 455 <xref linkend='util-linux'/>. 455 456 </para> 456 457 </important> -
postlfs/security/security.xml
r0a0ad3a rda84909 84 84 <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="stunnel.xml"/> 85 85 <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="sudo.xml"/> 86 <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="util-linux.xml"/> 86 87 <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="tripwire.xml"/> 87 88 <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="volume_key.xml"/> -
postlfs/security/shadow.xml
r0a0ad3a rda84909 134 134 -i etc/login.defs && 135 135 136 ./configure --sysconfdir=/etc --with-group-name-max-length=32 && 136 ./configure --sysconfdir=/etc \ 137 --with-group-name-max-length=32 \ 138 --without-su && 137 139 make</userinput></screen> 138 140 … … 188 190 <parameter>--with-group-name-max-length=32</parameter>: The maximum 189 191 user name is 32 characters. Make the maximum group name the same. 192 </para> 193 194 <para> 195 <parameter>--without-su</parameter>: Don't reinstall 196 <command>su</command> because the upstream recommends to use the 197 <command>su</command> command from <xref linkend='util-linux'/> 198 when <application>Linux-PAM</application> is available. 190 199 </para> 191 200 … … 414 423 415 424 <sect4> 416 <title>'su'</title>417 418 <screen role="root"><userinput>cat > /etc/pam.d/su << "EOF"419 <literal># Begin /etc/pam.d/su420 421 # always allow root422 auth sufficient pam_rootok.so423 424 # Allow users in the wheel group to execute su without a password425 # disabled by default426 #auth sufficient pam_wheel.so trust use_uid427 428 # include system auth settings429 auth include system-auth430 431 # limit su to users in the wheel group432 auth required pam_wheel.so use_uid433 434 # include system account settings435 account include system-account436 437 # Set default environment variables for the service user438 session required pam_env.so439 440 # include system session settings441 session include system-session442 443 # End /etc/pam.d/su</literal>444 EOF</userinput></screen>445 </sect4>446 447 <sect4>448 425 <title>'chage'</title> 449 426 … … 483 460 At this point, you should do a simple test to see if 484 461 <application>Shadow</application> is working as expected. Open 485 another terminal and log in as a user, then <command>su</command> to 486 <systemitem class="username">root</systemitem>. If you do not see 487 any errors, then all is well and you should proceed with the rest of 488 the configuration. If you did receive errors, stop now and double 489 check the above configuration files manually. One obvious reason 490 for an error is if the user is not in group <systemitem 491 class="groupname">wheel</systemitem>. You may want to run (as 492 <systemitem class="username">root</systemitem>): <command>usermod 493 -a -G wheel <replaceable><user></replaceable></command>. 494 Any other error is the sign of an error in the above procedure. 462 another terminal and log in as 463 <systemitem class="username">root</systemitem>, and then run 464 <command>login</command> and login as another user. If you do 465 not see any errors, then all is well and you should proceed with 466 the rest of the configuration. If you did receive errors, stop 467 now and double check the above configuration files manually. 468 Any error is the sign of an error in the above procedure. 495 469 You can also run the 496 test suite from the <application>Linux-PAM</application> package to 497 assist you in determining the problem. If you cannot find and fix 498 the error, you should recompile <application>Shadow</application> 499 adding the <option>--without-libpam</option> switch to the 500 <command>configure</command> command in the above instructions (also 501 move the <filename>/etc/login.defs.orig</filename> backup file to 502 <filename>/etc/login.defs</filename>). If you fail to do this and 503 the errors remain, you will be unable to log into your system. 470 test suite from the <application>Linux-PAM</application> package 471 to assist you in determining the problem. If you cannot find and 472 fix the error, you should recompile 473 <application>Shadow</application> adding the 474 <option>--without-libpam</option> switch to the 475 <command>configure</command> command in the above instructions 476 (also move the <filename>/etc/login.defs.orig</filename> backup 477 file to <filename>/etc/login.defs</filename>). If you fail to do 478 this and the errors remain, you will be unable to log into your 479 system. 504 480 </para> 505 481 </warning>
Note:
See TracChangeset
for help on using the changeset viewer.