Changeset e807ae1


Ignore:
Timestamp:
07/03/2007 04:20:51 AM (14 years ago)
Author:
Randy McMurchy <randy@…>
Branches:
10.0, 10.1, 11.0, 6.3, 6.3-rc1, 6.3-rc2, 6.3-rc3, 7.10, 7.4, 7.5, 7.6, 7.6-blfs, 7.6-systemd, 7.7, 7.8, 7.9, 8.0, 8.1, 8.2, 8.3, 8.4, 9.0, 9.1, basic, bdubbs/svn, elogind, gnome, kde5-13430, kde5-14269, kde5-14686, krejzi/svn, nosym, perl-modules, qt5new, systemd-11177, systemd-13485, trunk, xry111/git-date, xry111/git-date-for-trunk, xry111/git-date-test
Children:
a77e3524
Parents:
82811c5
Message:

Updated to Shadow-4.0.18.1, which is the version used in LFS. Also modified the /etc/pam.d/login files as suggested by Jonathan Oksman to strengthen the login security

git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@6829 af4574ff-66df-0310-9fd7-8a98e5e911e0

Files:
3 edited

Legend:

Unmodified
Added
Removed
  • general.ent

    r82811c5 re807ae1  
    44-->
    55
    6 <!ENTITY day          "02">                   <!-- Always 2 digits -->
     6<!ENTITY day          "03">                   <!-- Always 2 digits -->
    77<!ENTITY month        "07">                   <!-- Always 2 digits -->
    88<!ENTITY year         "2007">
    99<!ENTITY version      "svn-&year;&month;&day;">
    10 <!ENTITY releasedate  "July &day;nd, &year;">
     10<!ENTITY releasedate  "July &day;rd, &year;">
    1111<!ENTITY pubdate      "&year;-&month;-&day;"> <!-- metadata req. by TLDP -->
    1212<!ENTITY blfs-version "svn">                  <!-- svn|[release #] -->
     
    6464<!ENTITY cracklib-version             "2.8.10">
    6565<!ENTITY linux-pam-version            "0.99.7.1">
    66 <!ENTITY shadow-version               "4.0.17">
     66<!ENTITY shadow-version               "4.0.18.1">
    6767<!ENTITY iptables-version             "1.3.6">
    6868<!ENTITY gnupg-version                "1.4.7">
  • introduction/welcome/changelog.xml

    r82811c5 re807ae1  
    4343
    4444    <listitem>
     45      <para>July 3rd, 2007</para>
     46      <itemizedlist>
     47        <listitem>
     48          <para>[randy] - Updated to Shadow-4.0.18.1, which is the version used
     49          in LFS. Also modified the /etc/pam.d/login file as suggested by
     50          Jonathan Oksman to strengthen the login security.</para>
     51        </listitem>
     52      </itemizedlist>
     53    </listitem>
     54
     55    <listitem>
    4556      <para>July 2nd, 2007</para>
    4657      <itemizedlist>
  • postlfs/security/shadow.xml

    r82811c5 re807ae1  
    55  %general-entities;
    66
    7   <!ENTITY shadow-download-http "http://ftp.pld.org.pl/software/shadow/old/shadow-&shadow-version;.tar.bz2">
    8   <!ENTITY shadow-download-ftp  "ftp://ftp.pld.org.pl/software/shadow/old/shadow-&shadow-version;.tar.bz2">
    9   <!ENTITY shadow-md5sum        "bc5972a195290533b4c0576276056ed9">
    10   <!ENTITY shadow-size          "1.4 MB">
    11   <!ENTITY shadow-buildsize     "17 MB">
     7  <!-- <!ENTITY shadow-download-http "http://ftp.pld.org.pl/software/shadow/old/shadow-&shadow-version;.tar.bz2"> -->
     8  <!ENTITY shadow-download-http "http://cross-lfs.org/files/packages/svn/shadow-&shadow-version;.tar.bz2">
     9  <!ENTITY shadow-download-ftp  "ftp://ftp.pld.org.pl/software/shadow/shadow-&shadow-version;.tar.bz2">
     10  <!ENTITY shadow-md5sum        "e7751d46ecf219c07ae0b028ab3335c6">
     11  <!ENTITY shadow-size          "1.5 MB">
     12  <!ENTITY shadow-buildsize     "18 MB">
    1213  <!ENTITY shadow-time          "0.3 SBU">
    1314]>
     
    6263    </itemizedlist>
    6364
    64     <!--
    6565    <bridgehead renderas="sect3">Additional Downloads</bridgehead>
    6666    <itemizedlist spacing='compact'>
    6767      <listitem>
    6868        <para>Required patch: <ulink
    69         url="&patch-root;/shadow-&shadow-version;-configure_fix-1.patch"/></para>
     69        url="&patch-root;/shadow-&shadow-version;-useradd_fix-2.patch"/></para>
    7070      </listitem>
    7171    </itemizedlist>
    72     -->
    7372
    7473    <bridgehead renderas="sect3">Shadow Dependencies</bridgehead>
     
    102101    commands:</para>
    103102
    104 <screen><userinput>./configure --libdir=/lib \
     103<screen><userinput>patch -Np1 -i ../shadow-&shadow-version;-useradd_fix-2.patch &amp;&amp;
     104
     105./configure --libdir=/lib \
    105106            --sysconfdir=/etc \
    106107            --enable-shared \
    107108            --without-selinux &amp;&amp;
     109
    108110sed -i 's/groups$(EXEEXT) //' src/Makefile &amp;&amp;
    109 find man -name Makefile -exec sed -i '/groups/d' {} \; &amp;&amp;
     111find man -name Makefile -exec sed -i 's/groups\.1 / /' {} \; &amp;&amp;
    110112sed -i -e 's/ ko//' -e 's/ zh_CN zh_TW//' man/Makefile &amp;&amp;
    111113
     
    183185    library to the root partition to support the moving of the
    184186    <command>passwd</command> program earlier.</para>
     187
     188  </sect2>
     189
     190  <sect2 role="configuration">
     191    <title>Configuring Shadow</title>
     192
     193    <para><application>Shadow</application>'s stock configuration for the
     194    <command>useradd</command> utility is not suitable for LFS systems. Use the
     195    following commands as the <systemitem class="username">root</systemitem>
     196    user to change the default home directory for new users and prevent the
     197    creation of mail spool files:</para>
     198
     199<screen role="root"><userinput>useradd -D -b /home &amp;&amp;
     200sed -i 's/yes/no/' /etc/default/useradd</userinput></screen>
    185201
    186202  </sect2>
     
    332348<literal># Begin /etc/pam.d/login
    333349
    334 auth        requisite      pam_securetty.so
    335350auth        requisite      pam_nologin.so
     351auth        required       pam_securetty.so
    336352auth        required       pam_unix.so
    337353account     required       pam_access.so
     
    359375<literal># Begin /etc/pam.d/login
    360376
    361 auth        requisite      pam_securetty.so
    362377auth        requisite      pam_nologin.so
     378auth        required       pam_securetty.so
    363379auth        required       pam_env.so
    364380auth        required       pam_unix.so
     
    442458
    443459      <sect4>
    444         <title>'chpasswd', 'newusers', 'groupadd', 'groupdel',
    445         'groupmod', 'useradd', 'userdel', and 'usermod'</title>
    446 
    447 <screen role="root"><userinput>for PROGRAM in chpasswd newusers groupadd groupdel \
    448                groupmod useradd userdel usermod
     460        <title>'chpasswd', 'chgpasswd', 'groupadd', 'groupdel', 'groupmems',
     461        'groupmod', 'newusers', 'useradd', 'userdel', and 'usermod'</title>
     462
     463<screen role="root"><userinput>for PROGRAM in chpasswd chgpasswd groupadd groupdel groupmems \
     464               groupmod newusers useradd userdel usermod
    449465do
    450466    install -v -m644 /etc/pam.d/chage /etc/pam.d/$PROGRAM
Note: See TracChangeset for help on using the changeset viewer.