From 673b0d84ba9591e07c0bdf0ee49d92eba10f502c Mon Sep 17 00:00:00 2001 From: Matthew Burgess Date: Mon, 3 May 2004 10:59:46 +0000 Subject: * Merged newxml into HEAD git-svn-id: http://svn.linuxfromscratch.org/LFS/trunk/BOOK@3435 4aa44e1e-78dd-0310-a6d2-fbcd4c07a689 --- chapter06/shadow.xml | 193 +++++++++++++++++++++++++++++++++++++++++++++------ 1 file changed, 173 insertions(+), 20 deletions(-) (limited to 'chapter06/shadow.xml') diff --git a/chapter06/shadow.xml b/chapter06/shadow.xml index 714393c2a..76ea1f075 100644 --- a/chapter06/shadow.xml +++ b/chapter06/shadow.xml @@ -1,17 +1,24 @@ + + + %general-entities; +]> -Installing Shadow-&shadow-version; - +Shadow-&shadow-version; + + +Shadow The Shadow package contains programs for handling passwords in a secure way. -&buildtime; &shadow-time; -&diskspace; &shadow-compsize; +&buildtime; 0.4 SBU +&diskspace; 11 MB + +Shadow installation depends on: Bash, Binutils, Bison, Coreutils, +Diffutils, GCC, Gettext, Glibc, Grep, Make, Sed. -&aa-shadow-down; -&aa-shadow-dep; -   Installation of Shadow @@ -40,7 +47,7 @@ working: make -And install it: +Then install it: make install @@ -51,17 +58,17 @@ system. Install these two config files: Instead of using the default crypt method, we want to use the more secure MD5 method of password encryption, -which in addition allows passwords longer than 8 characters. We also need to +which also allows passwords longer than 8 characters. We also need to change the obsolete /var/spool/mail -location for user mailboxes that Shadow uses by default to the /var/mail location used nowadays. We accomplish +location for user mailboxes that Shadow uses by default to the /var/mail location used currently. We accomplish both these things by changing the relevant configuration file while copying it to its destination (it's probably better to cut-and-paste this rather than try and type it all in): sed -e 's%#MD5_CRYPT_ENAB.no%MD5_CRYPT_ENAB yes%' \ -    -e 's%/var/spool/mail%/var/mail%' \ -    etc/login.defs.linux > /etc/login.defs + -e 's%/var/spool/mail%/var/mail%' \ + etc/login.defs.linux > /etc/login.defs Move some misplaced symlinks to their proper locations: @@ -91,9 +98,11 @@ installed by Shadow: -   -Configuring Shadow +Configuring Shadow + +Shadow +configuring This package contains utilities to add, modify and delete users and groups, set and change their passwords, and other such administrative tasks. @@ -108,7 +117,7 @@ need to be able to work with shadowed passwords. pwconv -And to enable shadowed group passwords, run: +To enable shadowed group passwords, run: grpconv @@ -119,7 +128,6 @@ any group passwords with the gpasswd command. -   Setting the root password @@ -130,8 +138,153 @@ any group passwords with the gpasswd command. -&aa-shadow-shortdesc; -&aa-shadow-desc; - +Contents of Shadow + +Installed programs: chage, chfn, chpasswd, chsh, +dpasswd, expiry, faillog, gpasswd, groupadd, groupdel, groupmod, groups, grpck, +grpconv, grpunconv, lastlog, login, logoutd, mkpasswd, newgrp, newusers, +passwd, pwck, pwconv, pwunconv, sg (link to newgrp), useradd, userdel, usermod, +vigr (link to vipw) and vipw + + + +Short descriptions + +chage +chage is used to change the maximum number of +days between obligatory password changes. + +chfn +chfn is used to change a user's full name and +some other info. + +chpasswd +chpasswd is used to update the passwords of a +whole series of user accounts in one go. + +chsh +chsh is used to change a user's default + login shell. + +dpasswd +dpasswd is used to change dial-up passwords for +user login shells. + +expiry +expiry checks and enforces the current password +expiration policy. + +faillog +faillog is used to examine the log of login +failures, to set a maximum number of failures before an account is blocked, +or to reset the failure count. + +gpasswd +gpasswd is used to add and delete members and +administrators to groups. + +groupadd +groupadd creates a group with the given +name. + +groupdel +groupdel deletes the group with the given +name. + +groupmod +groupmod is used to modify the given group's +name or GID. + +groups +groups reports the groups of which the given +users are members. + +grpck +grpck verifies the integrity of the group files, +/etc/group and /etc/gshadow. + +grpconv +grpconv creates or updates the shadow group file +from the normal group file. + +grpunconv +grpunconv updates /etc/group +from /etc/gshadow and then deletes the latter. + +lastlog +lastlog reports the most recent login of all +users, or of a given user. +login +login is used by the system to let users sign on. + +logoutd +logoutd is a daemon used to enforce restrictions +on log-on time and ports. + +mkpasswd +mkpasswd encrypts the given password using the +also given perturbation. + +newgrp +newgrp is used to change the current GID during +a login session. + +newusers +newusers is used to create or update a whole +series of user accounts in one go. + +passwd +passwd is used to change the password for a user +or group account. + +pwck +pwck verifies the integrity of the password files, +/etc/passwd and /etc/shadow. + +pwconv +pwconv creates or updates the shadow password file +from the normal password file. + +pwunconv +pwunconv updates /etc/passwd +from /etc/shadow and then deletes the latter. + +sg +sg executes a given command while the user's GID +is set to that of the given group. + +useradd +useradd creates a new user with the given name, +or updates the default new-user information. + +userdel +userdel deletes the given user account. + +usermod +usermod is used to modify the given user's +login name, UID (User Identification), shell, initial group, home directory, and the like. + +vigr +vigr can be used to edit the +/etc/group or /etc/gshadow +files. + +vipw +vipw can be used to edit the +/etc/passwd or /etc/shadow +files. + +libmisc +libmisc... + +libshadow +libshadow contains functions used by most +programs in this package. + + + + + + -- cgit v1.2.3-54-g00ecf