From 73aedd1d35747ff2fad4ddf514dca810721a612a Mon Sep 17 00:00:00 2001
From: Alex Gronenwoud <alex@linuxfromscratch.org>
Date: Sat, 1 Nov 2003 22:31:50 +0000
Subject: Merging caption and installation sections for all packages in
 chapters 5 and 6.

git-svn-id: http://svn.linuxfromscratch.org/LFS/trunk/BOOK@3052 4aa44e1e-78dd-0310-a6d2-fbcd4c07a689
---
 chapter06/shadowpwd.xml | 108 +++++++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 106 insertions(+), 2 deletions(-)

(limited to 'chapter06/shadowpwd.xml')

diff --git a/chapter06/shadowpwd.xml b/chapter06/shadowpwd.xml
index f6238c0b1..d61415e08 100644
--- a/chapter06/shadowpwd.xml
+++ b/chapter06/shadowpwd.xml
@@ -7,7 +7,111 @@ Estimated required disk space:  &shadow-compsize;</screen>
 
 &aa-shadowpwd-shortdesc;
 &aa-shadowpwd-dep;
-&c6-shadowpwd-inst;
-&c6-cf-shadowpwd;
+
+<sect2><title>&nbsp;</title><para>&nbsp;</para></sect2>
+
+<sect2>
+<title>Installation of Shadow</title>
+
+<para>The <userinput>login</userinput>, <userinput>getty</userinput> and
+<userinput>init</userinput> programs (and some others) maintain a number
+of logfiles to record who are and who were logged in to the system.  These
+programs, however, don't create these logfiles when they don't exist, so if
+you want this logging to occur you will have to create the files yourself.
+The Shadow package needs to detect these files in their proper place, so we
+create them now, with their proper permissions:</para>
+
+<screen><userinput>touch /var/run/utmp /var/log/{btmp,lastlog,wtmp}
+chmod 644 /var/run/utmp /var/log/{btmp,lastlog,wtmp}</userinput></screen>
+
+<para>The <filename>/var/run/utmp</filename> file lists the users that are
+currently logged in, the <filename>/var/log/wtmp</filename> file who
+<emphasis>were</emphasis> logged in and when.
+The <filename>/var/log/lastlog</filename> file shows for each user when he
+or she last logged in, and the <filename>/var/log/btmp</filename> lists the
+bad login attempts.</para>
+
+<para>Shadow hard-wires the path to the <userinput>passwd</userinput> binary
+within the binary itself, but does this the wrong way. If a
+<userinput>passwd</userinput> binary is not present before installing Shadow,
+the package incorrectly assumes it is going to be located at
+<filename>/bin/passwd</filename>, but then installs it in
+<filename>/usr/bin/passwd</filename>. This will lead to errors about not finding
+<filename>/bin/passwd</filename>. To work around this bug, create a dummy
+<filename>passwd</filename> file, so that it gets hard-wired properly:</para>
+
+<screen><userinput>touch /usr/bin/passwd</userinput></screen>
+
+<para>The current Shadow suite has a problem that causes the
+<userinput>newgrp</userinput> command to fail.  The following patch (also
+appearing in Shadow's CVS code) fixes this problem:</para>
+
+<screen><userinput>patch -Np1 -i ../&shadow-patch;</userinput></screen>
+
+<para>Now prepare Shadow for compilation:</para>
+
+<screen><userinput>./configure --prefix=/usr --libdir=/usr/lib --enable-shared</userinput></screen>
+
+<para>Compile the package:</para>
+
+<screen><userinput>make</userinput></screen>
+
+<para>And install it:</para>
+
+<screen><userinput>make install</userinput></screen>
+
+<para>Shadow uses two files to configure authentication settings for the
+system. Install these two config files:</para>
+
+<screen><userinput>cp etc/{limits,login.access} /etc</userinput></screen>
+
+<para>We want to change the password method to enable MD5 passwords which are
+theoretically more secure than the default "crypt" method and also allow
+password lengths greater than 8 characters. We also need to change the old
+<filename class="directory">/var/spool/mail</filename> location for user
+mailboxes to the current location at
+<filename class="directory">/var/mail</filename>. We do this by changing the
+relevant configuration file while copying it to its destination:</para>
+
+<screen><userinput>sed -e 's%/var/spool/mail%/var/mail%' \
+&nbsp;&nbsp;&nbsp;&nbsp;-e 's%#MD5_CRYPT_ENAB.no%MD5_CRYPT_ENAB yes%' \
+&nbsp;&nbsp;&nbsp;&nbsp;etc/login.defs.linux &gt; /etc/login.defs</userinput></screen>
+
+<note><para>Be extra careful when typing all of the above. It is probably safer
+to cut-and-paste it rather than try and type it all in.</para></note>
+
+<para>According to the man page of <userinput>vipw</userinput>, a
+<userinput>vigr</userinput> program should exist too. Since the installation
+procedure doesn't create this program, create a symlink manually:</para>
+
+<screen><userinput>ln -s vipw /usr/sbin/vigr</userinput></screen>
+
+<para>As the <filename>/bin/vipw</filename> symlink is redundant (and even
+pointing to a non-existent file), remove it:</para>
+
+<screen><userinput>rm /bin/vipw</userinput></screen>
+
+<para>Now move the <userinput>sg</userinput> program to its proper place:</para>
+
+<screen><userinput>mv /bin/sg /usr/bin</userinput></screen>
+
+<para>And move Shadow's dynamic libraries to a more appropriate location:</para>
+
+<screen><userinput>mv /usr/lib/lib{shadow,misc}.so.0* /lib</userinput></screen>
+
+<para>As some packages expect to find the just-moved libraries in
+<filename>/usr/lib</filename>, create the following symlinks:</para>
+
+<screen><userinput>ln -sf ../../lib/libshadow.so.0 /usr/lib/libshadow.so
+ln -sf ../../lib/libmisc.so.0 /usr/lib/libmisc.so</userinput></screen>
+
+<para>Coreutils has already installed a <userinput>groups</userinput> program
+in <filename>/usr/bin</filename>. If you wish, you can remove the one
+installed by Shadow:</para>
+
+<screen><userinput>rm /bin/groups</userinput></screen>
+
+</sect2>
 
 </sect1>
+
-- 
cgit v1.2.3-54-g00ecf