From 2309b72d4497b5c39a2c3ea749bf7323bee647ff Mon Sep 17 00:00:00 2001 From: Alex Gronenwoud Date: Thu, 5 Feb 2004 22:17:06 +0000 Subject: Renaming the Shadow files to match the package name. git-svn-id: http://svn.linuxfromscratch.org/LFS/trunk/BOOK@3228 4aa44e1e-78dd-0310-a6d2-fbcd4c07a689 --- chapter06/chapter06.xml | 2 +- chapter06/config-shadowpwd.xml | 29 --------- chapter06/create-password.xml | 10 --- chapter06/shadow.xml | 137 +++++++++++++++++++++++++++++++++++++++++ chapter06/shadowpwd.xml | 102 ------------------------------ 5 files changed, 138 insertions(+), 142 deletions(-) delete mode 100644 chapter06/config-shadowpwd.xml delete mode 100644 chapter06/create-password.xml create mode 100644 chapter06/shadow.xml delete mode 100644 chapter06/shadowpwd.xml (limited to 'chapter06') diff --git a/chapter06/chapter06.xml b/chapter06/chapter06.xml index 53073c013..39dc0139a 100644 --- a/chapter06/chapter06.xml +++ b/chapter06/chapter06.xml @@ -437,7 +437,7 @@ Most likely something went wrong with the specs file amendment above. &c6-procinfo; &c6-procps; &c6-psmisc; -&c6-shadowpwd; +&c6-shadow; &c6-sysklogd; &c6-sysvinit; &c6-tar; diff --git a/chapter06/config-shadowpwd.xml b/chapter06/config-shadowpwd.xml deleted file mode 100644 index e3268b6f2..000000000 --- a/chapter06/config-shadowpwd.xml +++ /dev/null @@ -1,29 +0,0 @@ -   - -Configuring Shadow - -This package contains utilities to modify users' passwords, add -or delete users and groups, and the like. We're not going to explain what -'password shadowing' means. A full explanation can be found in the -doc/HOWTO -file within the unpacked Shadow source tree. There's one -thing to keep in mind if you decide to use Shadow support: programs that -need to verify passwords (for example xdm, ftp daemons, pop3 daemons) need -to be 'shadow-compliant', that is they need to be able to work with -shadowed passwords. - -To enable shadowed passwords, run the following command: - -/usr/sbin/pwconv - -And to enable shadowed group passwords, run the following -command: - -/usr/sbin/grpconv - -Under normal circumstances, you won't have created any passwords yet. -However, if returning to this section to enable shadowing, you should reset any -current user passwords with the passwd command or any -group passwords with the gpasswd command. - - diff --git a/chapter06/create-password.xml b/chapter06/create-password.xml deleted file mode 100644 index 19e592e48..000000000 --- a/chapter06/create-password.xml +++ /dev/null @@ -1,10 +0,0 @@ - -Setting the root password - -Choose a password for user root and set it by running the following -command: - -passwd root - - - diff --git a/chapter06/shadow.xml b/chapter06/shadow.xml new file mode 100644 index 000000000..69aaf0150 --- /dev/null +++ b/chapter06/shadow.xml @@ -0,0 +1,137 @@ + +Installing Shadow-&shadow-version; + + +The Shadow package contains programs for handling passwords in a secure +way. + +&buildtime; &shadow-time; +&diskspace; &shadow-compsize; + +&aa-shadow-down; +&aa-shadow-dep; + +   + + +Installation of Shadow + +Shadow hard-wires the path to the passwd binary +within the binary itself, but does this the wrong way. If a +passwd binary is not present before installing Shadow, +the package incorrectly assumes it is going to be located at +/bin/passwd, but then installs it in +/usr/bin/passwd. This will lead to errors about not finding +/bin/passwd. To work around this bug, create a dummy +passwd file, so that it gets hard-wired properly: + +touch /usr/bin/passwd + +Now prepare Shadow for compilation: + +./configure --libdir=/usr/lib --enable-shared + +Work around a problem that prevents Shadow's internationalization from +working: + +echo '#define HAVE_SETLOCALE 1' >> config.h + +Compile the package: + +make + +And install it: + +make install + +Shadow uses two files to configure authentication settings for the +system. Install these two config files: + +cp etc/{limits,login.access} /etc + +We want to change the password method to enable MD5 passwords which are +theoretically more secure than the default crypt method and also allow +password lengths greater than 8 characters. We also need to change the old +/var/spool/mail location for user +mailboxes to the current location at +/var/mail. We do this by changing the +relevant configuration file while copying it to its destination: + +sed -e 's%/var/spool/mail%/var/mail%' \ +    -e 's%#MD5_CRYPT_ENAB.no%MD5_CRYPT_ENAB yes%' \ +    etc/login.defs.linux > /etc/login.defs + +Be extra careful when typing all of the above. It is probably safer +to cut-and-paste it rather than try and type it all in. + +Move some misplaced symlinks to their proper locations: + +mv /bin/sg /usr/bin +mv /bin/vigr /usr/sbin + +And move Shadow's dynamic libraries to a more appropriate location: + +mv /usr/lib/lib{shadow,misc}.so.0* /lib + +As some packages expect to find the just-moved libraries in +/usr/lib, create the following symlinks: + +ln -sf ../../lib/libshadow.so.0 /usr/lib/libshadow.so +ln -sf ../../lib/libmisc.so.0 /usr/lib/libmisc.so + +The -D option of the useradd program requires this +directory for it to work properly: + +mkdir /etc/default + +Coreutils has already installed a better groups +program in /usr/bin. Remove the one installed by +Shadow: + +rm /bin/groups + + + +   + +Configuring Shadow + +This package contains utilities to modify users' passwords, add +or delete users and groups, and the like. We're not going to explain what +'password shadowing' means. A full explanation can be found in the +doc/HOWTO +file within the unpacked Shadow source tree. There's one +thing to keep in mind if you decide to use Shadow support: programs that +need to verify passwords (for example xdm, ftp daemons, pop3 daemons) need +to be 'shadow-compliant', that is they need to be able to work with +shadowed passwords. + +To enable shadowed passwords, run the following command: + +/usr/sbin/pwconv + +And to enable shadowed group passwords, run the following +command: + +/usr/sbin/grpconv + +Under normal circumstances, you won't have created any passwords yet. +However, if returning to this section to enable shadowing, you should reset any +current user passwords with the passwd command or any +group passwords with the gpasswd command. + + + +Setting the root password + +Choose a password for user root and set it via: + +passwd root + + + +&aa-shadow-shortdesc; +&aa-shadow-desc; + + + diff --git a/chapter06/shadowpwd.xml b/chapter06/shadowpwd.xml deleted file mode 100644 index 5c9c6b510..000000000 --- a/chapter06/shadowpwd.xml +++ /dev/null @@ -1,102 +0,0 @@ - -Installing Shadow-&shadow-version; - - -The Shadow package contains programs for handling passwords in a secure -way. - -&buildtime; &shadow-time; -&diskspace; &shadow-compsize; - -&aa-shadowpwd-down; -&aa-shadowpwd-dep; - -   - - -Installation of Shadow - -Shadow hard-wires the path to the passwd binary -within the binary itself, but does this the wrong way. If a -passwd binary is not present before installing Shadow, -the package incorrectly assumes it is going to be located at -/bin/passwd, but then installs it in -/usr/bin/passwd. This will lead to errors about not finding -/bin/passwd. To work around this bug, create a dummy -passwd file, so that it gets hard-wired properly: - -touch /usr/bin/passwd - -Now prepare Shadow for compilation: - -./configure --libdir=/usr/lib --enable-shared - -Work around a problem that prevents Shadow's internationalization from -working: - -echo '#define HAVE_SETLOCALE 1' >> config.h - -Compile the package: - -make - -And install it: - -make install - -Shadow uses two files to configure authentication settings for the -system. Install these two config files: - -cp etc/{limits,login.access} /etc - -We want to change the password method to enable MD5 passwords which are -theoretically more secure than the default "crypt" method and also allow -password lengths greater than 8 characters. We also need to change the old -/var/spool/mail location for user -mailboxes to the current location at -/var/mail. We do this by changing the -relevant configuration file while copying it to its destination: - -sed -e 's%/var/spool/mail%/var/mail%' \ -    -e 's%#MD5_CRYPT_ENAB.no%MD5_CRYPT_ENAB yes%' \ -    etc/login.defs.linux > /etc/login.defs - -Be extra careful when typing all of the above. It is probably safer -to cut-and-paste it rather than try and type it all in. - -Move some misplaced symlinks to their proper locations: - -mv /bin/sg /usr/bin -mv /bin/vigr /usr/sbin - -And move Shadow's dynamic libraries to a more appropriate location: - -mv /usr/lib/lib{shadow,misc}.so.0* /lib - -As some packages expect to find the just-moved libraries in -/usr/lib, create the following symlinks: - -ln -sf ../../lib/libshadow.so.0 /usr/lib/libshadow.so -ln -sf ../../lib/libmisc.so.0 /usr/lib/libmisc.so - -The -D option of the useradd program requires this -directory for it to work properly: - -mkdir /etc/default - -Coreutils has already installed a better groups -program in /usr/bin. Remove the one installed by -Shadow: - -rm /bin/groups - - - -&c6-cf-shadowpwd; -&c6-cf-password; - -&aa-shadowpwd-shortdesc; -&aa-shadowpwd-desc; - - - -- cgit v1.2.3-54-g00ecf