chapter08/libxcrypt.xml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148

<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
  "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
  <!ENTITY % general-entities SYSTEM "../general.ent">
  %general-entities;
]>

<sect1 id="ch-system-libxcrypt" role="wrap">
  <?dbhtml filename="libxcrypt.html"?>

  <sect1info condition="script">
    <productname>libxcrypt</productname>
    <productnumber>&libxcrypt-version;</productnumber>
    <address>&libxcrypt-url;</address>
  </sect1info>

  <title>Libxcrypt-&libxcrypt-version;</title>

  <indexterm zone="ch-system-libxcrypt">
    <primary sortas="a-Libxcrypt">Libxcrypt</primary>
  </indexterm>

  <sect2 role="package">
    <title/>

    <para>The Libxcrypt package contains a modern library for one-way
    hashing of passwords.</para>

    <segmentedlist>
      <segtitle>&buildtime;</segtitle>
      <segtitle>&diskspace;</segtitle>

      <seglistitem>
        <seg>&libxcrypt-fin-sbu;</seg>
        <seg>&libxcrypt-fin-du;</seg>
      </seglistitem>
    </segmentedlist>

  </sect2>

  <sect2 role="installation">
    <title>Installation of Libxcrypt</title>

    <para>Prepare Libxcrypt for compilation:</para>

<screen><userinput remap="configure">./configure --prefix=/usr                \
            --enable-hashes=strong,glibc \
            --enable-obsolete-api=no     \
            --disable-static             \
            --disable-failure-tokens</userinput></screen>

    <variablelist>
      <title>The meaning of the new configure options:</title>

      <varlistentry>
        <term><parameter>--enable-hashes=strong,glibc</parameter></term>
        <listitem>
          <para>Build strong hash algorithms recommended for security use
          cases, and the hash algorithms provided by traditional Glibc
          <systemitem class='library'>libcrypt</systemitem> for
          compatibility.</para>
        </listitem>
      </varlistentry>

      <varlistentry>
        <term><parameter>--enable-obsolete-api=no</parameter></term>
        <listitem>
          <para>Disable obsolete API functions.  They are not needed for
          a modern Linux system built from source.</para>
        </listitem>
      </varlistentry>

      <varlistentry>
        <term><parameter>--disable-failure-tokens</parameter></term>
        <listitem>
          <para>Disable failure token feature.  It's needed for
          compatibility with the traditional hash libraries of some
          platforms, but a Linux system based on Glibc does not need
          it.</para>
        </listitem>
      </varlistentry>
    </variablelist>

    <para>Compile the package:</para>

<screen><userinput remap="make">make</userinput></screen>

    <para>To test the results, issue:</para>

<screen><userinput remap="test">make check</userinput></screen>

    <para>Install the package:</para>

<screen><userinput remap="install">make install</userinput></screen>

    <note>

      <para>The instructions above disabled obsolete API functions since
      no package installed by compiling from sources would link against
      them at runtime. However, the only known binary-only applications
      that link against these functions require ABI version 1.  If you must
      have such functions because of some binary-only application or to be
      compliant with LSB, build the package again with the following
      commands:</para>

<screen role="nodump"><userinput>make distclean
./configure --prefix=/usr                \
            --enable-hashes=strong,glibc \
            --enable-obsolete-api=glibc  \
            --disable-static             \
            --disable-failure-tokens
make
cp -av .libs/libcrypt.so.1* /usr/lib</userinput></screen>
    </note>

  </sect2>

  <sect2 id="contents-libxcrypt" role="content">
    <title>Contents of Libxcrypt</title>

    <segmentedlist>
      <segtitle>Installed libraries</segtitle>

      <seglistitem>
        <seg>libcrypt.so</seg>
      </seglistitem>
    </segmentedlist>

    <variablelist>
      <bridgehead renderas="sect3">Short Descriptions</bridgehead>
      <?dbfo list-presentation="list"?>
      <?dbhtml list-presentation="table"?>

      <varlistentry id="libcrypt">
        <term><filename class="libraryfile">libcrypt</filename></term>
        <listitem>
          <para>Contains functions to hash passwords</para>
          <indexterm zone="ch-system-libxcrypt libcrypt">
            <primary sortas="c-libcrypt">libcrypt</primary>
          </indexterm>
        </listitem>
      </varlistentry>

    </variablelist>

  </sect2>

</sect1>