Shadow

From CBLFS
Revision as of 15:20, 30 November 2006 by Kalessin (talk | contribs) (I added the package description from BLFS.)
Jump to navigationJump to search

Introduction to Shadow

Shadow was indeed installed in CLFS and there is no reason to reinstall it unless you installed CrackLib or Linux-PAM after your CLFS system was completed. If you have installed CrackLib after CLFS, then reinstalling Shadow will enable strong password support. If you have installed Linux-PAM, reinstalling Shadow will allow programs such as login and su to utilize PAM.

Dependencies

Optional

Non-Multilib

Configure and compile the package: 

patch -Np1 -i ../shadow-4.0.18.1-useradd_fix-1.patch &&
./configure --libdir=/lib -sysconfdir=/etc --enable-shared \
  --without-audit --without-selinux --with-libcrack --with-libpam &&
sed -i 's/groups$(EXEEXT) //' src/Makefile && 
sed -i '/groups/d' man/Makefile &&
make

Install the package: 

make install &&
mv /usr/bin/passwd /bin &&
mv /lib/libshadow.{a,la} /usr/lib &&
rm /lib/libshadow.so &&
LIBNAME=`cat lib/libshadow.la | grep library_names | cut -f2 -d"'" | cut -f2 -d" "` &&
ln -sf ../../lib/$LIBNAME /usr/lib/libshadow.so &&
install -d /etc/default

Setup Configuration files:

This section makes sure login.defs is compatible with PAM 

cp etc/login.defs /etc/login.defs 
sed -i -e 's@#MD5_CRYPT_ENAB.no@MD5_CRYPT_ENAB yes@' \
       -e 's@/var/spool/mail@/var/mail@' \
       -e 's@DICTPATH.*@DICTPATH\t/lib/cracklib/pw_dict@' /etc/login.defs
FUNCTIONS="LASTLOG_ENAB MAIL_CHECK_ENAB PORTTIME_CHECKS_ENAB CONSOLE MOTD_FILE
           NOLOGINS_FILE PASS_MIN_LEN SU_WHEEL_ONLY MD5_CRYPT_ENAB CONSOLE_GROUPS
           ENVIRON_FILE ULIMIT ENV_TZ ENV_HZ ENV_SUPATH ENV_PATH QMAIL_DIR MAIL_DIR
           MAIL_FILE CHFN_AUTH FAILLOG_ENAB QUOTAS_ENAB FTMP_FILE OBSCURE_CHECKS_ENAB
           CRACKLIB_DICTPATH PASS_CHANGE_TRIES PASS_ALWAYS"
for function in $FUNCTIONS; do
     sed -i "s/^$function/# &/" /etc/login.defs
done

/etc/default/useradd

With the PAM configuration that is in CBLFS, this is the only information needed in /etc/default/useradd. 

cat > /etc/default/useradd << "EOF"
HOME=/home
INACTIVE=-1
SHELL=/bin/bash
CREATE_MAIL_SPOOL=no
EOF

Multilib

32Bit

Configure and compile the package: 

patch -Np1 -i ../shadow-4.0.18.1-useradd_fix-1.patch &&
CC="gcc ${BUILD32}" ./configure --libdir=/lib -sysconfdir=/etc --enable-shared \
  --without-audit --without-selinux --with-libcrack --with-libpam &&
sed -i 's/groups$(EXEEXT) //' src/Makefile && 
sed -i '/groups/d' man/Makefile &&
make

Install the package: 

make install &&
mv /usr/bin/passwd /bin &&
mv /lib/libshadow.{a,la} /usr/lib &&
rm /lib/libshadow.so &&
LIBNAME=`cat lib/libshadow.la | grep library_names | cut -f2 -d"'" | cut -f2 -d" "` &&
ln -sf ../../lib/$LIBNAME /usr/lib/libshadow.so

N32

Configure and compile the package: 

patch -Np1 -i ../shadow-4.0.18.1-useradd_fix-1.patch &&
CC="gcc ${BUILDN32}" ./configure --libdir=/lib32 -sysconfdir=/etc --enable-shared \
  --without-audit --without-selinux --with-libcrack --with-libpam &&
sed -i 's/groups$(EXEEXT) //' src/Makefile && 
sed -i '/groups/d' man/Makefile &&
make

Install the package: 

make install &&
mv /usr/bin/passwd /bin &&
mv /lib32/libshadow.{a,la} /usr/lib32 &&
rm /lib32/libshadow.so &&
LIBNAME=`cat lib/libshadow.la | grep library_names | cut -f2 -d"'" | cut -f2 -d" "` &&
ln -sf ../../lib32/$LIBNAME /usr/lib32/libshadow.so

64Bit

patch -Np1 -i ../shadow-4.0.18.1-useradd_fix-1.patch &&
CC="gcc ${BUILD64}" ./configure --libdir=/lib64 -sysconfdir=/etc --enable-shared \
  --without-audit --without-selinux --with-libcrack --with-libpam &&
sed -i 's/groups$(EXEEXT) //' src/Makefile && 
sed -i '/groups/d' man/Makefile &&
make

Install the package: 

make install &&
mv /usr/bin/passwd /bin &&
mv /lib64/libshadow.{a,la} /usr/lib64 &&
rm /lib64/libshadow.so &&
LIBNAME=`cat lib/libshadow.la | grep library_names | cut -f2 -d"'" | cut -f2 -d" "` &&
ln -sf ../../lib64/$LIBNAME /usr/lib64/libshadow.so
install -d /etc/default

Setup Configuration files: 

cp etc/login.defs /etc/login.defs 
sed -i -e 's@#MD5_CRYPT_ENAB.no@MD5_CRYPT_ENAB yes@' \
       -e 's@/var/spool/mail@/var/mail@' \
       -e 's@DICTPATH.*@DICTPATH\t/lib/cracklib/pw_dict@' /etc/login.defs
FUNCTIONS="LASTLOG_ENAB MAIL_CHECK_ENAB PORTTIME_CHECKS_ENAB CONSOLE MOTD_FILE
           NOLOGINS_FILE PASS_MIN_LEN SU_WHEEL_ONLY MD5_CRYPT_ENAB CONSOLE_GROUPS
           ENVIRON_FILE ULIMIT ENV_TZ ENV_HZ ENV_SUPATH ENV_PATH QMAIL_DIR MAIL_DIR
           MAIL_FILE CHFN_AUTH FAILLOG_ENAB QUOTAS_ENAB FTMP_FILE OBSCURE_CHECKS_ENAB
           CRACKLIB_DICTPATH PASS_CHANGE_TRIES PASS_ALWAYS"
for function in $FUNCTIONS; do
     sed -i "s/^$function/# &/" /etc/login.defs
done

/etc/default/useradd

With the PAM configuration that is in CBLFS, this is the only information needed in /etc/default/useradd. 

cat > /etc/default/useradd << "EOF"
HOME=/home
INACTIVE=-1
SHELL=/bin/bash
CREATE_MAIL_SPOOL=no
EOF

Contents

  • Installed programs: login, su, nologin, faillog, lastlog, chage, chfn, chsh, expiry, gpasswd, newgrp, passwd, chgpasswd, chpasswd, groupadd, groupdel, groupmems, groupmod, grpck, grpconv, grpunconv, logoutd, newusers, pwck, pwconv, pwunconv, useradd, userdel, usermod, vipw
  • Installed libraries: libshadow.{so, la, a}
  • Installed directories: /etc/pam.d
Download Source: ftp://ftp.pld.org.pl/software/shadow/shadow-4.0.18.1.tar.bz2
Download Patch: http://svn.cross-lfs.org/svn/repos/cross-lfs/trunk/patches/shadow-4.0.18.1-useradd_fix-1.patch
Retrieved from "https://cblfs.clfs.org/index.php?title=Shadow&oldid=4237"