cvs commit: BLFS/BOOK/postlfs/security/shadow shadow-exp.xml shadow-inst.xml

igor at linuxfromscratch.org igor at linuxfromscratch.org
Thu Apr 22 07:04:15 PDT 2004


igor        04/04/22 08:04:15

  Modified:    BOOK     index.xml
               BOOK/introduction/welcome changelog.xml credits.xml
               BOOK/postlfs postlfs.ent
               BOOK/postlfs/security security.xml shadow.xml
               BOOK/postlfs/security/pam linux_pam-inst.xml
                        linux_pam-intro.xml
               BOOK/postlfs/security/shadow shadow-exp.xml shadow-inst.xml
  Added:       BOOK/postlfs/security cracklib.xml
               BOOK/postlfs/security/cracklib cracklib-desc.xml
                        cracklib-exp.xml cracklib-inst.xml
                        cracklib-intro.xml cracklib.ent
  Log:
  added cracklib-2.7
  
  Revision  Changes    Path
  1.438     +3 -3      BLFS/BOOK/index.xml
  
  Index: index.xml
  ===================================================================
  RCS file: /home/cvsroot/BLFS/BOOK/index.xml,v
  retrieving revision 1.437
  retrieving revision 1.438
  diff -u -r1.437 -r1.438
  --- index.xml	21 Apr 2004 12:53:51 -0000	1.437
  +++ index.xml	22 Apr 2004 14:04:15 -0000	1.438
  @@ -2,9 +2,9 @@
   <!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN" 
   			"/usr/share/docbook/docbookx.dtd" [
   
  -<!ENTITY version "CVS-20040421">
  -<!ENTITY releasedate "April 21st, 2004">
  -<!ENTITY pubdate "2004-04-21">
  +<!ENTITY version "CVS-20040422">
  +<!ENTITY releasedate "April 22nd, 2004">
  +<!ENTITY pubdate "2004-04-22">
   <!ENTITY blfs-version "cvs">
   
   <!ENTITY % book SYSTEM "book/book.ent">
  
  
  
  1.1082    +3 -0      BLFS/BOOK/introduction/welcome/changelog.xml
  
  Index: changelog.xml
  ===================================================================
  RCS file: /home/cvsroot/BLFS/BOOK/introduction/welcome/changelog.xml,v
  retrieving revision 1.1081
  retrieving revision 1.1082
  diff -u -r1.1081 -r1.1082
  --- changelog.xml	21 Apr 2004 20:52:05 -0000	1.1081
  +++ changelog.xml	22 Apr 2004 14:04:15 -0000	1.1082
  @@ -11,6 +11,9 @@
   
   <itemizedlist>
   
  +<listitem><para>April 22nd, 2004 [igor]: Added cracklib-2.7,
  +contributed by DJ Lucas.</para></listitem>
  +
   <listitem><para>April 21st, 2004 [igor]: Updated to OpenSSH-3.8.1p1,
   libxml2-2.6.9 and libxslt-1.1.6 thanks to Thomas Beneke and
   Matthew Burgess.</para></listitem>
  
  
  
  1.171     +3 -4      BLFS/BOOK/introduction/welcome/credits.xml
  
  Index: credits.xml
  ===================================================================
  RCS file: /home/cvsroot/BLFS/BOOK/introduction/welcome/credits.xml,v
  retrieving revision 1.170
  retrieving revision 1.171
  diff -u -r1.170 -r1.171
  --- credits.xml	21 Mar 2004 19:27:22 -0000	1.170
  +++ credits.xml	22 Apr 2004 14:04:15 -0000	1.171
  @@ -166,8 +166,7 @@
   ImageMagick, hd2u,
   STLport, tcl, tk and bind-utils: <emphasis>Tushar Teredesai</emphasis></para></listitem>
   
  -<listitem><para>libpcap, ncpfs, netfs, ppp(update) and RP-PPPoE: <emphasis>DJ Lucas</emphasis></para>
  -</listitem>
  +<listitem><para>cracklib, libpcap, ncpfs, netfs, ppp(update) and RP-PPPoE: <emphasis>DJ Lucas</emphasis></para></listitem>
   
   <listitem><para>ntp: <emphasis>Eric Konopka</emphasis></para></listitem>
   
  @@ -246,8 +245,8 @@
   mozilla section by performing multiple builds and for providing a description
   of the various mozilla extensions.</para></listitem>
   
  -<listitem><para><emphasis>Nathan Coulson</emphasis> for writing the mass
  -majority of the new network bootscripts (pending).</para></listitem>
  +<listitem><para><emphasis>Nathan Coulson</emphasis> for writing the new
  +network bootscripts.</para></listitem>
   
   <listitem><para><emphasis>Alexander E. Patrakov</emphasis> for patches and
   suggestions to improve the book content and increasing the <acronym>l10n</acronym>
  
  
  
  1.22      +2 -0      BLFS/BOOK/postlfs/postlfs.ent
  
  Index: postlfs.ent
  ===================================================================
  RCS file: /home/cvsroot/BLFS/BOOK/postlfs/postlfs.ent,v
  retrieving revision 1.21
  retrieving revision 1.22
  diff -u -r1.21 -r1.22
  --- postlfs.ent	5 Apr 2004 12:10:15 -0000	1.21
  +++ postlfs.ent	22 Apr 2004 14:04:15 -0000	1.22
  @@ -24,6 +24,8 @@
   <!ENTITY postlfs-security-nessus SYSTEM "security/nessus.xml">
   <!ENTITY % tripwire SYSTEM "security/tripwire/tripwire.ent">
   %tripwire;
  +<!ENTITY % cracklib SYSTEM "security/cracklib/cracklib.ent">
  +%cracklib;
   <!ENTITY % Linux_PAM SYSTEM "security/pam/linux_pam.ent">
   %Linux_PAM;
   <!ENTITY % shadow SYSTEM "security/shadow/shadow.ent">
  
  
  
  1.13      +1 -0      BLFS/BOOK/postlfs/security/security.xml
  
  Index: security.xml
  ===================================================================
  RCS file: /home/cvsroot/BLFS/BOOK/postlfs/security/security.xml,v
  retrieving revision 1.12
  retrieving revision 1.13
  diff -u -r1.12 -r1.13
  --- security.xml	4 Oct 2003 14:23:38 -0000	1.12
  +++ security.xml	22 Apr 2004 14:04:15 -0000	1.13
  @@ -22,6 +22,7 @@
   of critical files (defined by the administrator) and then regenerates those 
   "signatures" and compares for files that have been changed.</para>
   
  +&cracklib;
   &Linux_PAM;
   &shadow;
   &iptables;
  
  
  
  1.15      +1 -1      BLFS/BOOK/postlfs/security/shadow.xml
  
  Index: shadow.xml
  ===================================================================
  RCS file: /home/cvsroot/BLFS/BOOK/postlfs/security/shadow.xml,v
  retrieving revision 1.14
  retrieving revision 1.15
  diff -u -r1.14 -r1.15
  --- shadow.xml	21 Feb 2004 22:55:28 -0000	1.14
  +++ shadow.xml	22 Apr 2004 14:04:15 -0000	1.15
  @@ -25,7 +25,7 @@
   -->
   &shadow-intro;
   &shadow-inst;
  -<!-- &shadow-exp; -->
  +&shadow-exp;
   &shadow-config;
   
   </sect1>
  
  
  
  1.1                  BLFS/BOOK/postlfs/security/cracklib.xml
  
  Index: cracklib.xml
  ===================================================================
  <sect1 id="cracklib" xreflabel="cracklib-&cracklib-version;">
  <?dbhtml filename="cracklib.html" dir="postlfs"?>
  <title>cracklib-&cracklib-version;</title>
  
  &cracklib-intro;
  &cracklib-inst;
  &cracklib-exp; 
  &cracklib-desc;
  
  </sect1>
  
  
  
  1.1                  BLFS/BOOK/postlfs/security/cracklib/cracklib-desc.xml
  
  Index: cracklib-desc.xml
  ===================================================================
  <sect2>
  <title>Contents</title>
  
  <para>The <application>cracklib</application> package 
  contains the <filename class="libraryfile">libcrack</filename> 
  library.</para>
  
  </sect2>
  
  <sect2><title>Description</title>
  
  <sect3><title>libcrack library</title>
  <para>The <filename class="libraryfile">libcrack</filename> library
  provides a fast dictionary lookup method for strong password
  enforcement.</para></sect3>
  
  </sect2>
  
  
  
  1.1                  BLFS/BOOK/postlfs/security/cracklib/cracklib-exp.xml
  
  Index: cracklib-exp.xml
  ===================================================================
  <sect2>
  <title>Command explanations</title>
  
  <para><command>make DICTPATH=/usr/lib/cracklib_dict SRCDICTS=/usr/share/dict/words install</command>:
  Builds the libcrack library and forces it to look at
  <filename class="directory">/usr/share/dict</filename> for word lists, and puts the
  cracklib dictionary in <filename>/usr/lib/cracklib_dict</filename>.</para>
  
  <para><command>install -m644 cracklib/libcrack.a /usr/lib</command>:
  Installs the library in <filename class="directory">/usr/lib</filename>.</para>
  
  <para><command>install -m644 cracklib/crack.h /usr/include</command>:
  Installs the header file in <filename class="directory">/usr/include</filename>.</para>
  
  <para><command>install -m754 util/{mkdict,packer,create_cracklib_dict} /usr/sbin</command>:
  Install the utils into <filename class="directory">/usr/sbin</filename>.</para>
  
  </sect2>
  
  
  
  1.1                  BLFS/BOOK/postlfs/security/cracklib/cracklib-inst.xml
  
  Index: cracklib-inst.xml
  ===================================================================
  <sect2>
  <title>Installation of <application>cracklib</application></title>
  
  <para>First, we need to install the chosen word list for cracklib:</para>
  
  <screen><userinput><command>mkdir -p /usr/share/dict/ &&
  chmod 0644 /usr/share/dict &&
  cp <replaceable>[wordlist]</replaceable> /usr/share/dict &&
  chmod 0644 /usr/share/dict/<replaceable>[wordlist]</replaceable> &&
  ln -sf <replaceable>[wordlist]</replaceable> /usr/share/dict/words</command></userinput></screen>
  
  <para>Our word list is linked to
  <filename>/usr/share/dict/words</filename> as historically,
  <filename>words</filename> is the only file in the
  <filename class="directory">/usr/share/dict</filename> directory.  You are welcome to shun
  history and adjust for your own needs.</para>
  
  <para>Now install cracklib using the following commands:</para>
  
  <screen><userinput><command>patch -Np1 -i ../cracklib-&cracklib-version;-header-1.patch &&
  patch -Np1 -i ../cracklib-&cracklib-version;-missing-1.patch &&
  make DICTPATH=/usr/lib/cracklib_dict SRCDICTS=/usr/share/dict/words install &&
  install -m644 cracklib/libcrack.a /usr/lib &&
  install -m644 cracklib/crack.h /usr/include &&
  install -m754 util/{mkdict,packer,create_cracklib_dict} /usr/sbin</command></userinput></screen>
  
  </sect2>
  
  
  
  1.1                  BLFS/BOOK/postlfs/security/cracklib/cracklib-intro.xml
  
  Index: cracklib-intro.xml
  ===================================================================
  <sect2>
  <title>Introduction to <application>cracklib</application></title>
  
  <para>The cracklib package contains a library used to enforce strong 
  passwords by comparing user selected passwords to words in a 
  chosen wordlist.</para>
  
  <sect3><title>Package information</title>
  <itemizedlist spacing='compact'>
  <listitem><para>Download (HTTP): <ulink
  url="&cracklib-download-http;"/></para></listitem>
  <listitem><para>Download (FTP): <ulink
  url="&cracklib-download-ftp;"/></para></listitem>
  <listitem><para>Download size: &cracklib-size;</para></listitem>
  <listitem><para>Estimated Disk space required (with cracklib wordlist):
  &cracklib-buildsize;</para></listitem>
  <listitem><para>Estimated build time:
  &cracklib-time;</para></listitem></itemizedlist>
  </sect3>
  
  <sect3><title>Additional downloads</title>
  
  <itemizedlist spacing='compact'>
  <listitem><para>Missing header patch:
  <ulink url="&patch-root;/cracklib-&cracklib-version;-header-1.patch"/></para></listitem>
  <listitem><para>Missing utility patch:
  <ulink url="&patch-root;/cracklib-&cracklib-version;-missing-1.patch"/></para></listitem>
  </itemizedlist>
  
  <para>You will also need to download a wordlist for use with cracklib.  
  There are two wordlists to choose from at the following location.
  Use the <filename>cracklib</filename> word list for good security,
  or opt for the <filename>allwords</filename> word list for
  lightweight machines short on <acronym>RAM</acronym>.  You can of course choose any other
  word list that you have at your disposal.</para>
  
  <para>cracklib: <ulink url="http://www.cotse.com/wordlists/cracklib"/></para>
  <para>allwords: <ulink url="http://www.cotse.com/wordlists/allwords"/></para>
  
  </sect3>
  
  </sect2>
  
  
  
  1.1                  BLFS/BOOK/postlfs/security/cracklib/cracklib.ent
  
  Index: cracklib.ent
  ===================================================================
  <!ENTITY cracklib SYSTEM "../cracklib.xml">
  <!ENTITY cracklib-intro SYSTEM "cracklib-intro.xml">
  <!ENTITY cracklib-inst SYSTEM "cracklib-inst.xml">
  <!ENTITY cracklib-exp SYSTEM "cracklib-exp.xml">
  <!ENTITY cracklib-desc SYSTEM "cracklib-desc.xml">
  <!ENTITY cracklib-version "2.7">
  <!ENTITY cracklib-download-http "http://www.crypticide.com/users/alecm/security/cracklib,&cracklib-version;.tar.gz">
  <!ENTITY cracklib-download-ftp "ftp://ftp.cerias.purdue.edu/pub/tools/unix/libs/cracklib/cracklib.&cracklib-version;.tar.gz">
  <!ENTITY cracklib-size "21 KB">
  <!ENTITY cracklib-buildsize "17 MB">
  <!ENTITY cracklib-time "0.10 SBU">
  
  
  
  
  1.12      +1 -3      BLFS/BOOK/postlfs/security/pam/linux_pam-inst.xml
  
  Index: linux_pam-inst.xml
  ===================================================================
  RCS file: /home/cvsroot/BLFS/BOOK/postlfs/security/pam/linux_pam-inst.xml,v
  retrieving revision 1.11
  retrieving revision 1.12
  diff -u -r1.11 -r1.12
  --- linux_pam-inst.xml	27 Sep 2003 02:37:13 -0000	1.11
  +++ linux_pam-inst.xml	22 Apr 2004 14:04:15 -0000	1.12
  @@ -7,7 +7,7 @@
   
   <screen><userinput><command>patch -Np1 -i ../Linux-PAM-0.77-linkage-1.patch &&
   ./configure --enable-static-libpam --with-mailspool=/var/mail \
  ---enable-read-both-confs --sysconfdir=/etc &&
  +    --enable-read-both-confs --sysconfdir=/etc &&
   make &&
   make install &&
   mv /lib/libpam.a /lib/libpam_misc.a /lib/libpamc.a /usr/lib &&
  @@ -15,6 +15,4 @@
   ln -sf ../../lib/libpam_misc.so.&Linux_PAM-version; /usr/lib/libpam_misc.so &&
   ln -sf ../../lib/libpamc.so.&Linux_PAM-version; /usr/lib/libpamc.so</command></userinput></screen>
   
  -
   </sect2>
  -
  
  
  
  1.6       +2 -6      BLFS/BOOK/postlfs/security/pam/linux_pam-intro.xml
  
  Index: linux_pam-intro.xml
  ===================================================================
  RCS file: /home/cvsroot/BLFS/BOOK/postlfs/security/pam/linux_pam-intro.xml,v
  retrieving revision 1.5
  retrieving revision 1.6
  diff -u -r1.5 -r1.6
  --- linux_pam-intro.xml	27 Sep 2003 02:37:13 -0000	1.5
  +++ linux_pam-intro.xml	22 Apr 2004 14:04:15 -0000	1.6
  @@ -25,13 +25,9 @@
   <ulink url="&patch-root;/Linux-PAM-0.77-linkage-1.patch"/></para></listitem></itemizedlist>
   </sect3>
   
  -
  -<sect3><title><application>Linux-<acronym>PAM</acronym></application> 
  -dependencies</title>
  +<sect3><title><application>Linux-<acronym>PAM</acronym></application> dependencies</title>
   <sect4><title>Optional</title>
  -<para><ulink 
  -url="http://www.crypticide.org/users/alecm/security/cracklib,2.7.tar.gz">
  -cracklib v2.7</ulink></para></sect4>
  +<para><xref linkend="cracklib"/></para></sect4>
   </sect3>
   
   </sect2>
  
  
  
  1.4       +7 -1      BLFS/BOOK/postlfs/security/shadow/shadow-exp.xml
  
  Index: shadow-exp.xml
  ===================================================================
  RCS file: /home/cvsroot/BLFS/BOOK/postlfs/security/shadow/shadow-exp.xml,v
  retrieving revision 1.3
  retrieving revision 1.4
  diff -u -r1.3 -r1.4
  --- shadow-exp.xml	30 Sep 2003 19:21:06 -0000	1.3
  +++ shadow-exp.xml	22 Apr 2004 14:04:15 -0000	1.4
  @@ -1,8 +1,14 @@
   <sect2>
   <title>Command explanations</title>
   
  +<para><parameter>--without-libcrack</parameter>: This switch tells shadow
  +not to use libcrack. This is desired as
  +<application>Linux-<acronym>PAM</acronym></application> already
  +contains libcrack.</para>
  +
  +<!--  Leftover from older instructions????
   <para><command>cp debian/securetty /etc/securetty</command>: This
   command sets the tty's that allow logins through <acronym>PAM</acronym>.</para>
  +-->
   
   </sect2>
  -
  
  
  
  1.16      +1 -2      BLFS/BOOK/postlfs/security/shadow/shadow-inst.xml
  
  Index: shadow-inst.xml
  ===================================================================
  RCS file: /home/cvsroot/BLFS/BOOK/postlfs/security/shadow/shadow-inst.xml,v
  retrieving revision 1.15
  retrieving revision 1.16
  diff -u -r1.15 -r1.16
  --- shadow-inst.xml	21 Feb 2004 22:55:28 -0000	1.15
  +++ shadow-inst.xml	22 Apr 2004 14:04:15 -0000	1.16
  @@ -5,7 +5,7 @@
   
   <screen><userinput><command>patch -Np1 -i ../shadow-&shadow-version;-pam-1.patch &&
   LIBS="-lpam -lpam_misc" ./configure --libdir=/usr/lib \
  ---enable-shared --with-libpam &&
  +    --enable-shared --with-libpam --without-libcrack &&
   echo '#define HAVE_SETLOCALE 1' >> config.h &&
   make &&
   make install &&
  @@ -17,4 +17,3 @@
   ln -sf ../../lib/libmisc.so.0 /usr/lib/libmisc.so</command></userinput></screen>
   
   </sect2>
  -
  
  
  



More information about the blfs-book mailing list