r4900 - in trunk/BOOK: . introduction/welcome postlfs/security

dj at linuxfromscratch.org dj at linuxfromscratch.org
Mon Aug 8 21:29:07 PDT 2005


Author: dj
Date: 2005-08-08 22:29:05 -0600 (Mon, 08 Aug 2005)
New Revision: 4900

Modified:
   trunk/BOOK/general.ent
   trunk/BOOK/introduction/welcome/changelog.xml
   trunk/BOOK/postlfs/security/shadow.xml
Log:
Added pam_env.conf default path

Modified: trunk/BOOK/general.ent
===================================================================
--- trunk/BOOK/general.ent	2005-08-09 02:47:42 UTC (rev 4899)
+++ trunk/BOOK/general.ent	2005-08-09 04:29:05 UTC (rev 4900)
@@ -1,4 +1,4 @@
-<!ENTITY day          "08">
+<!ENTITY day          "09">
 <!ENTITY month        "08">
 <!ENTITY year         "2005">
 <!ENTITY version      "svn-&year;&month;&day;">

Modified: trunk/BOOK/introduction/welcome/changelog.xml
===================================================================
--- trunk/BOOK/introduction/welcome/changelog.xml	2005-08-09 02:47:42 UTC (rev 4899)
+++ trunk/BOOK/introduction/welcome/changelog.xml	2005-08-09 04:29:05 UTC (rev 4900)
@@ -25,6 +25,11 @@
   <itemizedlist>
 
     <listitem>
+      <para>August 9th, 2005 [dj]: Added default PATH for pam_env and 
+      a note about the lack of ENV_SUPATH.</para>
+    </listitem>
+
+    <listitem>
       <para>August 8th, 2005 [randy]: Modified documentation installation in
       the Fontconfig instructions.</para>
     </listitem>

Modified: trunk/BOOK/postlfs/security/shadow.xml
===================================================================
--- trunk/BOOK/postlfs/security/shadow.xml	2005-08-09 02:47:42 UTC (rev 4899)
+++ trunk/BOOK/postlfs/security/shadow.xml	2005-08-09 04:29:05 UTC (rev 4900)
@@ -199,10 +199,10 @@
 
 auth        requisite      pam_securetty.so
 auth        requisite      pam_nologin.so
-auth        required       pam_env.so
 auth        required       pam_unix.so
 account     required       pam_access.so
 account     required       pam_unix.so
+session     required       pam_env.so
 session     required       pam_motd.so
 session     required       pam_limits.so
 session     optional       pam_mail.so      dir=/var/mail standard
@@ -281,6 +281,7 @@
 auth        required        pam_unix.so
 account     required        pam_unix.so
 session     optional        pam_mail.so     dir=/var/mail standard
+session     required        pam_env.so
 session     required        pam_unix.so
 
 # End /etc/pam.d/su</literal>
@@ -402,6 +403,30 @@
 
       </sect4>
 
+
+      <sect4 id="pam-env">
+        <title>Configuring Default Environment</title>
+
+          <para>In previous configuration, serveral items were removed from 
+          <filename>/etc/login.defs</filename>.  Some of these items are now
+          controlled by the <filename class='libraryfile'>pam_env.so</filename> 
+          module and the <filename>/etc/security/pam_env.conf</filename> 
+          configuration file.  In particular, the default path has been 
+          changed.  To recover your default path, execute the following 
+          commands:</para>
+
+<screen><userinput><command>ENV_PATH=`grep '^ENV_PATH' /etc/login.defs.orig | \
+    awk '{ print $2 }' | sed 's/PATH=//'` &&
+echo 'PATH        DEFAULT='`echo "${ENV_PATH}"`'        OVERRIDE=${PATH}' \
+    >> /etc/security/pam_env.conf &&
+unset ENV_PATH</command></userinput></screen>
+
+          <note><para>ENV_SUPATH is no longer supported.  You must create 
+          a valid <filename>/root/.bashrc</filename> file to provide a 
+          modified path for the super user.</para></note>
+
+      </sect4>
+
     </sect3>
 
   </sect2>




More information about the blfs-book mailing list