r5781 - in trunk/BOOK: . introduction/welcome postlfs/security

Dan Nicholson dbn.lists at gmail.com
Fri Mar 31 08:15:42 PST 2006


On 3/31/06, randy at linuxfromscratch.org <randy at linuxfromscratch.org> wrote:
>
> @@ -190,11 +274,17 @@
>                  CONSOLE_GROUPS ENVIRON_FILE \
>                  ULIMIT ENV_TZ ENV_HZ ENV_SUPATH \
>                  ENV_PATH QMAIL_DIR MAIL_DIR MAIL_FILE \
> -                CHFN_AUTH FAILLOG_ENAB QUOTAS_ENAB FTMP_FILE
> +                CHFN_AUTH FAILLOG_ENAB QUOTAS_ENAB FTMP_FILE \
> +                OBSCURE_CHECKS_ENAB CRACKLIB_DICTPATH \
> +                PASS_CHANGE_TRIES PASS_ALWAYS_WARN
>  do
>      sed -i "s/^$FUNCTION/# &/" /etc/login.defs
>  done</userinput></screen>
>
> +        <!-- Moved the commenting of these four parameters into the section
> +        above. If PAM is installed, it complains if these are not commented
> +        regardless if CrackLib is installed.
> +

I'd have to test again, but this was the problem I was seeing some
time ago.  It wasn't there when I build shadow-4.0.15/PAM/no-cracklib
the other day.

There's a workaround for this.  Take a look at

http://www.paldo.org/paldo/sources/shadow/shadow-4.0.15-getdef-1.patch.bz2

If PAM is being used, a bunch of the variables aren't defined.  I'm
not proposing this be added to the book, just that this might work.

--
Dan



More information about the blfs-book mailing list