r5781 - in trunk/BOOK: . introduction/welcome postlfs/security
dbn.lists at gmail.com
Fri Mar 31 08:15:42 PST 2006
On 3/31/06, randy at linuxfromscratch.org <randy at linuxfromscratch.org> wrote:
> @@ -190,11 +274,17 @@
> CONSOLE_GROUPS ENVIRON_FILE \
> ULIMIT ENV_TZ ENV_HZ ENV_SUPATH \
> ENV_PATH QMAIL_DIR MAIL_DIR MAIL_FILE \
> - CHFN_AUTH FAILLOG_ENAB QUOTAS_ENAB FTMP_FILE
> + CHFN_AUTH FAILLOG_ENAB QUOTAS_ENAB FTMP_FILE \
> + OBSCURE_CHECKS_ENAB CRACKLIB_DICTPATH \
> + PASS_CHANGE_TRIES PASS_ALWAYS_WARN
> sed -i "s/^$FUNCTION/# &/" /etc/login.defs
> + <!-- Moved the commenting of these four parameters into the section
> + above. If PAM is installed, it complains if these are not commented
> + regardless if CrackLib is installed.
I'd have to test again, but this was the problem I was seeing some
time ago. It wasn't there when I build shadow-4.0.15/PAM/no-cracklib
the other day.
There's a workaround for this. Take a look at
If PAM is being used, a bunch of the variables aren't defined. I'm
not proposing this be added to the book, just that this might work.
More information about the blfs-book