su / shadow & /etc/suauth

Dan Nicholson dbn.lists at gmail.com
Thu Jan 4 10:11:07 PST 2007


On 1/4/07, Julien Lecomte <julien at famille-lecomte.net> wrote:
> Dan Nicholson wrote:
> >
> > I've never tried using suauth, but I just looked at the source, and it
> > is only enabled if you're using PAM.
>
> Thanks for pointing this out; I've then tried to configure shadow
> (4.0.15) with and without the 'libpam' configure switch.
> Please note that my system neither has libpam nor libcrack installed.
>
> The following configure works:
> ./configure --libdir=/lib --enable-shared --without-selinux \
>    --without-libcrack --without-libpam
>
> While the following does not:
> ./configure --libdir=/lib --enable-shared --without-selinux \
>    --without-libcrack
>
> By 'works', I mean that after configure, make && install, suauth is
> correctly read and used.
> The output of shadow's configure verifies that since it will output that
> it will enable PAM in the second case. Why enable PAM since it's not
> installed? This seems like a shadow configure bug.

The shadow configurey has been busted for a while now. I think even
the newest version still does the wrong thing. You need to handle it
on your own, unfortunately.

In this case, you actually need to have PAM installed despite the fact
that shadow might try to build the PAM-specific parts. This has become
a BLFS question, but you need to follow the links for the dependencies
you want on the shadow page (PAM in this case).

http://www.linuxfromscratch.org/blfs/view/svn/postlfs/shadow.html

--
Dan



More information about the lfs-support mailing list