shadow: converted to use PAM
This commit is contained in:
parent
20e7f97894
commit
45c632287c
|
@ -5,6 +5,19 @@ drwxr-xr-x root/root etc/cron/
|
|||
drwxr-xr-x root/root etc/cron/daily/
|
||||
-rwxr-xr-x root/root etc/cron/daily/pwck
|
||||
-rw-r--r-- root/root etc/login.defs
|
||||
drwxr-xr-x root/root etc/pam.d/
|
||||
-rw-r--r-- root/root etc/pam.d/chfn
|
||||
-rw-r--r-- root/root etc/pam.d/chsh
|
||||
-rw-r--r-- root/root etc/pam.d/groupadd
|
||||
-rw-r--r-- root/root etc/pam.d/groupdel
|
||||
-rw-r--r-- root/root etc/pam.d/groupmems
|
||||
-rw-r--r-- root/root etc/pam.d/groupmod
|
||||
-rw-r--r-- root/root etc/pam.d/login
|
||||
-rw-r--r-- root/root etc/pam.d/passwd
|
||||
-rw-r--r-- root/root etc/pam.d/su
|
||||
-rw-r--r-- root/root etc/pam.d/useradd
|
||||
-rw-r--r-- root/root etc/pam.d/userdel
|
||||
-rw-r--r-- root/root etc/pam.d/usermod
|
||||
drwxr-xr-x root/root sbin/
|
||||
-rwxr-xr-x root/root sbin/nologin
|
||||
drwxr-xr-x root/root usr/
|
||||
|
@ -52,11 +65,8 @@ drwxr-xr-x root/root usr/share/man/man1/
|
|||
-rw-r--r-- root/root usr/share/man/man1/su.1.gz
|
||||
drwxr-xr-x root/root usr/share/man/man5/
|
||||
-rw-r--r-- root/root usr/share/man/man5/faillog.5.gz
|
||||
-rw-r--r-- root/root usr/share/man/man5/limits.5.gz
|
||||
-rw-r--r-- root/root usr/share/man/man5/login.access.5.gz
|
||||
-rw-r--r-- root/root usr/share/man/man5/login.defs.5.gz
|
||||
-rw-r--r-- root/root usr/share/man/man5/passwd.5.gz
|
||||
-rw-r--r-- root/root usr/share/man/man5/porttime.5.gz
|
||||
-rw-r--r-- root/root usr/share/man/man5/shadow.5.gz
|
||||
-rw-r--r-- root/root usr/share/man/man5/suauth.5.gz
|
||||
-rw-r--r-- root/root usr/share/man/man5/subgid.5.gz
|
||||
|
|
|
@ -1,7 +1,19 @@
|
|||
untrusted comment: verify with /etc/ports/core.pub
|
||||
RWRJc1FUaeVeqpdbafEtEvgpRhYNzcGr9mzcyuw3nNoO7EawXtg05K/XdcDqIzBEs3WOrB5Vfcv/TmOkj/Q6uTF5sw+1FzJ9ZQQ=
|
||||
SHA256 (Pkgfile) = 2a6884a5a14315e85f82c1cea46d43d5b9d61bd24f70fe64c9a4630d499ac2ed
|
||||
SHA256 (.footprint) = 196891826eef19be5e249380bc5c9560b10051556be4a3be5d33e099a56f23ae
|
||||
RWRJc1FUaeVeqidLKmJ8enSHLXy4oT1/02Up72IWtmJnhWtN5RCFagV0vdYA8Oy6RycuZE1SacxqRrY6+bbCmN7IwFiufmYxZAk=
|
||||
SHA256 (Pkgfile) = d9d7dfdd3b83728df47cdcdbb65f879487702a95f460290cf7835d9d9f846096
|
||||
SHA256 (.footprint) = 63fc924400dd4fcaf8a613912291d830ae89c2fa3cc17983f06f0d54597f3640
|
||||
SHA256 (shadow-4.6.tar.xz) = 0998c8d84242a231ab0acb7f8613927ff5bcff095f8aa6b79478893a03f05583
|
||||
SHA256 (pwck) = c62f1bf5785c2bb93bb269156bfa02b06728a01ff5d6c2e09cf6285701a1fda0
|
||||
SHA256 (login.defs) = a5c63da222b9dd921b60a21be8fc888726b557fd3fde9f60c8899376d0311b0b
|
||||
SHA256 (login.defs) = def991c4bc012834d726a4010783634a930558b91650bc4cba5fe822064c3535
|
||||
SHA256 (chfn) = b31ef7a14f747e114c970027a57acb5dcefffee439ce0b4a7d55cc2f6b632fcf
|
||||
SHA256 (chsh) = 20e39e9c738599272a10f46a11338d62d755df32a26db27ce0b5c04a71d66460
|
||||
SHA256 (login) = ae3f6b4ddfc86f30f864e3e9cb514964bb323a9e59840624672f412005c64285
|
||||
SHA256 (groupadd) = c7b90c655b974d396328ddf5d028ef682c2115b6646433f430d8d4a5f9f21bc5
|
||||
SHA256 (groupdel) = c84a5e8751ca237eddaf2ac3a3bb7ef63f6535a83df6a8c52511eed65a981314
|
||||
SHA256 (groupmems) = 1bb62dc2a199118900c6c690888342e1c80d38aae89e7f29138edbfd1d8b1194
|
||||
SHA256 (groupmod) = 9cf502d1fb1d89b5115592cf5d3151bf1fca6f69ea27592768789573a079c02f
|
||||
SHA256 (passwd) = e746db74b7d3ed8d4bfb796c8e27c666ea2df73504e0620fd5ac8766b055175d
|
||||
SHA256 (su) = fd033d23c243c3ec7c0491f109365419bfa34c305fe6554f526b4df797486454
|
||||
SHA256 (useradd) = 2988d648da4c4c6924360aa3c648937e11ea8f5e98c856d293d071adf63a0ec9
|
||||
SHA256 (userdel) = 478cc2d620831ca266f953c0a743c19c1f007d567fb61a1757b631a80b328d41
|
||||
SHA256 (usermod) = 800ba6178170142c7202c7fdbdc30323bdbcf9b592c4f0328375b8830cf81d51
|
||||
|
|
|
@ -1,13 +1,14 @@
|
|||
# Description: Shadow password file utilities
|
||||
# URL: https://github.com/shadow-maint/shadow
|
||||
# URL: https://github.com/shadow-maint/shadow/
|
||||
# Maintainer: CRUX System Team, core-ports at crux dot nu
|
||||
# Depends on: acl
|
||||
# Depends on: acl linux-pam
|
||||
|
||||
name=shadow
|
||||
version=4.6
|
||||
release=1
|
||||
source=(https://github.com/shadow-maint/shadow/releases/download/$version/shadow-$version.tar.xz
|
||||
pwck login.defs)
|
||||
release=2
|
||||
source=(https://github.com/shadow-maint/$name/releases/download/$version/$name-$version.tar.xz \
|
||||
pwck login.defs chfn chsh login groupadd groupdel \
|
||||
groupmems groupmod passwd su useradd userdel usermod)
|
||||
|
||||
build() {
|
||||
cd $name-$version
|
||||
|
@ -18,7 +19,6 @@ build() {
|
|||
--disable-shadowgrp \
|
||||
--disable-nls \
|
||||
--without-selinux \
|
||||
--without-libpam \
|
||||
--without-audit
|
||||
|
||||
make
|
||||
|
@ -38,5 +38,9 @@ build() {
|
|||
$PKG/usr/share/man/man8/{newusers.8,pwconv.8,pwunconv.8} \
|
||||
$PKG/usr/share/man/man5/gshadow.5 \
|
||||
$PKG/usr/share/man/man3 \
|
||||
$PKG/etc/{login.access,limits,default}
|
||||
$PKG/etc/{default,pam.d/*}
|
||||
|
||||
install -o root -g root -m 0644 \
|
||||
$SRC/{ch{fn,sh},login,group{add,del,mems,mod},passwd,su,user{add,del,mod}} \
|
||||
$PKG/etc/pam.d/
|
||||
}
|
||||
|
|
9
shadow/chfn
Normal file
9
shadow/chfn
Normal file
|
@ -0,0 +1,9 @@
|
|||
#
|
||||
# /etc/pam.d/chfn - chfn service module configuration
|
||||
#
|
||||
|
||||
auth sufficient pam_rootok.so
|
||||
|
||||
auth include common-auth
|
||||
|
||||
account include common-account
|
9
shadow/chsh
Normal file
9
shadow/chsh
Normal file
|
@ -0,0 +1,9 @@
|
|||
#
|
||||
# /etc/pam.d/chsh - chsh service module configuration
|
||||
#
|
||||
|
||||
auth sufficient pam_rootok.so
|
||||
|
||||
auth include common-auth
|
||||
|
||||
account include common-account
|
7
shadow/groupadd
Normal file
7
shadow/groupadd
Normal file
|
@ -0,0 +1,7 @@
|
|||
#
|
||||
# /etc/pam.d/groupadd - groupadd service module configuration
|
||||
#
|
||||
|
||||
auth sufficient pam_rootok.so
|
||||
|
||||
account include common-account
|
7
shadow/groupdel
Normal file
7
shadow/groupdel
Normal file
|
@ -0,0 +1,7 @@
|
|||
#
|
||||
# /etc/pam.d/groupdel - groupdel service module configuration
|
||||
#
|
||||
|
||||
auth sufficient pam_rootok.so
|
||||
|
||||
account include common-account
|
7
shadow/groupmems
Normal file
7
shadow/groupmems
Normal file
|
@ -0,0 +1,7 @@
|
|||
#
|
||||
# /etc/pam.d/groupmems - groupmems service module configuration
|
||||
#
|
||||
|
||||
auth sufficient pam_rootok.so
|
||||
|
||||
account include common-account
|
7
shadow/groupmod
Normal file
7
shadow/groupmod
Normal file
|
@ -0,0 +1,7 @@
|
|||
#
|
||||
# /etc/pam.d/groupmod - groupmod service module configuration
|
||||
#
|
||||
|
||||
auth sufficient pam_rootok.so
|
||||
|
||||
account include common-account
|
17
shadow/login
Normal file
17
shadow/login
Normal file
|
@ -0,0 +1,17 @@
|
|||
#
|
||||
# /etc/pam.d/login - login service module configuration
|
||||
#
|
||||
|
||||
auth include common-auth
|
||||
|
||||
auth required pam_securetty.so
|
||||
auth requisite pam_nologin.so
|
||||
|
||||
account include common-account
|
||||
|
||||
password include common-password
|
||||
|
||||
session include common-session
|
||||
|
||||
session optional pam_lastlog.so
|
||||
session optional pam_motd.so
|
|
@ -3,23 +3,14 @@
|
|||
#
|
||||
|
||||
FAIL_DELAY 0
|
||||
FAILLOG_ENAB yes
|
||||
LOG_UNKFAIL_ENAB no
|
||||
LOG_OK_LOGINS no
|
||||
LASTLOG_ENAB yes
|
||||
MAIL_CHECK_ENAB yes
|
||||
OBSCURE_CHECKS_ENAB yes
|
||||
QUOTAS_ENAB no
|
||||
SYSLOG_SU_ENAB yes
|
||||
SYSLOG_SG_ENAB yes
|
||||
CONSOLE /etc/securetty
|
||||
MOTD_FILE /etc/motd
|
||||
FTMP_FILE /var/log/btmp
|
||||
NOLOGINS_FILE /etc/nologin
|
||||
SU_NAME su
|
||||
MAIL_DIR /var/spool/mail
|
||||
HUSHLOGIN_FILE .hushlogin
|
||||
ENV_HZ HZ=100
|
||||
ENV_SUPATH PATH=/sbin:/bin:/usr/sbin:/usr/bin
|
||||
ENV_PATH PATH=/bin:/usr/bin
|
||||
TTYGROUP tty
|
||||
|
@ -29,9 +20,7 @@ KILLCHAR 025
|
|||
UMASK 022
|
||||
PASS_MAX_DAYS 99999
|
||||
PASS_MIN_DAYS 0
|
||||
PASS_MIN_LEN 5
|
||||
PASS_WARN_AGE 7
|
||||
SU_WHEEL_ONLY no
|
||||
UID_MIN 100
|
||||
UID_MAX 60000
|
||||
GID_MIN 100
|
||||
|
@ -42,12 +31,8 @@ SYS_GID_MIN 25
|
|||
SYS_GID_MAX 99
|
||||
LOGIN_RETRIES 5
|
||||
LOGIN_TIMEOUT 60
|
||||
PASS_CHANGE_TRIES 5
|
||||
PASS_ALWAYS_WARN yes
|
||||
CHFN_AUTH yes
|
||||
CHFN_RESTRICT rwh
|
||||
ENCRYPT_METHOD SHA512
|
||||
PASS_MAX_LEN 8
|
||||
DEFAULT_HOME yes
|
||||
USERGROUPS_ENAB no
|
||||
|
||||
|
|
5
shadow/passwd
Normal file
5
shadow/passwd
Normal file
|
@ -0,0 +1,5 @@
|
|||
#
|
||||
# /etc/pam.d/passwd - passwd service module configuration
|
||||
#
|
||||
|
||||
password include common-password
|
12
shadow/su
Normal file
12
shadow/su
Normal file
|
@ -0,0 +1,12 @@
|
|||
#
|
||||
# /etc/pam.d/su - su service module configuration
|
||||
#
|
||||
|
||||
auth sufficient pam_rootok.so
|
||||
#auth required pam_wheel.so use_uid
|
||||
|
||||
auth include common-auth
|
||||
|
||||
account include common-account
|
||||
|
||||
session include common-session
|
7
shadow/useradd
Normal file
7
shadow/useradd
Normal file
|
@ -0,0 +1,7 @@
|
|||
#
|
||||
# /etc/pam.d/useradd - useradd service module configuration
|
||||
#
|
||||
|
||||
auth sufficient pam_rootok.so
|
||||
|
||||
account include common-account
|
7
shadow/userdel
Normal file
7
shadow/userdel
Normal file
|
@ -0,0 +1,7 @@
|
|||
#
|
||||
# /etc/pam.d/userdel - userdel service module configuration
|
||||
#
|
||||
|
||||
auth sufficient pam_rootok.so
|
||||
|
||||
account include common-account
|
7
shadow/usermod
Normal file
7
shadow/usermod
Normal file
|
@ -0,0 +1,7 @@
|
|||
#
|
||||
# /etc/pam.d/usermod - usermod service module configuration
|
||||
#
|
||||
|
||||
auth sufficient pam_rootok.so
|
||||
|
||||
account include common-account
|
Loading…
Reference in New Issue
Block a user