Changeset 352dce0
- Timestamp:
- Jun 2, 2017, 10:01:57 PM (7 years ago)
- Branches:
- master, systemd
- Children:
- c96cc3f
- Parents:
- 72d19e2
- Location:
- BOOK
- Files:
-
- 5 edited
Legend:
- Unmodified
- Added
- Removed
-
BOOK/boot/common/shadow.xml
r72d19e2 r352dce0 23 23 <title>Installation of Shadow</title> 24 24 25 <para os="a">Run the following <command>sed</command> command to disable 26 the installation of the <command>groups</command> and 27 <command>nologin</command> programs, as better versions of these programs 28 are provided by other packages, and prevent Shadow from setting the suid 29 bit on its installed programs:</para> 25 <para os="a">Disable the installation of the <command>groups</command> 26 program and man pages, as better versions of these programs are provided by 27 Coreutils, Util-linux and Man-pages. Also, prevent Shadow from setting the 28 suid bit on its installed programs:</para> 30 29 31 30 <screen os="b"><userinput>cp -v src/Makefile.in{,.orig} 32 31 sed -e 's/groups$(EXEEXT) //' \ 33 -e 's/= nologin$(EXEEXT)/= /' \34 32 -e 's/\(^suidu*bins = \).*/\1\\/' \ 35 33 src/Makefile.in.orig > src/Makefile.in</userinput></screen> -
BOOK/final-system/common/shadow.xml
r72d19e2 r352dce0 40 40 </note> 41 41 42 <para os="b">Disable the installation of the <command>groups</command> and43 <command>nologin</command> programs and their man pages, as better versions44 of these programs are provided by Coreutils and Util-linux:</para>42 <para os="b">Disable the installation of the <command>groups</command> 43 program and man pages, as better versions of these programs are provided by 44 Coreutils, Util-linux and Man-pages:</para> 45 45 46 46 <screen os="c"><userinput>sed -i src/Makefile.in \ 47 -e 's/groups$(EXEEXT) //' -e 's/= nologin$(EXEEXT)/= /'47 -e 's/groups$(EXEEXT) //' 48 48 find man -name Makefile.in -exec sed -i \ 49 49 -e 's/man1\/groups\.1 //' \ 50 50 -e 's/man3\/getspnam\.3 //' \ 51 -e 's/man8\/nologin\.8 //' \52 51 -e 's/man5\/passwd\.5 //' '{}' \;</userinput></screen> 53 52 … … 174 173 <seg>chage, chfn, chgpasswd, chpasswd, chsh, expiry, faillog, gpasswd, 175 174 groupadd, groupdel, groupmems, groupmod, grpck, grpconv, grpunconv, 176 lastlog, login, logoutd, newgrp, newusers, passwd, pwck,175 lastlog, login, logoutd, newgrp, newusers, nologin, passwd, pwck, 177 176 pwconv, pwunconv, sg (link to newgrp), su, useradd, userdel, usermod, 178 177 vigr (link to vipw), vipw</seg> … … 399 398 </varlistentry> 400 399 400 <varlistentry id="nologin"> 401 <term><command>nologin</command></term> 402 <listitem> 403 <para>Displays a message that an account is not available. It is 404 designed to be used as the default shell for disabled accounts.</para> 405 <indexterm zone="ch-system-shadow nologin"> 406 <primary sortas="b-nologin">nologin</primary> 407 </indexterm> 408 </listitem> 409 </varlistentry> 410 401 411 <varlistentry id="passwd"> 402 412 <term><command>passwd</command></term> -
BOOK/final-system/common/util-linux.xml
r72d19e2 r352dce0 712 712 </varlistentry> 713 713 714 <varlistentry id="nologin">715 <term><command>nologin</command></term>716 <listitem>717 <para>Displays a message that an account is not available. Designed718 to be used as the default shell for accounts that have been719 disabled</para>720 <indexterm zone="ch-system-util-linux nologin">721 <primary sortas="b-nologin">nologin</primary>722 </indexterm>723 </listitem>724 </varlistentry>725 726 714 <varlistentry id="nsenter"> 727 715 <term><command>nsenter</command></term> -
BOOK/temp-system/common/util-linux.xml
r72d19e2 r352dce0 33 33 --disable-makeinstall-chown \ 34 34 --disable-makeinstall-setuid \ 35 --disable-nologin \ 35 36 --without-python</userinput></screen> 36 37 … … 51 52 <para>This prevents Util-linux from enabling the setuid bit on 52 53 any of its installed programs.</para> 54 </listitem> 55 </varlistentry> 56 57 <varlistentry> 58 <term><parameter>--disable-nologin</parameter></term> 59 <listitem> 60 <para>This prevents Util-linux from installing 61 <command>nologin</command>.</para> 53 62 </listitem> 54 63 </varlistentry> -
BOOK/temp-system/multilib/util-linux.xml
r72d19e2 r352dce0 34 34 --disable-makeinstall-chown \ 35 35 --disable-makeinstall-setuid \ 36 --disable-nologin \ 36 37 --without-python</userinput></screen> 37 38
Note:
See TracChangeset
for help on using the changeset viewer.