Ignore:
Timestamp:
Feb 21, 2006, 2:13:50 AM (18 years ago)
Author:
Jim Gifford <clfs@…>
Branches:
clfs-1.2, clfs-2.1, clfs-3.0.0-systemd, clfs-3.0.0-sysvinit, master, systemd, sysvinit
Children:
521c55b
Parents:
ed25565
Message:

r1087@server (orig r1085): chris | 2006-01-19 09:19:02 -0800
Removed shadow configure patch

File:
1 edited

Legend:

Unmodified
Added
Removed
  • BOOK/final-system/common/shadow.xml

    red25565 r7447a2c  
    4343    </note>
    4444
    45     <para os="p1">Shadow has selinux, pam, and auditing defaulted to on. The
    46      following patch properly fixes this issue:</para>
    47 
    48 <screen os="p2"><userinput>patch -Np1 -i ../&shadow-configure_fix-patch;</userinput></screen>
    49 
    5045    <para os="b">Prepare Shadow for compilation:</para>
    5146
    52 <screen os="c"><userinput>./configure --libdir=/lib --enable-shared</userinput></screen>
    53 
    54     <para os="d">Disable the installation of the <command>groups</command>
     47<screen os="c"><userinput>./configure --libdir=/lib --enable-shared \
     48    --without-libpam --without-audit --without-selinux</userinput></screen>
     49
     50<para os="d">The meaning of the configure options:</para>
     51
     52  <variablelist os="e">
     53    <varlistentry>
     54      <term><parameter>--without-libpam</parameter></term>
     55      <listitem><para>Support for Linux-PAM is enabled by default in Shadow,
     56      however PAM is not installed on a base LFS system, so this switch
     57      disables PAM support in Shadow. For instructions to install PAM and
     58      link Shadow to it, you can look at
     59      <ulink url="&blfs-root;view/svn/postlfs/shadow.html"/>.</para></listitem>
     60    </varlistentry>
     61    <varlistentry>
     62      <term><parameter>--without-audit</parameter></term>
     63      <listitem><para>Support for auditing is enabled by default, but a
     64      a library that it needs is not installed in a base LFS system. This
     65      switch disables auditing support.</para></listitem>
     66    </varlistentry>
     67    <varlistentry>
     68      <term><parameter>--without-selinux</parameter></term>
     69      <listitem><para>Support for selinux is enabled by default, but selinux
     70      is not built in a base LFS system and configure will fail without this
     71      switch.</para></listitem>
     72    </varlistentry>
     73  </variablelist>
     74
     75    <para os="f">Disable the installation of the <command>groups</command>
    5576    program and its man page, as Coreutils provides a better version:</para>
    5677
    57 <screen os="e"><userinput>sed -i 's/groups$(EXEEXT) //' src/Makefile
     78<screen os="g"><userinput>sed -i 's/groups$(EXEEXT) //' src/Makefile
    5879sed -i '/groups/d' man/Makefile</userinput></screen>
    5980
    60     <para os="f">Compile the package:</para>
    61 
    62 <screen os="g"><userinput>make</userinput></screen>
    63 
    64     <para os="h">Install the package:</para>
    65 
    66 <screen os="i"><userinput>make install</userinput></screen>
    67 
    68     <para id="shadow-limits-login_access" os="j">Shadow uses two files to configure
     81    <para os="h">Compile the package:</para>
     82
     83<screen os="i"><userinput>make</userinput></screen>
     84
     85    <para os="j">Install the package:</para>
     86
     87<screen os="k"><userinput>make install</userinput></screen>
     88
     89    <para id="shadow-limits-login_access" os="l">Shadow uses two files to configure
    6990    authentication settings for the system. Install these two configuration
    7091    files:</para>
    7192
    72     <indexterm zone="shadow-limits-login_access" os="k">
     93    <indexterm zone="shadow-limits-login_access" os="m">
    7394      <primary sortas="e-/etc/limits">/etc/limits</primary>
    7495    </indexterm>
    7596
    76     <indexterm zone="shadow-limits-login_access" os="l">
     97    <indexterm zone="shadow-limits-login_access" os="n">
    7798      <primary sortas="e-/etc/login.access">/etc/login.access</primary>
    7899    </indexterm>
    79100
    80 <screen os="m"><userinput>cp etc/{limits,login.access} /etc</userinput></screen>
    81 
    82     <para id="shadow-login_defs" os="n">Instead of using the default
     101<screen os="o"><userinput>cp etc/{limits,login.access} /etc</userinput></screen>
     102
     103    <para id="shadow-login_defs" os="p">Instead of using the default
    83104    <emphasis>crypt</emphasis> method, use the more secure
    84105    <emphasis>MD5</emphasis> method of password encryption, which also allows
     
    90111    while copying it to its destination:</para>
    91112
    92     <indexterm zone="shadow-login_defs" os="o">
     113    <indexterm zone="shadow-login_defs" os="q">
    93114      <primary sortas="e-/etc/login.defs">/etc/login.defs</primary>
    94115    </indexterm>
    95116
    96     <note os="p">
     117    <note os="r">
    97118      <para>If you built Shadow with Cracklib support, insert the following into
    98119      the <command>sed</command> given below:</para>
     
    101122    </note>
    102123
    103 <screen os="q"><userinput>sed -e's@#MD5_CRYPT_ENAB.no@MD5_CRYPT_ENAB yes@' \
     124<screen os="s"><userinput>sed -e's@#MD5_CRYPT_ENAB.no@MD5_CRYPT_ENAB yes@' \
    104125    -e 's@/var/spool/mail@/var/mail@' \
    105126    etc/login.defs &gt; /etc/login.defs</userinput></screen>
    106127
    107     <para os="r">Move a misplaced program to its proper location:</para>
    108 
    109 <screen os="s"><userinput>mv /usr/bin/passwd /bin</userinput></screen>
    110 
    111     <para os="t">Move Shadow's dynamic libraries to a more appropriate
     128    <para os="t">Move a misplaced program to its proper location:</para>
     129
     130<screen os="u"><userinput>mv /usr/bin/passwd /bin</userinput></screen>
     131
     132    <para os="v">Move Shadow's dynamic libraries to a more appropriate
    112133    location:</para>
    113134
    114 <screen os="u"><userinput>mv /lib/libshadow.*a /usr/lib
     135<screen os="w"><userinput>mv /lib/libshadow.*a /usr/lib
    115136rm /lib/libshadow.so
    116137ln -sf ../../lib/libshadow.so.0 /usr/lib/libshadow.so</userinput></screen>
    117138
    118     <para os="v">The <option>-D</option> option of the <command>useradd</command>
     139    <para os="x">The <option>-D</option> option of the <command>useradd</command>
    119140    program requires the <filename class="directory">/etc/default</filename>
    120141    directory for it to work properly:</para>
    121142
    122 <screen os="w"><userinput>install -d /etc/default</userinput></screen>
     143<screen os="y"><userinput>install -d /etc/default</userinput></screen>
    123144
    124145  </sect2>
Note: See TracChangeset for help on using the changeset viewer.