Installation of Shadow from the Linux from Scratch by OnWorks

Skip to content

6.20.1. Installation of Shadow

Note

If you would like to enforce the use of strong passwords, refer to http://www.linuxfromscratch.org/blfs/view/ 9.0/postlfs/cracklib.html for installing CrackLib prior to building Shadow. Then add --with-libcrack to the configure command below.

Note

If you would like to enforce the use of strong passwords, refer to http://www.linuxfromscratch.org/blfs/view/ 9.0/postlfs/cracklib.html for installing CrackLib prior to building Shadow. Then add --with-libcrack to the configure command below.

{}

Disable the installation of the groups program and its man pages, as Coreutils provides a better version. Also Prevent the installation of manual pages that were already installed in Section 6.8, “Man-pages-5.02”:

sed -i 's/groups$(EXEEXT) //' src/Makefile.in

find man -name Makefile.in -exec sed -i find man -name Makefile.in -exec sed -i

find man -name Makefile.in -exec sed -i

's/groups\.1 / 's/getspnam\.3

's/passwd\.5 /

/'

\;

find man -name Makefile.in -exec sed -i find man -name Makefile.in -exec sed -i

find man -name Makefile.in -exec sed -i

/ /' {}

/'

/ /' {}

/'

{}

Instead of using the default crypt method, use the more secure SHA-512 method of password encryption, which also allows passwords longer than 8 characters. It is also necessary to change the obsolete /var/spool/mail location for user mailboxes that Shadow uses by default to the /var/mail location used currently:

sed -i -e 's@#ENCRYPT_METHOD DES@ENCRYPT_METHOD SHA512@' \

-e 's@/var/spool/mail@/var/mail@' etc/login.defs

sed -i -e 's@#ENCRYPT_METHOD DES@ENCRYPT_METHOD SHA512@' \

-e 's@/var/spool/mail@/var/mail@' etc/login.defs

Note

If you chose to build Shadow with Cracklib support, run the following:

Note

If you chose to build Shadow with Cracklib support, run the following: