150 lines
5.5 KiB
HTML
150 lines
5.5 KiB
HTML
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
|
|
<HTML>
|
|
<HEAD>
|
|
<META NAME="GENERATOR" CONTENT="SGML-Tools 1.0.9">
|
|
<TITLE>Linux Shadow Password HOWTO: Compiling the programs.</TITLE>
|
|
<LINK HREF="Shadow-Password-HOWTO-5.html" REL=next>
|
|
<LINK HREF="Shadow-Password-HOWTO-3.html" REL=previous>
|
|
<LINK HREF="Shadow-Password-HOWTO.html#toc4" REL=contents>
|
|
</HEAD>
|
|
<BODY>
|
|
<A HREF="Shadow-Password-HOWTO-5.html">Next</A>
|
|
<A HREF="Shadow-Password-HOWTO-3.html">Previous</A>
|
|
<A HREF="Shadow-Password-HOWTO.html#toc4">Contents</A>
|
|
<HR>
|
|
<H2><A NAME="s4">4. Compiling the programs.</A></H2>
|
|
|
|
<H2><A NAME="ss4.1">4.1 Unpacking the archive.</A>
|
|
</H2>
|
|
|
|
<P>The first step after retrieving the package is unpacking it. The package
|
|
is in the tar (tape archive) format and compressed using gzip, so first move
|
|
it to <CODE>/usr/src</CODE>, then type:
|
|
<BLOCKQUOTE><CODE>
|
|
<PRE>
|
|
tar -xzvf shadow-current.tar.gz
|
|
</PRE>
|
|
</CODE></BLOCKQUOTE>
|
|
<P>This will unpack it into the directory: <CODE>/usr/src/shadow-YYMMDD</CODE>
|
|
<P>
|
|
<H2><A NAME="ss4.2">4.2 Configuring with the config.h file</A>
|
|
</H2>
|
|
|
|
<P>The first thing that you need to do is to copy over the <CODE>Makefile</CODE>
|
|
and the <CODE>config.h</CODE> file:
|
|
<BLOCKQUOTE><CODE>
|
|
<PRE>
|
|
cd /usr/src/shadow-YYMMDD
|
|
cp Makefile.linux Makefile
|
|
cp config.h.linux config.h
|
|
</PRE>
|
|
</CODE></BLOCKQUOTE>
|
|
<P>You should then take a look at the <CODE>config.h</CODE> file. This file
|
|
contains definitions for some of the configuration options. If you are
|
|
using the <EM>recommended</EM> package, I recommend that you disable group
|
|
shadow support for your first time around.
|
|
<P>By default shadowed group passwords are enabled. To disable these edit the
|
|
<CODE>config.h</CODE> file, and change the <CODE>#define SHADOWGRP</CODE> to
|
|
<CODE>#undef SHADOWGRP</CODE>. I recommend that you disable them to start
|
|
with, and then if you really want group passwords and group administrators
|
|
that you enable it later and recompile. If you leave it enabled, you
|
|
<EM>must</EM> create the file <CODE>/etc/gshadow</CODE>.
|
|
<P>Enabling the long passwords option is NOT recommended as discussed above.
|
|
<P><EM>Do NOT</EM> change the setting: <CODE>#undef AUTOSHADOW</CODE>
|
|
<P>The <CODE>AUTOSHADOW</CODE> option was originally designed so that programs
|
|
that were shadow ignorant would still function. This sounds good in theory,
|
|
but does not work correctly. If you enable this option, and the program runs
|
|
as root, it may call <CODE>getpwnam()</CODE> as root, and later write the modified
|
|
entry back to the <CODE>/etc/passwd</CODE> file (with the <EM>no-longer-shadowed
|
|
password</EM>). Such programs include chfn and chsh. (You can't get around
|
|
this by swapping real and effective uid before calling <CODE>getpwnam()</CODE>
|
|
because root may use chfn and chsh too.)
|
|
<P>The same warning is also valid if you are building libc, it has a
|
|
<CODE>SHADOW_COMPAT</CODE> option which does the same thing. It <EM>should
|
|
NOT</EM> be used! If you start getting encoded passwords back in your
|
|
<CODE>/etc/passwd</CODE> file, this is the problem.
|
|
<P>If you are using a <CODE>libc</CODE> version prior to 4.6.27, you will need to
|
|
make a couple more changes to <CODE>config.h</CODE> and the <CODE>Makefile</CODE>.
|
|
To <CODE>config.h</CODE> edit and change:
|
|
<BLOCKQUOTE><CODE>
|
|
<PRE>
|
|
#define HAVE_BASENAME
|
|
</PRE>
|
|
</CODE></BLOCKQUOTE>
|
|
|
|
to:
|
|
<BLOCKQUOTE><CODE>
|
|
<PRE>
|
|
#undef HAVE_BASENAME
|
|
</PRE>
|
|
</CODE></BLOCKQUOTE>
|
|
|
|
And then in the <CODE>Makefile</CODE>, change:
|
|
<P>
|
|
<BLOCKQUOTE><CODE>
|
|
<PRE>
|
|
SOBJS = smain.o env.o entry.o susetup.o shell.o \
|
|
sub.o mail.o motd.o sulog.o age.o tz.o hushed.o
|
|
|
|
SSRCS = smain.c env.c entry.c setup.c shell.c \
|
|
pwent.c sub.c mail.c motd.c sulog.c shadow.c age.c pwpack.c rad64.c \
|
|
tz.c hushed.c
|
|
</PRE>
|
|
</CODE></BLOCKQUOTE>
|
|
|
|
<BLOCKQUOTE><CODE>
|
|
<PRE>
|
|
SOBJS = smain.o env.o entry.o susetup.o shell.o \
|
|
sub.o mail.o motd.o sulog.o age.o tz.o hushed.o basename.o
|
|
|
|
SSRCS = smain.c env.c entry.c setup.c shell.c \
|
|
pwent.c sub.c mail.c motd.c sulog.c shadow.c age.c pwpack.c rad64.c \
|
|
tz.c hushed.c basename.c
|
|
</PRE>
|
|
</CODE></BLOCKQUOTE>
|
|
|
|
These changes add the code contained in <CODE>basename.c</CODE> which is
|
|
contained in <CODE>libc 4.6.27</CODE> and later.
|
|
<P>
|
|
<H2><A NAME="ss4.3">4.3 Making backup copies of your original programs.</A>
|
|
</H2>
|
|
|
|
<P>It would also be a good idea to track down and make backup copies of the
|
|
programs that the shadow suite will replace. On a Slackware 3.0 system
|
|
these are:
|
|
<UL>
|
|
<LI>/bin/su</LI>
|
|
<LI>/bin/login</LI>
|
|
<LI>/usr/bin/passwd</LI>
|
|
<LI>/usr/bin/newgrp</LI>
|
|
<LI>/usr/bin/chfn</LI>
|
|
<LI>/usr/bin/chsh</LI>
|
|
<LI>/usr/bin/id</LI>
|
|
</UL>
|
|
<P>The BETA package has a <EM>save</EM> target in the Makefile, but it's
|
|
commented out because different distributions place the programs in
|
|
different places.
|
|
<P>You should also make a backup copy of your <CODE>/etc/passwd</CODE> file, but be
|
|
careful to name it something else if you place it in the same directory
|
|
so you don't overwrite the <CODE>passwd</CODE> command.
|
|
<P>
|
|
<H2><A NAME="ss4.4">4.4 Running make</A>
|
|
</H2>
|
|
|
|
<P><EM>You need to be logged as root to do most of the installation</EM>.
|
|
<P>Run make to compile the executables in the package:
|
|
<BLOCKQUOTE><CODE>
|
|
<PRE>
|
|
make all
|
|
</PRE>
|
|
</CODE></BLOCKQUOTE>
|
|
<P>You may see the warning: <CODE>rcsid defined but not used</CODE>. This is fine,
|
|
it just happens because the author is using a version control package.
|
|
<P>
|
|
<HR>
|
|
<A HREF="Shadow-Password-HOWTO-5.html">Next</A>
|
|
<A HREF="Shadow-Password-HOWTO-3.html">Previous</A>
|
|
<A HREF="Shadow-Password-HOWTO.html#toc4">Contents</A>
|
|
</BODY>
|
|
</HTML>
|