LDP
/
old-www
1
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity
old-www/HOWTO/Shadow-Password-HOWTO-4.html

150 lines
5.5 KiB
HTML
Raw Blame History

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<HTML>
<HEAD>
<META NAME="GENERATOR" CONTENT="SGML-Tools 1.0.9">
<TITLE>Linux Shadow Password HOWTO: Compiling the programs.</TITLE>
<LINK HREF="Shadow-Password-HOWTO-5.html" REL=next>
<LINK HREF="Shadow-Password-HOWTO-3.html" REL=previous>
<LINK HREF="Shadow-Password-HOWTO.html#toc4" REL=contents>
</HEAD>
<BODY>
<A HREF="Shadow-Password-HOWTO-5.html">Next</A>
<A HREF="Shadow-Password-HOWTO-3.html">Previous</A>
<A HREF="Shadow-Password-HOWTO.html#toc4">Contents</A>
<HR>
<H2><A NAME="s4">4. Compiling the programs.</A></H2>
<H2><A NAME="ss4.1">4.1 Unpacking the archive.</A>
</H2>
<P>The first step after retrieving the package is unpacking it. The package
is in the tar (tape archive) format and compressed using gzip, so first move
it to <CODE>/usr/src</CODE>, then type:
<BLOCKQUOTE><CODE>
<PRE>
tar -xzvf shadow-current.tar.gz
</PRE>
</CODE></BLOCKQUOTE>
<P>This will unpack it into the directory: <CODE>/usr/src/shadow-YYMMDD</CODE>
<P>
<H2><A NAME="ss4.2">4.2 Configuring with the config.h file</A>
</H2>
<P>The first thing that you need to do is to copy over the <CODE>Makefile</CODE>
and the <CODE>config.h</CODE> file:
<BLOCKQUOTE><CODE>
<PRE>
cd /usr/src/shadow-YYMMDD
cp Makefile.linux Makefile
cp config.h.linux config.h
</PRE>
</CODE></BLOCKQUOTE>
<P>You should then take a look at the <CODE>config.h</CODE> file. This file
contains definitions for some of the configuration options. If you are
using the <EM>recommended</EM> package, I recommend that you disable group
shadow support for your first time around.
<P>By default shadowed group passwords are enabled. To disable these edit the
<CODE>config.h</CODE> file, and change the <CODE>#define SHADOWGRP</CODE> to
<CODE>#undef SHADOWGRP</CODE>. I recommend that you disable them to start
with, and then if you really want group passwords and group administrators
that you enable it later and recompile. If you leave it enabled, you
<EM>must</EM> create the file <CODE>/etc/gshadow</CODE>.
<P>Enabling the long passwords option is NOT recommended as discussed above.
<P><EM>Do NOT</EM> change the setting: <CODE>#undef AUTOSHADOW</CODE>
<P>The <CODE>AUTOSHADOW</CODE> option was originally designed so that programs
that were shadow ignorant would still function. This sounds good in theory,
but does not work correctly. If you enable this option, and the program runs
as root, it may call <CODE>getpwnam()</CODE> as root, and later write the modified
entry back to the <CODE>/etc/passwd</CODE> file (with the <EM>no-longer-shadowed
password</EM>). Such programs include chfn and chsh. (You can't get around
this by swapping real and effective uid before calling <CODE>getpwnam()</CODE>
because root may use chfn and chsh too.)
<P>The same warning is also valid if you are building libc, it has a
<CODE>SHADOW_COMPAT</CODE> option which does the same thing. It <EM>should
NOT</EM> be used! If you start getting encoded passwords back in your
<CODE>/etc/passwd</CODE> file, this is the problem.
<P>If you are using a <CODE>libc</CODE> version prior to 4.6.27, you will need to
make a couple more changes to <CODE>config.h</CODE> and the <CODE>Makefile</CODE>.
To <CODE>config.h</CODE> edit and change:
<BLOCKQUOTE><CODE>
<PRE>
#define HAVE_BASENAME
</PRE>
</CODE></BLOCKQUOTE>
to:
<BLOCKQUOTE><CODE>
<PRE>
#undef HAVE_BASENAME
</PRE>
</CODE></BLOCKQUOTE>
And then in the <CODE>Makefile</CODE>, change:
<P>
<BLOCKQUOTE><CODE>
<PRE>
SOBJS = smain.o env.o entry.o susetup.o shell.o \
sub.o mail.o motd.o sulog.o age.o tz.o hushed.o
SSRCS = smain.c env.c entry.c setup.c shell.c \
pwent.c sub.c mail.c motd.c sulog.c shadow.c age.c pwpack.c rad64.c \
tz.c hushed.c
</PRE>
</CODE></BLOCKQUOTE>
<BLOCKQUOTE><CODE>
<PRE>
SOBJS = smain.o env.o entry.o susetup.o shell.o \
sub.o mail.o motd.o sulog.o age.o tz.o hushed.o basename.o
SSRCS = smain.c env.c entry.c setup.c shell.c \
pwent.c sub.c mail.c motd.c sulog.c shadow.c age.c pwpack.c rad64.c \
tz.c hushed.c basename.c
</PRE>
</CODE></BLOCKQUOTE>
These changes add the code contained in <CODE>basename.c</CODE> which is
contained in <CODE>libc 4.6.27</CODE> and later.
<P>
<H2><A NAME="ss4.3">4.3 Making backup copies of your original programs.</A>
</H2>
<P>It would also be a good idea to track down and make backup copies of the
programs that the shadow suite will replace. On a Slackware 3.0 system
these are:
<UL>
<LI>/bin/su</LI>
<LI>/bin/login</LI>
<LI>/usr/bin/passwd</LI>
<LI>/usr/bin/newgrp</LI>
<LI>/usr/bin/chfn</LI>
<LI>/usr/bin/chsh</LI>
<LI>/usr/bin/id</LI>
</UL>
<P>The BETA package has a <EM>save</EM> target in the Makefile, but it's
commented out because different distributions place the programs in
different places.
<P>You should also make a backup copy of your <CODE>/etc/passwd</CODE> file, but be
careful to name it something else if you place it in the same directory
so you don't overwrite the <CODE>passwd</CODE> command.
<P>
<H2><A NAME="ss4.4">4.4 Running make</A>
</H2>
<P><EM>You need to be logged as root to do most of the installation</EM>.
<P>Run make to compile the executables in the package:
<BLOCKQUOTE><CODE>
<PRE>
make all
</PRE>
</CODE></BLOCKQUOTE>
<P>You may see the warning: <CODE>rcsid defined but not used</CODE>. This is fine,
it just happens because the author is using a version control package.
<P>
<HR>
<A HREF="Shadow-Password-HOWTO-5.html">Next</A>
<A HREF="Shadow-Password-HOWTO-3.html">Previous</A>
<A HREF="Shadow-Password-HOWTO.html#toc4">Contents</A>
</BODY>
</HTML>
Reference in New Issue View Git Blame Copy Permalink