From 47964291693dfba44143431da5eefd00717e005b Mon Sep 17 00:00:00 2001 From: Patrick J Volkerding Date: Sat, 7 Dec 2019 00:22:04 +0000 Subject: Sat Dec 7 00:22:04 UTC 2019 a/aaa_terminfo-6.1_20191130-x86_64-1.txz: Upgraded. a/shadow-4.8-x86_64-1.txz: Upgraded. d/mercurial-5.2.1-x86_64-1.txz: Upgraded. l/mozilla-nss-3.48-x86_64-1.txz: Upgraded. Upgraded to nss-3.48 and nspr-4.24. l/ncurses-6.1_20191130-x86_64-1.txz: Upgraded. x/libglvnd-1.3.0-x86_64-1.txz: Upgraded. xap/xlockmore-5.60-x86_64-1.txz: Upgraded. extra/bash-completion/bash-completion-2.10-noarch-1.txz: Upgraded. --- source/a/shadow/login.defs | 29 +++++++++++++++++++++++++++-- source/a/shadow/shadow.SlackBuild | 25 ++++++++++++++++--------- 2 files changed, 43 insertions(+), 11 deletions(-) (limited to 'source/a/shadow') diff --git a/source/a/shadow/login.defs b/source/a/shadow/login.defs index e52f91a5..0e137a35 100644 --- a/source/a/shadow/login.defs +++ b/source/a/shadow/login.defs @@ -29,6 +29,15 @@ LOG_OK_LOGINS no # LASTLOG_ENAB yes +# +# Limit the highest user ID number for which the lastlog entries should +# be updated. +# +# No LASTLOG_UID_MAX means that there is no user ID limit for writing +# lastlog entries. +# +#LASTLOG_UID_MAX + # # Enable checking and display of mailbox status upon login. # @@ -297,6 +306,7 @@ CHFN_RESTRICT frwh # If set to MD5 , MD5-based algorithm will be used for encrypting password # If set to SHA256, SHA256-based algorithm will be used for encrypting password # If set to SHA512, SHA512-based algorithm will be used for encrypting password +# If set to BCRYPT, BCRYPT-based algorithm will be used for encrypting password # If set to DES, DES-based algorithm will be used for encrypting password (default) # Overrides the MD5_CRYPT_ENAB option # @@ -315,8 +325,23 @@ ENCRYPT_METHOD SHA256 # If only one of the MIN or MAX values is set, then this value will be used. # If MIN > MAX, the highest value will be used. # -# SHA_CRYPT_MIN_ROUNDS 5000 -# SHA_CRYPT_MAX_ROUNDS 5000 +#SHA_CRYPT_MIN_ROUNDS 5000 +#SHA_CRYPT_MAX_ROUNDS 5000 + +# +# Only works if ENCRYPT_METHOD is set to BCRYPT. +# +# Define the number of BCRYPT rounds. +# With a lot of rounds, it is more difficult to brute-force the password. +# However, more CPU resources will be needed to authenticate users if +# this value is increased. +# +# If not specified, 13 rounds will be attempted. +# If only one of the MIN or MAX values is set, then this value will be used. +# If MIN > MAX, the highest value will be used. +# +#BCRYPT_MIN_ROUNDS 13 +#BCRYPT_MAX_ROUNDS 13 # # List of groups to add to the user's supplementary group set diff --git a/source/a/shadow/shadow.SlackBuild b/source/a/shadow/shadow.SlackBuild index b99ad869..fd184bb9 100755 --- a/source/a/shadow/shadow.SlackBuild +++ b/source/a/shadow/shadow.SlackBuild @@ -24,7 +24,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=shadow VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-2} +BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then @@ -96,6 +96,8 @@ fi CFLAGS="$SLKCFLAGS" \ ./configure \ --prefix=/usr \ + --sbindir=/usr/sbin \ + --bindir=/usr/bin \ --sysconfdir=/etc \ --mandir=/usr/man \ --docdir=/usr/doc/shadow-$VERSION \ @@ -114,6 +116,19 @@ make install DESTDIR=$PKG || exit 1 zcat $CWD/useradd.gz > $PKG/etc/default/useradd mv $PKG/etc/default/useradd $PKG/etc/default/useradd.new +# Put some stuff back in "old" locations and make symlinks for compat +mkdir -p $PKG/bin $PKG/sbin +( cd $PKG/usr/bin + mv groups ../../bin + mv login ../../bin + mv su ../../bin + mv faillog ../sbin + mv lastlog ../sbin + ln -s ../sbin/faillog + ln -s ../sbin/lastlog +) +mv $PKG/usr/sbin/nologin $PKG/sbin/nologin + # /bin/groups is provided by coreutils. rm -f $PKG/bin/groups find $PKG -name groups.1 -exec rm {} \+ @@ -144,14 +159,6 @@ cp -a src/sulogin $PKG/sbin mkdir -p $PKG/var/log touch $PKG/var/log/faillog.new -# Put some stuff back in "old" locations and make symlinks for compat -( cd $PKG/usr/bin - mv faillog ../sbin - mv lastlog ../sbin - ln -s ../sbin/faillog - ln -s ../sbin/lastlog -) - # Use 4711 rather than 4755 permissions where setuid root is required: find $PKG -type f -perm 4755 -exec chmod 4711 "{}" \+ -- cgit v1.2.3