shadow: modernize login.defs; remove logoutd (useless).
This commit is contained in:
Juan RP
parent
59f9628133
commit
938640af59
2 changed files with 71 additions and 28 deletions
|
|
@ -1,9 +1,11 @@
|
|||
# *REQUIRED*
|
||||
# Directory where mailboxes reside, _or_ name of file, relative to the
|
||||
# home directory. If you _do_ define both, MAIL_DIR takes precedence.
|
||||
# Configuration file for login(1). For more information see
|
||||
# login.defs(5).
|
||||
|
||||
# Directory where mailboxes reside, _or_ name of file, relative to the
|
||||
# home directory. If you do define both, MAIL_DIR takes precedence.
|
||||
#
|
||||
MAIL_DIR /var/mail
|
||||
#MAIL_FILE .mail
|
||||
MAIL_DIR /var/spool/mail
|
||||
#MAIL_FILE .mail
|
||||
|
||||
# Password aging controls:
|
||||
#
|
||||
|
|
@ -11,36 +13,74 @@ MAIL_DIR /var/mail
|
|||
# PASS_MIN_DAYS Minimum number of days allowed between password changes.
|
||||
# PASS_MIN_LEN Minimum acceptable password length.
|
||||
# PASS_WARN_AGE Number of days warning given before a password expires.
|
||||
PASS_MAX_DAYS 99999
|
||||
PASS_MIN_DAYS 0
|
||||
PASS_MAX_DAYS 99999
|
||||
PASS_MIN_DAYS 0
|
||||
PASS_WARN_AGE 7
|
||||
|
||||
# Min/max values for automatic uid selection in useradd
|
||||
UID_MIN 1000
|
||||
UID_MAX 60000
|
||||
UID_MIN 1000
|
||||
UID_MAX 60000
|
||||
# System accounts
|
||||
SYS_UID_MIN 100
|
||||
SYS_UID_MAX 999
|
||||
SYS_UID_MIN 100
|
||||
SYS_UID_MAX 999
|
||||
|
||||
# Min/max values for automatic gid selection in groupadd
|
||||
GID_MIN 1000
|
||||
GID_MAX 60000
|
||||
GID_MIN 1000
|
||||
GID_MAX 60000
|
||||
# System accounts
|
||||
SYS_GID_MIN 100
|
||||
SYS_GID_MAX 999
|
||||
SYS_GID_MIN 100
|
||||
SYS_GID_MAX 999
|
||||
|
||||
# If useradd should create home directories for users by default
|
||||
# On RH systems, we do. This option is overridden with the -m flag on
|
||||
# useradd command line.
|
||||
CREATE_HOME yes
|
||||
|
||||
# The permission mask is initialized to this value. If not specified,
|
||||
# the permission mask will be initialized to 022.
|
||||
UMASK 077
|
||||
|
||||
# This enables userdel to remove user groups if no members exist.
|
||||
USERGROUPS_ENAB yes
|
||||
|
||||
# Use SHA512 encryption for passwords by default.
|
||||
ENCRYPT_METHOD SHA512
|
||||
SHA_CRYPT_MIN_ROUNDS 66666
|
||||
# Disable MOTD_FILE (empty); use pam_motd(8) instead.
|
||||
MOTD_FILE
|
||||
|
||||
|
||||
# If defined, either full pathname of a file containing device names or
|
||||
# a ":" delimited list of device names. Root logins will be allowed only
|
||||
# upon these devices.
|
||||
#
|
||||
CONSOLE /etc/securetty
|
||||
|
||||
# Terminal permissions
|
||||
#
|
||||
# TTYGROUP Login tty will be assigned this group ownership.
|
||||
# TTYPERM Login tty will be set to this permission.
|
||||
#
|
||||
# If you have a "write" program which is "setgid" to a special group
|
||||
# which owns the terminals, define TTYGROUP to the group number and
|
||||
# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
|
||||
# TTYPERM to either 622 or 600.
|
||||
#
|
||||
TTYGROUP tty
|
||||
TTYPERM 0600
|
||||
|
||||
# Login configuration initializations:
|
||||
#
|
||||
# ERASECHAR Terminal ERASE character ('\010' = backspace).
|
||||
# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
|
||||
# UMASK Default "umask" value.
|
||||
#
|
||||
# The ERASECHAR and KILLCHAR are used only on System V machines.
|
||||
# The ULIMIT is used only if the system supports it.
|
||||
# (now it works with setrlimit too; ulimit is in 512-byte units)
|
||||
#
|
||||
# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
|
||||
#
|
||||
ERASECHAR 0177
|
||||
KILLCHAR 025
|
||||
UMASK 077
|
||||
|
||||
# Max number of login retries if password is bad
|
||||
#
|
||||
LOGIN_RETRIES 5
|
||||
|
||||
#
|
||||
# Max time in seconds for login
|
||||
#
|
||||
LOGIN_TIMEOUT 60
|
||||
|
|
|
|||
|
|
@ -1,11 +1,11 @@
|
|||
# Template file for 'shadow'
|
||||
pkgname=shadow
|
||||
version=4.1.5.1
|
||||
revision=9
|
||||
revision=10
|
||||
build_style=gnu-configure
|
||||
configure_args="--bindir=/usr/bin --sbindir=/usr/sbin
|
||||
--libdir=/usr/lib --enable-shared --disable-static
|
||||
--with-libpam --without-selinux --with-acl --with-attr"
|
||||
--libdir=/usr/lib --enable-shared --disable-static
|
||||
--with-libpam --without-selinux --with-acl --with-attr"
|
||||
makedepends="acl-devel pam-devel"
|
||||
short_desc="Shadow password file utilities"
|
||||
maintainer="Juan RP <xtraeme@gmail.com>"
|
||||
|
|
@ -29,8 +29,8 @@ conf_files="
|
|||
/etc/pam.d/chpasswd
|
||||
/etc/pam.d/chgpasswd
|
||||
/etc/pam.d/chage
|
||||
/etc/defaults/useradd
|
||||
/etc/pam.d/other
|
||||
/etc/defaults/useradd
|
||||
/etc/login.defs"
|
||||
|
||||
# Build PIE binaries by default.
|
||||
|
|
@ -86,5 +86,8 @@ post_install() {
|
|||
-name 'newgrp.1' ')' \
|
||||
-delete
|
||||
|
||||
# Remove logoutd, useless.
|
||||
rm -f ${DESTDIR}/usr/sbin/logoutd
|
||||
|
||||
vinstall $FILESDIR/LICENSE 644 usr/share/licenses/shadow
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue