diff options
Diffstat (limited to 'strata/core/shadow.morph')
-rw-r--r-- | strata/core/shadow.morph | 53 |
1 files changed, 0 insertions, 53 deletions
diff --git a/strata/core/shadow.morph b/strata/core/shadow.morph deleted file mode 100644 index 5e3244ae..00000000 --- a/strata/core/shadow.morph +++ /dev/null @@ -1,53 +0,0 @@ -name: shadow -kind: chunk -build-system: autotools -pre-configure-commands: -- autoreconf -vfi -configure-commands: -- | - ./configure --with-selinux=no \ - --sysconfdir=/etc \ - --with-libpam=yes \ - --prefix="$PREFIX" -post-install-commands: -# Disable things handled by pam instead -- | - for OPTION in FAIL_DELAY \ - FAILLOG_ENAB \ - LASTLOG_ENAB \ - MAIL_CHECK_ENAB \ - OBSCURE_CHECKS_ENAB \ - PORTTIME_CHECKS_ENAB \ - QUOTAS_ENAB \ - CONSOLE MOTD_FILE \ - FTMP_FILE \ - NOLOGINS_FILE \ - ENV_HZ \ - PASS_MIN_LEN \ - SU_WHEEL_ONLY \ - CRACKLIB_DICTPATH \ - PASS_CHANGE_TRIES \ - PASS_ALWAYS_WARN \ - CHFN_AUTH \ - ENVIRON_FILE - do - sed -i -e "s/^${OPTION}.*/# & #This option is handled by PAM instead./" \ - "$DESTDIR/etc/login.defs" - done -# ENCRYPT_METHOD is handled specially with PAM, it will use the default as -# provided in login.defs, but it may be overridden in the pam.d config. -# We do not currently override this though, and it's better to guard oursleves -# against accidentally reducing password security by forgetting to include the -# algorithm as an argument to the PAM module, so ENCRYPT_METHOD is configured -# here, rather than in PAM. -- | - if grep -q '[\s#]ENCRYPT_METHOD' "$DESTDIR/etc/login.defs"; then - sed -i -e '/^[\s#]*ENCRYPT_METHOD /s/.*/ENCRYPT_METHOD SHA512/g' "$DESTDIR/etc/login.defs" - else - echo 'ENCRYPT_METHOD SHA512' >>"$DESTDIR/etc/login.defs" - fi - -# The default pam.d config files have pam_selinux.so as a requirement, even -# when shadow is configured '--with-selinux=no'. We change this default config -# to make this requirement optional. -- sed -i -e 's/\(.*\)required\(.*pam_selinux.so.*\)/\1optional\2/' "$DESTDIR"/etc/pam.d/* |