From 0ea2fbc9860c765b936ad52025e16e0a824df4b5 Mon Sep 17 00:00:00 2001 From: Willy Sudiarto Raharjo Date: Tue, 22 Nov 2016 21:22:28 +0700 Subject: [PATCH] pam: Add pam.d and rebuilt to get cracklib. Signed-off-by: Willy Sudiarto Raharjo --- pam/pam.SlackBuild | 7 +++++-- pam/pam.d/other | 8 ++++++++ pam/pam.d/system-account | 5 +++++ pam/pam.d/system-auth | 5 +++++ pam/pam.d/system-login | 7 +++++++ pam/pam.d/system-password | 13 +++++++++++++ pam/pam.d/system-session | 5 +++++ 7 files changed, 48 insertions(+), 2 deletions(-) create mode 100644 pam/pam.d/other create mode 100644 pam/pam.d/system-account create mode 100644 pam/pam.d/system-auth create mode 100644 pam/pam.d/system-login create mode 100644 pam/pam.d/system-password create mode 100644 pam/pam.d/system-session diff --git a/pam/pam.SlackBuild b/pam/pam.SlackBuild index 6f2fbcd..23622cd 100644 --- a/pam/pam.SlackBuild +++ b/pam/pam.SlackBuild @@ -1,5 +1,5 @@ #!/bin/sh - + # Copyright 2010 Vincent Batts, vbatts@hashbangbash.com # Copyright 2010, 2011 Patrick J. Volkerding, Sebeka, Minnesota, USA # All rights reserved. @@ -27,7 +27,7 @@ SRCNAM=Linux-PAM PRGNAM=pam VERSION=${VERSION:-1.3.0} -BUILD=${BUILD:-1} +BUILD=${BUILD:-2} TAG=${TAG:-_csb} if [ -z "$ARCH" ]; then @@ -108,6 +108,9 @@ mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION cp -a AUTHORS COPYING* Copyright NEWS README* $PKG/usr/doc/$PRGNAM-$VERSION rm -f $PKG/usr/doc/$PRGNAM-$VERSION/index.html +mkdir -p $PKG/etc +cp -rf $CWD/pam.d $PKG/etc/ + # fix some missing symlinks from old pam for compatibility cd $PKG/usr/lib${LIBDIRSUFFIX}/security ln -s pam_unix.so pam_unix_acct.so diff --git a/pam/pam.d/other b/pam/pam.d/other new file mode 100644 index 0000000..03e479e --- /dev/null +++ b/pam/pam.d/other @@ -0,0 +1,8 @@ +# Begin /etc/pam.d/other + +auth required pam_unix.so nullok +account required pam_unix.so +session required pam_unix.so +password required pam_unix.so nullok + +# End /etc/pam.d/other diff --git a/pam/pam.d/system-account b/pam/pam.d/system-account new file mode 100644 index 0000000..8a4945c --- /dev/null +++ b/pam/pam.d/system-account @@ -0,0 +1,5 @@ +# Begin /etc/pam.d/system-account + +account required pam_unix.so + +# End /etc/pam.d/system-account diff --git a/pam/pam.d/system-auth b/pam/pam.d/system-auth new file mode 100644 index 0000000..1694ac7 --- /dev/null +++ b/pam/pam.d/system-auth @@ -0,0 +1,5 @@ +# Begin /etc/pam.d/system-auth + +auth required pam_unix.so + +# End /etc/pam.d/system-auth diff --git a/pam/pam.d/system-login b/pam/pam.d/system-login new file mode 100644 index 0000000..ac3e64b --- /dev/null +++ b/pam/pam.d/system-login @@ -0,0 +1,7 @@ +#%PAM-1.0 + +auth required pam_unix.so +auth requisite pam_nologin.so +account required pam_unix.so +password required pam_unix.so +session required pam_unix.so diff --git a/pam/pam.d/system-password b/pam/pam.d/system-password new file mode 100644 index 0000000..7db4a6a --- /dev/null +++ b/pam/pam.d/system-password @@ -0,0 +1,13 @@ +# Begin /etc/pam.d/system-password + +# check new passwords for strength (man pam_cracklib) +#password required pam_cracklib.so type=Linux retry=3 difok=5 \ +# difignore=23 minlen=9 dcredit=1 \ +# ucredit=1 lcredit=1 ocredit=1 \ +# dictpath=/usr/share/cracklib/cracklib-large +# use sha512 hash for encryption, use shadow, and use the +# authentication token (chosen password) set by pam_cracklib +# above (or any previous modules) +password required pam_unix.so sha512 shadow use_authtok + +# End /etc/pam.d/system-password diff --git a/pam/pam.d/system-session b/pam/pam.d/system-session new file mode 100644 index 0000000..7e1d8c8 --- /dev/null +++ b/pam/pam.d/system-session @@ -0,0 +1,5 @@ +# Begin /etc/pam.d/system-session + +session required pam_unix.so + +# End /etc/pam.d/system-session