Usenet 1993 July

home *** CD-ROM | disk | FTP | other *** search

/ Usenet 1993 July / InfoMagic USENET CD-ROM July 1993.ISO / sources / misc / volume26 / shadow / part03 < prev next >

Wrap

Text File | 1991-11-24 | 54.5 KB | 1,935 lines

Newsgroups: comp.sources.misc From: jfh@rpp386.Cactus.ORG (John F Haugh II) Subject: v26i056: shadow - Shadow Password Suite, Part03/11 Message-ID: <1991Nov24.184956.20077@sparky.imd.sterling.com> X-Md4-Signature: 4fbff7b105b98b82e9f080d469350c63 Date: Sun, 24 Nov 1991 18:49:56 GMT Approved: kent@sparky.imd.sterling.com Submitted-by: jfh@rpp386.Cactus.ORG (John F Haugh II) Posting-number: Volume 26, Issue 56 Archive-name: shadow/part03 Environment: UNIX Supersedes: shadow-2: Volume 06, Issue 22-24 #! /bin/sh # into a shell via "sh file" or similar. To overwrite existing files, # type "sh file -c". # The tool that generated this appeared in the comp.sources.unix newsgroup; # send mail to comp-sources-unix@uunet.uu.net if you want that tool. # Contents: Makefile chage.c login.5 passwd.1 # Wrapped by kent@sparky on Sun Nov 24 11:03:41 1991 PATH=/bin:/usr/bin:/usr/ucb ; export PATH echo If this archive is complete, you will see the following message: echo ' "shar: End of archive 3 (of 11)."' if test -f 'Makefile' -a "${1}" != "-c" ; then echo shar: Will not clobber existing file \"'Makefile'\" else echo shar: Extracting \"'Makefile'\" $16060 characters$ sed "s/^X//" >'Makefile' <<'END_OF_FILE' X# X# Copyright 1988,1989,1990,1991, John F. Haugh II X# All rights reserved. X# X# Permission is granted to copy and create derivative works for any X# non-commercial purpose, provided this copyright notice is preserved X# in all copies of source code, or included in human readable form X# and conspicuously displayed on all copies of object code or X# distribution media. X# X# @(#)Makefile 3.24 13:20:38 - Shadow password system X# X# @(#)Makefile 3.24 13:20:38 11/3/91 X# XSHELL = /bin/sh X X# X# Set this flag to decide what level of code "get" returns. X# The base USENET release was release 1. It is no longer supported. X# The version with the utilities added was release 2. X# The version with database-like file access is release 3. XRELEASE = 3 XGFLAGS = -t -r$(RELEASE) X X# Define the directory login is copied to. BE VERY CAREFUL!!! BSD and SUN X# seems to use /bin, USG seems to use /etc. If you define SCOLOGIN, you X# MUST use /etc as LOGINDIR. X# LOGINDIR = /bin XLOGINDIR = /etc X X# Define any special libraries required to access the directory routines. X# NDIR = -lndir XNDIR = -lx X X# Pick your favorite C compiler and tags command XCC = cc XTAGS = ctags X X# OS. Pick one of USG (AT&T, SYSV, SYS3), BSD, or SUN. XOS = -DUSG X# OS = -DBSD X# OS = -DSUN X X# Do you have to do ranlib? Sorry to hear that ... XRANLIB = ranlib X# RANLIB = echo X X# Enable the following if you are running SCO TCP/IP. It is a /bin/login X# which understands the *ahem* novel way they do rlogin/telnet. X# SCOLOGIN = scologin X X# Configuration Flags X# X# LIBS - system libraries X# -lsocket - needed for TCP/IP and possibly SYSLOG X# -ldbm or -lndbm - needed for DBM support X# -lcrypt - needed for SCO crypt() functions X# CFLAGS - C compiler flags X# -DLAI_TCP - needed for SCO Xenix Lachman TCP/IP X X# Flags for SCO Xenix/386 XCFLAGS = -O -M3 -g $(OS) XLIBS = -lcrypt -lndbm X# LIBS = -lcrypt -ldbm XLDFLAGS = -M3 -g XLTFLAGS = X# This should be Slibsec.a for small model, or Llibsec.a for X# large model or whatever. MUST AGREE WITH CFLAGS!!! XLIBSEC = Slibsec.a X X# Flags for normal machines X# CFLAGS = -O -g $(OS) X# LIBS = X# LDFLAGS = -g X# LIBSEC = libsec.a X X# Names for root user and group, and bin user and group. See your X# /etc/passwd and /etc/group files. XRUID = root XRGID = root X# RGID = wheel XBUID = bin XBGID = bin X X# Rules for .L (lint) files. X.SUFFIXES: .L XLINT = lint XLINTFLAGS = $(OS) -Dlint X X.c.L: X $(LINT) -pxu $(LINTFLAGS) $*.c > $*.L X XLOBJS = lmain.o login.o env.o valid.o setup.o shell.o age.o \ X utmp.o sub.o mail.o motd.o log.o ttytype.o failure.o \ X tz.o console.o hushed.o X XLSRCS = lmain.c login.c env.c valid.c setup.c shell.c age.c \ X utmp.c sub.c mail.c motd.c log.c ttytype.c failure.c \ X tz.c console.c hushed.c X XSOBJS = smain.o env.o entry.o susetup.o shell.o \ X sub.o mail.o motd.o sulog.o age.o tz.o hushed.o X XSSRCS = smain.c env.c entry.c setup.c shell.c \ X pwent.c sub.c mail.c motd.c sulog.c shadow.c age.c pwpack.c rad64.c \ X tz.c hushed.c X XPOBJS = passwd.o obscure.o XPSRCS = passwd.c obscure.c X XGPSRCS = gpmain.c X XGPOBJS = gpmain.o X XPWOBJS = pwconv.o X XPWSRCS = pwconv.c pwent.c shadow.c pwpack.c rad64.c X XPWUNOBJS = pwunconv.o X XPWUNSRCS = pwunconv.c pwent.c shadow.c pwpack.c rad64.c X XSULOGOBJS = sulogin.o entry.o env.o age.o setup.o \ X valid.o shell.o tz.o X XSULOGSRCS = sulogin.c entry.c env.c age.c pwent.c setup.c \ X shadow.c shell.c valid.c pwpack.c tz.c X XMKPWDOBJS = mkpasswd.o X XMKPWDSRCS = mkpasswd.c X XNGSRCS = newgrp.c env.c shell.c X XNGOBJS = newgrp.o env.o shell.o X XCHFNSRCS = chfn.c fields.c XCHFNOBJS = chfn.o fields.o XCHSHSRCS = chsh.c fields.c XCHSHOBJS = chsh.o fields.o XCHAGEOBJS = chage.o fields.o XCHAGESRCS = chage.c fields.c XCHPASSOBJS = chpasswd.o XCHPASSSRCS = chpasswd.c XDPSRCS = dpmain.c XDPOBJS = dpmain.o X XALLSRCS = age.c dialchk.c dialup.c entry.c env.c lmain.c log.c login.c mail.c \ X motd.c obscure.c passwd.c pwconv.c pwent.c pwunconv.c getpass.c \ X setup.c shadow.c shell.c smain.c sub.c sulog.c sulogin.c ttytype.c \ X utmp.c valid.c port.c newgrp.c gpmain.c grent.c mkpasswd.c pwpack.c \ X chfn.c chsh.c chage.c rad64.c encrypt.c chpasswd.c shadowio.c pwio.c \ X newusers.c groupio.c fields.c pwdbm.c grpack.c grdbm.c sppack.c \ X spdbm.c dpmain.c gshadow.c gsdbm.c gspack.c sgroupio.c useradd.c \ X userdel.c patchlevel.h usermod.c copydir.c mkrmdir.c groupadd.c \ X groupdel.c groupmod.c tz.c console.c hushed.c getdef.c scologin.c \ X logoutd.c groups.c X XFILES1 = README patchlevel.h newgrp.c Makefile config.h pwunconv.c obscure.c \ X age.c id.c X XFILES2 = passwd.c port.c lmain.c sulogin.c pwpack.c dialup.c X XFILES3 = chfn.c chsh.c smain.c faillog.c pwconv.c shadow.c X XFILES4 = gpmain.c chage.c pwent.c valid.c setup.c entry.c ttytype.c port.h X XFILES5 = pwio.c encrypt.c chpasswd.c newusers.c rad64.c dialchk.c faillog.h \ X pwdbm.c grdbm.c gshadow.c sppack.c X XFILES6 = gspack.c spdbm.c lastlog.h shell.c login.c sub.c dpmain.c mail.c \ X env.c pwd.h.m4 grpack.c shadow.h log.c grent.c motd.c dialup.h \ X fields.c gsdbm.c utmp.c failure.c X XFILES7 = groupio.c shadowio.c sgroupio.c groups.c copydir.c mkrmdir.c \ X mkpasswd.c X XFILES8 = useradd.c usermod.c X XFILES9 = groupadd.c groupdel.c groupmod.c tz.c console.c hushed.c getdef.c \ X scologin.c logoutd.c sulog.c getpass.c userdel.c X XMAN_1 = chage.1 chfn.1 chsh.1 id.1 login.1 newgrp.1 passwd.1 su.1 \ X useradd.1 userdel.1 usermod.1 groupadd.1 groupdel.1 groupmod.1 \ X groups.1 XMAN_3 = shadow.3 XMAN_4 = faillog.4 passwd.4 porttime.4 shadow.4 XMAN_5 = login.5 XMAN_8 = chpasswd.8 dpasswd.8 faillog.8 newusers.8 pwconv.8 pwunconv.8 \ X sulogin.8 mkpasswd.8 logoutd.8 X XDOCS1 = $(MAN_1) $(MAN_3) $(MAN_4) XDOCS2 = $(MAN_5) $(MAN_8) XDOCS = $(DOCS1) $(DOCS2) X XBINS = su login pwconv pwunconv passwd sulogin faillog newgrp gpasswd \ X mkpasswd chfn chsh chage chpasswd newusers dpasswd id useradd \ X userdel usermod groupadd groupdel groupmod $(SCOLOGIN) logoutd \ X groups X Xall: $(BINS) $(DOCS) X X.PRECIOUS: libshadow.a X Xlibshadow.a: \ X libshadow.a(dialchk.o) \ X libshadow.a(dialup.o) \ X libshadow.a(encrypt.o) \ X libshadow.a(getdef.o) \ X libshadow.a(getpass.o) \ X libshadow.a(grdbm.o) \ X libshadow.a(grent.o) \ X libshadow.a(groupio.o) \ X libshadow.a(grpack.o) \ X libshadow.a(gshadow.o) \ X libshadow.a(gsdbm.o) \ X libshadow.a(gspack.o) \ X libshadow.a(sgroupio.o) \ X libshadow.a(port.o) \ X libshadow.a(pwdbm.o) \ X libshadow.a(pwent.o) \ X libshadow.a(pwio.o) \ X libshadow.a(pwpack.o) \ X libshadow.a(rad64.o) \ X libshadow.a(spdbm.o) \ X libshadow.a(shadow.o) \ X libshadow.a(shadowio.o) \ X libshadow.a(sppack.o) X $(RANLIB) libshadow.a X Xlibsec: $(LIBSEC)(shadow.o) X $(RANLIB) $(LIBSEC) X Xinstall: all X strip $(BINS) X cp login $(LOGINDIR)/login X cp mkpasswd pwconv pwunconv sulogin chpasswd newusers \ X useradd userdel usermod groupadd groupdel groupmod logoutd /etc X cp su passwd gpasswd dpasswd faillog newgrp chfn chsh chage id /bin X cp dialup.h shadow.h pwd.h /usr/include X chown $(RUID) $(LOGINDIR)/login /etc/pwconv /etc/pwunconv /etc/sulogin \ X /bin/su /bin/passwd /bin/gpasswd /bin/newgrp /etc/mkpasswd \ X /bin/dpasswd /bin/chsh /bin/chfn /bin/chage /etc/useradd \ X /etc/userdel /etc/usermod /etc/groupadd /etc/groupdel \ X /etc/groupmod /etc/logoutd X chgrp $(RGID) $(LOGINDIR)/login /etc/pwconv /etc/pwunconv /etc/sulogin \ X /bin/su /bin/passwd /bin/gpasswd /bin/newgrp /etc/mkpasswd \ X /bin/dpasswd /bin/chsh /bin/chfn /bin/chage /etc/useradd \ X /etc/userdel /etc/usermod /etc/groupadd /etc/groupdel \ X /etc/groupmod /etc/logoutd X chown $(BUID) /bin/faillog /bin/id /usr/include/shadow.h \ X /usr/include/dialup.h /usr/include/pwd.h X chgrp $(BGID) /bin/faillog /bin/id /usr/include/shadow.h \ X /usr/include/dialup.h /usr/include/pwd.h X chmod 700 /etc/pwconv /etc/pwunconv /etc/sulogin /etc/mkpasswd \ X /etc/chpasswd /etc/newusers /bin/dpasswd /bin/chage \ X /etc/useradd /etc/userdel /etc/usermod /etc/groupadd \ X /etc/groupdel /etc/groupmod /etc/logoutd X chmod 4711 $(LOGINDIR)/login /bin/su /bin/passwd /bin/gpasswd \ X /bin/newgrp /bin/chfn /bin/chsh X chmod 711 /bin/faillog /bin/id X chmod 444 /usr/include/shadow.h /usr/include/dialup.h \ X /usr/include/pwd.h X [ -f /etc/login.defs ] || (cp login.defs /etc ; \ X chown $(RUID) /etc/login.defs ; \ X chgrp $(RGID) /etc/login.defs ; \ X chmod 600 /etc/login.defs ) X [ -z "$(SCOLOGIN)" ] || (cp scologin /bin/login ; \ X chown $(RUID) /bin/login ; \ X chgrp $(RGID) /bin/login ; \ X chmod 755 /bin/login ) X Xlint: su.lint login.lint pwconv.lint pwunconv.lint passwd.lint sulogin.lint \ X faillog.lint newgrp.lint gpasswd.lint mkpasswd.lint chfn.lint \ X chsh.lint chage.lint dpasswd.lint id.lint useradd.lint userdel.lint \ X usermod.lint groupadd.lint groupdel.lint groupmod.lint $(ALLSRCS:.c=.L) X logoutd.lint X Xtags: $(ALLSRCS) X $(TAGS) $(ALLSRCS) X XREADME: X [ -f s.README ] && get -t -r$(RELEASE) s.README X X$(DOCS): X [ -f s.$@ ] && get -t -r$(RELEASE) s.$@ X Xlogin: $(LOBJS) libshadow.a X $(CC) -o login $(LDFLAGS) $(LOBJS) libshadow.a $(LIBS) X Xlogin.lint: $(LSRCS) X $(LINT) $(LINTFLAGS) $(LSRCS) > login.lint X Xsu: $(SOBJS) libshadow.a X $(CC) -o su $(LDFLAGS) $(SOBJS) libshadow.a $(LIBS) X Xsu.lint: $(SSRCS) X $(LINT) $(LINTFLAGS) -DSU $(SSRCS) > su.lint X Xpasswd: $(POBJS) libshadow.a X $(CC) -o passwd $(LDFLAGS) $(POBJS) libshadow.a $(LIBS) X Xpasswd.lint: $(PSRCS) X $(LINT) $(LINTFLAGS) -DPASSWD $(PSRCS) > passwd.lint X Xgpasswd: $(GPOBJS) libshadow.a X $(CC) -o gpasswd $(LDFLAGS) $(GPOBJS) libshadow.a $(LIBS) X Xgpasswd.lint: $(GPSRCS) X $(LINT) $(LINTFLAGS) $(GPSRCS) > gpasswd.lint X Xdpasswd: $(DPOBJS) libshadow.a X $(CC) -o dpasswd $(LDFLAGS) $(DPOBJS) libshadow.a $(LIBS) X Xdpasswd.lint: $(DPSRCS) X $(LINT) $(LINTFLAGS) $(DPSRCS) > dpasswd.lint X Xpwconv: $(PWOBJS) libshadow.a config.h X $(CC) -o pwconv $(LDFLAGS) $(PWOBJS) libshadow.a $(LIBS) X Xpwconv.lint: $(PWSRCS) config.h X $(LINT) $(LINTFLAGS) -DPASSWD $(PWSRCS) > pwconv.lint X Xpwunconv: $(PWUNOBJS) libshadow.a config.h X $(CC) -o pwunconv $(LDFLAGS) $(PWUNOBJS) libshadow.a $(LIBS) X Xpwunconv.lint: $(PWUNSRCS) X $(LINT) $(LINTFLAGS) -DPASSWD $(PWUNSRCS) > pwunconv.lint X Xsulogin: $(SULOGOBJS) libshadow.a X $(CC) -o sulogin $(LDFLAGS) $(SULOGOBJS) libshadow.a $(LIBS) X Xsulogin.lint: $(SULOGSRCS) X $(LINT) $(LINTFLAGS) $(SULOGSRCS) > sulogin.lint X Xfaillog: faillog.o X $(CC) -o faillog $(LDFLAGS) faillog.o $(LIBS) X Xfaillog.lint: faillog.c faillog.h config.h X $(LINT) $(LINTFLAGS) faillog.c > faillog.lint X Xmkpasswd: $(MKPWDOBJS) libshadow.a X $(CC) -o mkpasswd $(LDFLAGS) $(MKPWDOBJS) libshadow.a $(LIBS) X Xmkpasswd.lint: $(MKPWDSRCS) X $(LINT) $(LINTFLAGS) $(MKPWDSRCS) > mkpasswd.lint X Xnewgrp: $(NGOBJS) libshadow.a X $(CC) -o newgrp $(LDFLAGS) $(NGOBJS) libshadow.a $(LIBS) X Xnewgrp.lint: $(NGSRCS) X $(LINT) $(LINTFLAGS) $(NGSRCS) > newgrp.lint X Xchfn: $(CHFNOBJS) libshadow.a X $(CC) -o chfn $(LDFLAGS) $(CHFNOBJS) libshadow.a $(LIBS) X Xchfn.lint: $(CHFNSRCS) X $(LINT) $(LINTFLAGS) $(CHFNSRCS) > chfn.lint X Xchsh: $(CHSHOBJS) libshadow.a X $(CC) -o chsh $(LDFLAGS) $(CHSHOBJS) libshadow.a $(LIBS) X Xchsh.lint: $(CHSHSRCS) X $(LINT) $(LINTFLAGS) $(CHSHSRCS) > chsh.lint X Xchage: $(CHAGEOBJS) libshadow.a X $(CC) -o chage $(LDFLAGS) $(CHAGEOBJS) libshadow.a $(LIBS) X Xchage.lint: $(CHAGESRCS) X $(LINT) $(LINTFLAGS) -DPASSWD $(CHAGESRCS) > chage.lint X Xchpasswd: $(CHPASSOBJS) libshadow.a X $(CC) -o chpasswd $(LDFLAGS) $(CHPASSOBJS) libshadow.a $(LIBS) X Xchpasswd.lint: $(CHPASSSRCS) X $(LINT) $(LINTFLAGS) $(CHPASSSRCS) > chpasswd.lint X Xnewusers: newusers.o libshadow.a X $(CC) -o newusers $(LDFLAGS) newusers.o libshadow.a $(LIBS) X Xnewusers.lint: newusers.c X $(LINT) $(LINTFLAGS) newusers.c > newusers.lint X Xid: id.o libshadow.a X $(CC) -o id $(LDFLAGS) id.o libshadow.a $(LIBS) X Xid.lint: id.c X $(LINT) $(LINTFLAGS) id.c > id.lint X Xgroups: groups.o libshadow.a X $(CC) -c $(CFLAGS) groups.o libshadow.a $(LIBS) X Xgroups.lint: groups.c X $(LINT) $(LINTFLAGS) groups.c > groups.lint X Xuseradd: useradd.o copydir.o mkrmdir.o libshadow.a X $(CC) -o useradd $(LDFLAGS) useradd.o copydir.o mkrmdir.o \ X libshadow.a $(LIBS) $(NDIR) X Xuseradd.lint: useradd.c copydir.c mkrmdir.c X $(LINT) $(LINTFLAGS) useradd.c copydir.c mkrmdir.c > useradd.lint X Xuserdel: userdel.o copydir.o mkrmdir.o libshadow.a X $(CC) -o userdel $(LDFLAGS) userdel.o copydir.o mkrmdir.o \ X libshadow.a $(LIBS) $(NDIR) X Xuserdel.lint: userdel.c copydir.c mkrmdir.c X $(LINT) $(LINTFLAGS) userdel.c copydir.c mkrmdir.c > userdel.lint X Xusermod: usermod.o copydir.o mkrmdir.o libshadow.a X $(CC) -o usermod $(LDFLAGS) usermod.o copydir.o mkrmdir.o \ X libshadow.a $(LIBS) $(NDIR) X Xusermod.lint: usermod.c copydir.c mkrmdir.c X $(LINT) $(LINTFLAGS) usermod.c copydir.c mkrmdir.c > usermod.lint X Xgroupadd: groupadd.o libshadow.a X $(CC) -o groupadd $(LDFLAGS) groupadd.o libshadow.a $(LIBS) X Xgroupadd.lint: groupadd.c X $(LINT) $(LINTFLAGS) groupadd.c > groupadd.lint X Xgroupdel: groupdel.o libshadow.a X $(CC) -o groupdel $(LDFLAGS) groupdel.o libshadow.a $(LIBS) X Xgroupdel.lint: groupdel.c X $(LINT) $(LINTFLAGS) groupdel.c > groupdel.lint X Xgroupmod: groupmod.o libshadow.a X $(CC) -o groupmod $(LDFLAGS) groupmod.o libshadow.a $(LIBS) X Xgroupmod.lint: groupmod.c X $(LINT) $(LINTFLAGS) groupmod.c > groupmod.lint X Xpwd.h.m4: X [ -f s.pwd.h.m4 ] && get -t -r$(RELEASE) s.pwd.h.m4 X Xpwd.h: pwd.h.m4 X m4 $(OS) pwd.h.m4 >pwd.h X Xlogoutd: logoutd.o libshadow.a X $(CC) -o logoutd $(LDFLAGS) logoutd.o libshadow.a X Xlogoutd.lint: logoutd.c X $(LINT) $(LINTFLAGS) logoutd.c > logoutd.lint X Xsulog.o: config.h X Xsusetup.c: setup.c X cp setup.c susetup.c X Xsusetup.o: config.h setup.c pwd.h X $(CC) -c $(CFLAGS) -DSU susetup.c X Xscologin: scologin.o X $(CC) -o scologin $(LDFLAGS) scologin.o -lsocket X Xpasswd.o: config.h shadow.h pwd.h Xlmain.o: config.h lastlog.h faillog.h pwd.h Xsmain.o: config.h lastlog.h pwd.h shadow.h Xsub.o: pwd.h Xsetup.o: config.h pwd.h Xmkrmdir.o: config.h Xutmp.o: config.h Xmail.o: config.h Xmotd.o: config.h Xage.o: config.h pwd.h Xlog.o: config.h lastlog.h pwd.h Xshell.o: config.h Xentry.o: config.h shadow.h pwd.h Xhushed.o: config.h pwd.h Xvalid.o: config.h pwd.h Xfailure.o: faillog.h config.h Xfaillog.o: faillog.h config.h pwd.h Xnewgrp.o: config.h shadow.h pwd.h Xmkpasswd.o: config.h shadow.h pwd.h Xgpmain.o: config.h pwd.h Xchfn.o: config.h pwd.h Xchsh.o: config.h pwd.h Xchage.o: config.h shadow.h pwd.h Xpwconv.o: config.h shadow.h Xpwunconv.o: config.h shadow.h pwd.h Xchpasswd.o: config.h shadow.h pwd.h Xid.o: pwd.h Xnewusers.o: config.h shadow.h pwd.h Xdpmain.o: dialup.h Xuseradd.o: config.h shadow.h pwd.h Xuserdel.o: config.h shadow.h pwd.h Xusermod.o: config.h shadow.h pwd.h Xgroupadd.o: config.h shadow.h Xgroupdel.o: config.h shadow.h Xgroupmod.o: config.h shadow.h Xlogoutd.o: X Xlibshadow.a(shadow.o): shadow.h config.h Xlibshadow.a(shadowio.o): shadow.h Xlibshadow.a(grent.o): config.h shadow.h Xlibshadow.a(sgroupio.o): shadow.h Xlibshadow.a(dialup.o): dialup.h Xlibshadow.a(dialchk.o): dialup.h config.h Xlibshadow.a(getdef.o): config.h Xlibshadow.a(pwdbm.o): config.h pwd.h Xlibshadow.a(pwpack.o): config.h pwd.h Xlibshadow.a(pwent.o): config.h pwd.h Xlibshadow.a(pwio.o): pwd.h Xlibshadow.a(getpass.o): config.h Xlibshadow.a(encrypt.o): config.h Xlibshadow.a(port.o): port.h X Xclean: X -rm -f susetup.c *.o a.out core npasswd nshadow *.pag *.dir X Xclobber: clean X -rm -f $(BINS) *.lint *.L libshadow.a X Xnuke: clobber X -for file in * ; do \ X if [ -f s.$$file -a ! -f p.$$file ] ; then \ X rm -f $$file ;\ X fi ;\ X done X Xshar: login.sh.01 login.sh.02 login.sh.03 login.sh.04 login.sh.05 \ X login.sh.06 login.sh.07 login.sh.08 login.sh.09 login.sh.10 \ X login.sh.11 X Xlogin.sh.01: $(FILES1) Makefile X shar -a $(FILES1) > login.sh.01 X Xlogin.sh.02: $(FILES2) Makefile X shar -a $(FILES2) > login.sh.02 X Xlogin.sh.03: $(FILES3) Makefile X shar -a $(FILES3) > login.sh.03 X Xlogin.sh.04: $(FILES4) Makefile X shar -a $(FILES4) > login.sh.04 X Xlogin.sh.05: $(FILES5) Makefile X shar -a $(FILES5) > login.sh.05 X Xlogin.sh.06: $(FILES6) Makefile X shar -a $(FILES6) > login.sh.06 X Xlogin.sh.07: $(FILES7) Makefile X shar -a $(FILES7) > login.sh.07 X Xlogin.sh.08: $(FILES8) Makefile X shar -a $(FILES8) > login.sh.08 X Xlogin.sh.09: $(FILES9) Makefile X shar -a $(FILES9) > login.sh.09 X Xlogin.sh.10: $(DOCS1) Makefile X shar -a $(DOCS1) > login.sh.10 X Xlogin.sh.11: $(DOCS2) Makefile X shar -a $(DOCS2) > login.sh.11 END_OF_FILE if test 16060 -ne `wc -c <'Makefile'`; then echo shar: \"'Makefile'\" unpacked with wrong size! fi # end of 'Makefile' fi if test -f 'chage.c' -a "${1}" != "-c" ; then echo shar: Will not clobber existing file \"'chage.c'\" else echo shar: Extracting \"'chage.c'\" $17397 characters$ sed "s/^X//" >'chage.c' <<'END_OF_FILE' X/* X * Copyright 1989, 1990, 1991, John F. Haugh II X * All rights reserved. X * X * Permission is granted to copy and create derivative works for any X * non-commercial purpose, provided this copyright notice is preserved X * in all copies of source code, or included in human readable form X * and conspicuously displayed on all copies of object code or X * distribution media. X */ X X#include <sys/types.h> X#include <stdio.h> X#include <fcntl.h> X#include <signal.h> X#include <ctype.h> X#include <time.h> X X#ifndef lint Xstatic char sccsid[] = "@(#)chage.c 3.9 10:14:30 8/15/91"; X#endif X X/* X * Set up some BSD defines so that all the BSD ifdef's are X * kept right here X */ X X#ifndef BSD X#include <string.h> X#include <memory.h> X#define bzero(a,n) memset(a, 0, n) X#else X#include <strings.h> X#define strchr index X#define strrchr rindex X#endif X X#include "config.h" X#include "pwd.h" X#include "shadow.h" X X#ifdef USE_SYSLOG X#include <syslog.h> X X#ifndef LOG_WARN X#define LOG_WARN LOG_WARNING X#endif /* !LOG_WARN */ X#endif /* USE_SYSLOG */ X X/* X * Global variables X */ X Xchar *Prog; Xlong mindays; Xlong maxdays; Xlong lastday; Xlong warndays; Xlong inactdays; Xlong expdays; Xvoid cleanup(); X X/* X * External identifiers X */ X Xextern long a64l(); Xextern int pw_lock(), pw_open(), X pw_unlock(), pw_close(), X pw_update(); Xextern struct passwd *pw_locate(); Xextern int spw_lock(), spw_open(), X spw_unlock(), spw_close(), X spw_update(); Xextern struct spwd *spw_locate(); Xextern int optind; Xextern char *optarg; Xextern char *getlogin (); X#ifdef NDBM Xextern int pw_dbm_mode; Xextern int sp_dbm_mode; X#endif X X/* X * Password aging constants X * X * DAY - seconds in a day X * WEEK - seconds in a week X * SCALE - convert from clock to aging units X */ X X#define DAY (24L*3600L) X#define WEEK (7*DAY) X X#ifdef ITI_AGING X#define SCALE (1) X#else X#define SCALE (DAY) X#endif X X/* X * days and juldays are used to compute the number of days in the X * current month, and the cummulative number of days in the preceding X * months. they are declared so that january is 1, not 0. X */ X Xstatic short days[13] = { 0, X 31, 28, 31, 30, 31, 30, /* JAN - JUN */ X 31, 31, 30, 31, 30, 31 }; /* JUL - DEC */ X Xstatic short juldays[13] = { 0, X 0, 31, 59, 90, 120, 151, /* JAN - JUN */ X 181, 212, 243, 273, 304, 334 }; /* JUL - DEC */ X X/* X * #defines for messages. This facilities foreign language conversion X * since all messages are defined right here. X */ X X#define USAGE \ X"Usage: %s [ -l ] [ -m min_days ] [ -M max_days ] [ -W warn ]\n\ X [ -I inactive ] [ -E expire ] [ -d last_day ] user\n" X#define DBMERROR "Error updating the DBM password entry.\n" X#define DBMERROR2 "error updating DBM shadow entry.\n" X#define UNK_USER "%s: unknown user: %s\n" X#define NO_LFLAG "%s: do no include \"l\" with other flags\n" X#define NO_PERM "%s: permission denied\n" X#define NO_PWLOCK "%s: can't lock password file\n" X#define NO_SPLOCK "%s: can't lock shadow password file\n" X#define NO_PWOPEN "%s: can't open password file\n" X#define NO_SPOPEN "%s: can't open shadow password file\n" X#define CHANGE_INFO "Changing the aging information for %s\n" X#define FIELD_ERR "%s: error changing fields\n" X#define NO_PWUPDATE "%s: can't update password file\n" X#define NO_SPUPDATE "%s: can't update shadow password file\n" X#define NO_PWCLOSE "%s: can't rewrite password file\n" X#define NO_SPCLOSE "%s: can't rewrite shadow password file\n" X#define LOCK_FAIL "failed locking %s\n" X#define OPEN_FAIL "failed opening %s\n" X#define WRITE_FAIL "failed updating %s\n" X#define CLOSE_FAIL "failed rewriting %s\n" X X/* X * usage - print command line syntax and exit X */ X Xvoid Xusage () X{ X fprintf (stderr, USAGE, Prog); X exit (1); X} X X/* X * strtoday - compute the number of days since 1970. X * X * the total number of days prior to the current date is X * computed. january 1, 1970 is used as the origin with X * it having a day number of 0. the gmtime() routine is X * used to prevent confusion regarding time zones. X */ X Xlong Xstrtoday (str) Xchar *str; X{ X char slop[2]; X int month; X int day; X int year; X long total; X X /* X * start by separating the month, day and year. this is X * a chauvanistic program - it only takes date input in X * the standard USA format. X */ X X if (sscanf (str, "%d/%d/%d%c", &month, &day, &year, slop) != 3) X return -1; X X /* X * the month, day of the month, and year are checked for X * correctness and the year adjusted so it falls between X * 1970 and 2069. X */ X X if (month < 1 || month > 12) X return -1; X X if (day < 1) X return -1; X X if ((month != 2 || (year % 4) != 0) && day > days[month]) X return -1; X else if ((month == 2 && (year % 4) == 0) && day > 29) X return -1; X X if (year < 0) X return -1; X else if (year < 69) X year += 2000; X else if (year < 99) X year += 1900; X X if (year < 1970 || year > 2069) X return -1; X X /* X * the total number of days is the total number of days in all X * the whole years, plus the number of leap days, plus the X * number of days in the whole months preceding, plus the number X * of days so far in the month. X */ X X total = ((year - 1970) * 365) + (((year + 1) - 1970) / 4); X total += juldays[month] + (month > 2 && (year % 4) == 0 ? 1:0); X total += day - 1; X X return total; X} X X/* X * new_fields - change the user's password aging information interactively. X * X * prompt the user for all of the password age values. set the fields X * from the user's response, or leave alone if nothing was entered. the X * value (-1) is used to indicate the field should be removed if possible. X * any other negative value is an error. very large positive values will X * be handled elsewhere. X */ X Xint Xnew_fields () X{ X char buf[BUFSIZ]; X char *cp; X long value; X struct tm *tp; X X printf ("Enter the new value, or press return for the default\n\n"); X X sprintf (buf, "%ld", mindays); X change_field (buf, "Minimum Password Age"); X if (((mindays = strtol (buf, &cp, 10)) == 0 && *cp) || mindays < -1) X return 0; X X sprintf (buf, "%ld", maxdays); X change_field (buf, "Maximum Password Age"); X if (((maxdays = strtol (buf, &cp, 10)) == 0 && *cp) || maxdays < -1) X return 0; X X value = lastday * SCALE; X tp = gmtime (&value); X sprintf (buf, "%02d/%02d/%02d", X tp->tm_mon + 1, tp->tm_mday, tp->tm_year); X change_field (buf, "Last Password Change (MM/DD/YY)"); X if (strcmp (buf, "12/31/69") == 0) X lastday = -1; X else if ((lastday = strtoday (buf)) == -1) X return 0; X X sprintf (buf, "%ld", warndays); X change_field (buf, "Password Expiration Warning"); X if (((warndays = strtol (buf, &cp, 10)) == 0 && *cp) || warndays < -1) X return 0; X X sprintf (buf, "%ld", inactdays); X change_field (buf, "Password Inactive"); X if (((inactdays = strtol (buf, &cp, 10)) == 0 && *cp) || inactdays < -1) X return 0; X X value = expdays * SCALE; X tp = gmtime (&value); X sprintf (buf, "%02d/%02d/%02d", X tp->tm_mon + 1, tp->tm_mday, tp->tm_year); X change_field (buf, "Account Expiration Date (MM/DD/YY)"); X if (strcmp (buf, "12/31/69") == 0) X expdays = -1; X else if ((expdays = strtoday (buf)) == -1) X return 0; X X return 1; X} X X/* X * list_fields - display the current values of the expiration fields X * X * display the password age information from the password fields. date X * values will be displayed as a calendar date, or the word "Never" if X * the date is 1/1/70, which is day number 0. X */ X Xvoid Xlist_fields () X{ X struct tm *tp; X char *cp; X long changed; X long expires; X X /* X * Start with the easy numbers - the number of days before the X * password can be changed, the number of days after which the X * password must be chaged, the number of days before the X * password expires that the user is told, and the number of X * days after the password expires that the account becomes X * unusable. X */ X X printf ("Minimum:\t%d\n", mindays); X printf ("Maximum:\t%d\n", maxdays); X printf ("Warning:\t%d\n", warndays); X printf ("Inactive:\t%d\n", inactdays); X X /* X * The "last change" date is either "Never" or the date the X * password was last modified. The date is the number of X * days since 1/1/1970. X */ X X printf ("Last Change:\t\t"); X if (lastday <= 0) { X printf ("Never\n"); X } else { X changed = lastday * SCALE; X tp = gmtime (&changed); X cp = asctime (tp); X printf ("%6.6s, %4.4s\n", cp + 4, cp + 20); X } X X /* X * The password expiration date is determined from the last X * change date plus the number of days the password is valid X * for. X */ X X printf ("Password Expires:\t"); X if (lastday <= 0 || maxdays >= 10000*(DAY/SCALE) || maxdays <= 0) { X printf ("Never\n"); X } else { X expires = changed + maxdays * SCALE; X tp = gmtime (&expires); X cp = asctime (tp); X printf ("%6.6s, %4.4s\n", cp + 4, cp + 20); X } X X /* X * The account becomes inactive if the password is expired X * for more than "inactdays". The expiration date is calculated X * and the number of inactive days is added. The resulting date X * is when the active will be disabled. X */ X X printf ("Password Inactive:\t"); X if (lastday <= 0 || inactdays <= 0 || X maxdays >= 10000*(DAY/SCALE) || maxdays <= 0) { X printf ("Never\n"); X } else { X expires = changed + (maxdays + inactdays) * SCALE; X tp = gmtime (&expires); X cp = asctime (tp); X printf ("%6.6s, %4.4s\n", cp + 4, cp + 20); X } X X /* X * The account will expire on the given date regardless of the X * password expiring or not. X */ X X printf ("Account Expires:\t"); X if (expdays <= 0) { X printf ("Never\n"); X } else { X expires = expdays * SCALE; X tp = gmtime (&expires); X cp = asctime (tp); X printf ("%6.6s, %4.4s\n", cp + 4, cp + 20); X } X} X X/* X * chage - change a user's password aging information X * X * This command controls the password aging information. X * X * The valid options are X * X * -m minimum number of days before password change (*) X * -M maximim number of days before password change (*) X * -d last password change date (*) X * -l last password change date X * -W expiration warning days (*) X * -I password inactive after expiration (*) X * -E account expiration date (*) X * X * (*) requires root permission to execute. X * X * All of the time fields are entered in the internal format X * which is either seconds or days. X */ X Xint Xmain (argc, argv) Xint argc; Xchar **argv; X{ X int flag; X int lflg = 0; X int mflg = 0; X int Mflg = 0; X int dflg = 0; X int Wflg = 0; X int Iflg = 0; X int Eflg = 0; X int ruid = getuid (); X struct passwd *pw; X struct passwd pwent; X struct spwd *sp; X struct spwd spwd; X char name[BUFSIZ]; X X /* X * Get the program name so that error messages can use it. X */ X X if (Prog = strrchr (argv[0], '/')) X Prog++; X else X Prog = argv[0]; X X#ifdef USE_SYSLOG X openlog (Prog, LOG_PID|LOG_CONS|LOG_NOWAIT, LOG_AUTH); X#endif X#ifdef NDBM X sp_dbm_mode = O_RDWR; X pw_dbm_mode = O_RDWR; X#endif X X /* X * Parse the flags. The difference between password file X * formats includes the number of fields, and whether the X * dates are entered as days or weeks. Shadow password X * file info =must= be entered in days, while regular X * password file info =must= be entered in weeks. X */ X X while ((flag = getopt (argc, argv, "lm:M:W:I:E:d:")) != EOF) { X switch (flag) { X case 'l': X lflg++; X break; X case 'm': X mflg++; X mindays = strtol (optarg, 0, 10); X break; X case 'M': X Mflg++; X maxdays = strtol (optarg, 0, 10); X break; X case 'd': X dflg++; X lastday = strtol (optarg, 0, 10); X break; X case 'W': X Wflg++; X warndays = strtol (optarg, 0, 10); X break; X case 'I': X Iflg++; X inactdays = strtol (optarg, 0, 10); X break; X case 'E': X Eflg++; X expdays = strtol (optarg, 0, 10); X break; X default: X usage (); X } X } X X /* X * Make certain the flags do not conflict and that there is X * a user name on the command line. X */ X X if (argc != optind + 1) X usage (); X X if (lflg && (mflg || Mflg || dflg || Wflg || Iflg || Eflg)) { X fprintf (stderr, NO_LFLAG, Prog); X#ifdef USE_SYSLOG X closelog (); X#endif X usage (); X } X X /* X * An unprivileged user can ask for their own aging information, X * but only root can change it, or list another user's aging X * information. X */ X X if (ruid != 0 && ! lflg) { X fprintf (stderr, NO_PERM, Prog); X#ifdef USE_SYSLOG X closelog (); X#endif X exit (1); X } X X /* X * Lock and open the password file. This loads all of the X * password file entries into memory. Then we get a pointer X * to the password file entry for the requested user. X */ X X if (! pw_lock ()) { X fprintf (stderr, NO_PWLOCK, Prog); X#ifdef USE_SYSLOG X syslog (LOG_ERR, LOCK_FAIL, "/etc/passwd"); X closelog (); X#endif X exit (1); X } X if (! pw_open (ruid != 0 || lflg ? O_RDONLY:O_RDWR)) { X fprintf (stderr, NO_PWOPEN, Prog); X cleanup (1); X#ifdef USE_SYSLOG X syslog (LOG_ERR, OPEN_FAIL, "/etc/passwd"); X closelog (); X#endif X exit (1); X } X if (! (pw = pw_locate (argv[optind]))) { X fprintf (stderr, UNK_USER, Prog, argv[optind]); X cleanup (1); X#ifdef USE_SYSLOG X closelog (); X#endif X exit (1); X } X X /* X * For shadow password files we have to lock the file and X * read in the entries as was done for the password file. X * The user entries does not have to exist in this case; X * a new entry will be created for this user if one does X * not exist already. X */ X X if (! spw_lock ()) { X fprintf (stderr, NO_SPLOCK, Prog); X cleanup (1); X#ifdef USE_SYSLOG X syslog (LOG_ERR, LOCK_FAIL, "/etc/shadow"); X closelog (); X#endif X exit (1); X } X if (! spw_open ((ruid != 0 || lflg) ? O_RDONLY:O_RDWR)) { X fprintf (stderr, NO_SPOPEN, Prog); X cleanup (2); X#ifdef USE_SYSLOG X syslog (LOG_ERR, OPEN_FAIL, "/etc/shadow"); X closelog (); X#endif X exit (1); X } X if (sp = spw_locate (argv[optind])) X spwd = *sp; X X strcpy (name, pw->pw_name); X pwent = *pw; X X /* X * Set the fields that aren't being set from the command line X * from the password file. X */ X X if (sp) { X if (! Mflg) X maxdays = spwd.sp_max; X if (! mflg) X mindays = spwd.sp_min; X if (! dflg) X lastday = spwd.sp_lstchg; X if (! Wflg) X warndays = spwd.sp_warn; X if (! Iflg) X inactdays = spwd.sp_inact; X if (! Eflg) X expdays = spwd.sp_expire; X } else X#ifdef ATT_AGE X { X if (pwent.pw_age && strlen (pwent.pw_age) >= 2) { X if (! Mflg) X maxdays = c64i (pwent.pw_age[0]) * (WEEK/SCALE); X if (! mflg) X mindays = c64i (pwent.pw_age[1]) * (WEEK/SCALE); X if (! dflg && strlen (pwent.pw_age) == 4) X lastday = a64l (pwent.pw_age+2) * (WEEK/SCALE); X } else { X mindays = 0; X maxdays = 10000L * (DAY/SCALE); X lastday = -1; X } X warndays = inactdays = expdays = -1; X } X#endif X X /* X * Print out the expiration fields if the user has X * requested the list option. X */ X X if (lflg) { X if (ruid != 0 && ruid != pw->pw_uid) { X fprintf (stderr, NO_PERM, Prog); X#ifdef USE_SYSLOG X closelog (); X#endif X exit (1); X } X list_fields (); X cleanup (2); X#ifdef USE_SYSLOG X closelog (); X#endif X exit (0); X } X X /* X * If none of the fields were changed from the command line, X * let the user interactively change them. X */ X X if (! mflg && ! Mflg && ! dflg && ! Wflg && ! Iflg && ! Eflg) { X printf (CHANGE_INFO, name); X if (! new_fields ()) { X fprintf (stderr, FIELD_ERR, Prog); X cleanup (2); X#ifdef USE_SYSLOG X closelog (); X#endif X exit (1); X } X } X X /* X * There was no shadow entry. The new entry will have the X * encrypted password transferred from the normal password X * file along with the aging information. X */ X X if (sp == 0) { X sp = &spwd; X bzero (&spwd, sizeof spwd); X X sp->sp_namp = pw->pw_name; X sp->sp_pwdp = pw->pw_passwd; X sp->sp_flag = -1; X X pwent.pw_passwd = "!"; X#ifdef ATT_AGE X pwent.pw_age = ""; X#endif X if (! pw_update (&pwent)) { X fprintf (stderr, NO_PWUPDATE, Prog); X cleanup (2); X#ifdef USE_SYSLOG X syslog (LOG_ERR, WRITE_FAIL, "/etc/passwd"); X closelog (); X#endif X exit (1); X } X#if defined(DBM) || defined(NDBM) X (void) pw_dbm_update (&pwent); X endpwent (); X#endif X } X X /* X * Copy the fields back to the shadow file entry and X * write the modified entry back to the shadow file. X * Closing the shadow and password files will commit X * any changes that have been made. X */ X X sp->sp_max = maxdays; X sp->sp_min = mindays; X sp->sp_lstchg = lastday; X sp->sp_warn = warndays; X sp->sp_inact = inactdays; X sp->sp_expire = expdays; X X if (! spw_update (sp)) { X fprintf (stderr, NO_SPUPDATE, Prog); X cleanup (2); X#ifdef USE_SYSLOG X syslog (LOG_ERR, WRITE_FAIL, "/etc/shadow"); X closelog (); X#endif X exit (1); X } X#ifdef NDBM X X /* X * See if the shadow DBM file exists and try to update it. X */ X X if (access ("/etc/shadow.pag", 0) == 0 && ! sp_dbm_update (sp)) { X fprintf (stderr, DBMERROR); X cleanup (2); X#ifdef USE_SYSLOG X syslog (LOG_ERR, DBMERROR2); X closelog (); X#endif X exit (1); X } X endspent (); X#endif /* NDBM */ X X /* X * Now close the shadow password file, which will cause all X * of the entries to be re-written. X */ X X if (! spw_close ()) { X fprintf (stderr, NO_SPCLOSE, Prog); X cleanup (2); X#ifdef USE_SYSLOG X syslog (LOG_ERR, CLOSE_FAIL, "/etc/shadow"); X closelog (); X#endif X exit (1); X } X X /* X * Close the password file. If any entries were modified, the X * file will be re-written. X */ X X if (! pw_close ()) { X fprintf (stderr, NO_PWCLOSE, Prog); X cleanup (2); X#ifdef USE_SYSLOG X syslog (LOG_ERR, CLOSE_FAIL, "/etc/passwd"); X closelog (); X#endif X exit (1); X } X cleanup (2); X#ifdef USE_SYSLOG X closelog (); X#endif X exit (0); X /*NOTREACHED*/ X} X X/* X * cleanup - unlock any locked password files X */ X Xvoid Xcleanup (state) Xint state; X{ X switch (state) { X case 2: X spw_unlock (); X case 1: X pw_unlock (); X case 0: X break; X } X} END_OF_FILE if test 17397 -ne `wc -c <'chage.c'`; then echo shar: \"'chage.c'\" unpacked with wrong size! fi # end of 'chage.c' fi if test -f 'login.5' -a "${1}" != "-c" ; then echo shar: Will not clobber existing file \"'login.5'\" else echo shar: Extracting \"'login.5'\" $13490 characters$ sed "s/^X//" >'login.5' <<'END_OF_FILE' X.\" Copyright 1991, John F. Haugh II and Chip Rosenthal X.\" All rights reserved. X.\" X.\" Permission is granted to copy and create derivative works for any X.\" non-commercial purpose, provided this copyright notice is preserved X.\" in all copies of source code, or included in human readable form X.\" and conspicuously displayed on all copies of object code or X.\" distribution media. X.\" X.\" @(#)login.5 3.2 08:52:50 11/3/91 X.\" X.TH LOGIN 5 X.SH NAME X/etc/login.defs \- Login configuration X.SH DESCRIPTION XThe X.I /etc/login.defs Xfile defines the site-specific configuration for the shadow login Xsuite. This file is required. Absence of this file will not prevent Xsystem operation, but will probably result in undesirable operation. X.PP XThis file is a readable text file, each line of the file describing Xone configuration parameter. The lines consist of a configuration Xname and value, seperated by whitespace. Blank lines and comment Xlines are ignored. Comments are introduced with a `#' pound sign and Xthe pound sign must be the first non-white character of the line. X.PP XParameter values may be of four types: strings, booleans, numbers, Xand long numbers. A string is comprised of any printable characters. XA boolean should be either the value ``yes'' or ``no''. An undefined Xboolean parameter or one with a value other than these will be given Xa ``no'' value. Numbers (both regular and long) may be either decimal Xvalues, octal values (precede the value with ``0'') or hexadecimal Xvalues (precede the value with ``0x''). The maximum value of the Xregular and long numeric parameters is machine-dependant. X.PP XThe following configuration items are provided: X.\" X.IP "CONSOLE (string)" XIf specified, this definition provides for a restricted set of lines Xon which root logins will be allowed. An attempted root login which Xdoes not meet the criteria established here will be rejected. The Xvalue of this field may be one of two forms, either a fully-rooted Xpathname such as X.sp X.ft CW X CONSOLE /etc/consoles X.ft P X.sp Xor a colon-delimited list of terminal lines such as: X.sp X.ft CW X CONSOLE console:tty01:tty02:tty03:tty04 X.ft P X.sp XIf a pathname is given, each line of the file should specify one Xterminal line. If this parameter is not defined or the specified file Xdoes not exist, then root logins will be allowed from any terminal Xline. Because the removal of this file, or its truncation, could Xresult in unauthorized root logins, this file must be protected. XWhere security is critical, the colon-separated form should be used Xto prevent this potential method of attack. X.\" X.IP "DIALUPS_CHECK_ENAB (boolean)" XIf X.I yes Xand an X.I /etc/dialups Xfile exists, then secondary passwords are enabled upon the dialup Xlines specified in this file. This file should contain a list of Xdialups, one per line, for example: X.nf X.sp X.ft CW X ttyfm01 X ttyfm02 X \0\0. X \0\0. X \0\0. X.ft P X.sp X.fi X.\" X.IP "ENV_HZ (string)" XThis parameter specifies a value for an HZ environment parameter. XExample usage is: X.sp X \f(CWENV_HZ HZ=50\fP X.sp XIf this parameter is not defined then no HZ value will be established. X.\" X.IP "ENV_PATH (string)" XThis parameter must be defined as the search path for regular users. XWhen a login with UID other than zero occurs, the PATH environment Xparameter is initialized to this value. This parameter is required; Xif undefined a possibly incorrect default value will be provided. X.\" X.IP "ENV_SUPATH (string)" XThis parameter must be defined as the search path for the superuser. XWhen a login with UID zero occurs, the PATH environment parameter is Xinitialized to this value. This parameter is required; if undefined Xa possibly incorrect default value will be provided. X.\" X.IP "ENV_TZ (string)" XThis parameter specifies information for generating a TZ environment Xparameter. The value must either be the desired contents of TZ, or Xthe full pathname of a file which contains this information. Example Xusage is: X.sp X \f(CWENV_TZ\0\0\0\0TZ=CST6CDT\fP X.sp Xor X.sp X \f(CWENV_TZ\0\0\0\0/etc/tzname\fP X.sp XIf a nonexistent file is named, then TZ will be initialized to some Xdefault value. If this parameter is not defined then no TZ value will Xbe established. X.\" X.IP "ERASECHAR (number)" XThe terminal X.I erase Xcharacter is initialized to this value. This is supported only on Xsystems with the X.I termio Xinterface, e.g. System V. If not specified, the erase character will Xbe initialized to a backspace. See KILLCHAR for related information. X.\" X.IP "FAILLOG_ENAB (boolean)" XIf X.I yes Xthen login failures will be accumulated in X.I /usr/adm/faillog Xin a X.I faillog(8) Xformat. X.\" X.IP "FTMP_FILE (string)" XThis parameter specifies the full pathname to a file to which login Xfailures are recorded. When a login failure occurs, a X.I utmp Xformat record will be appended to this file. Note that this differs Xfrom the X.I /usr/adm/faillog Xfailure logging in that this facility logs every failure whereas the X``faillog'' facility accumulates failure information per user. If Xthis parameter is not specified then logging will be inhibited. See XFAILLOG_ENAB and LOG_UNKFAIL_ENAB for related information. X.\" X.IP "HUSHLOGIN_FILE (string)" XThis parameter is used to establish ``hushlogin'' conditions. There Xare two possible ways to establish these conditions. First, if the Xvalue of this parameter is a filename and that file exists in the Xuser's home directory then ``hushlogin'' conditions will be in effect. XThe contents of this file are ignored; its mere presence triggers X``hushlogin'' conditions. Second, if the value of this parameter is Xa full pathname and either the user's login name or the user's shell Xis found in this file, then ``hushlogin'' conditions will be in effect. XIn this case, the file should be in a format similar to: X.nf X.sp X.ft CW X demo X /usr/lib/uucp/uucico X \0\0. X \0\0. X \0\0. X.ft P X.sp X.fi XIf this parameter is not defined, then ``hushlogin'' conditions will Xnever occur. When ``hushlogin'' conditions are established, the Xmessage of the day, last successful and unsuccessful login display, Xmail status display, and password aging checks are suppressed. Note Xthat allowing hushlogin files in user home directories allows the user Xto disable password aging checks. See MOTD_FILE, FAILLOG_ENAB, XLASTLOG_ENAB, and MAIL_CHECK_ENAB for related information. X.\" X.IP "KILLCHAR (number)" XThe terminal X.I kill Xcharacter is initialized to this value. This is supported only on Xsystems with the X.I termio Xinterface, e.g. System V. If not specified, the kill character will Xbe initialized to a \s-2CTRL/U\s0. XSee ERASECHAR for related information. X.\" X.IP "LASTLOG_ENAB (boolean)" XIf X.IR yes , Xand if the X.I /usr/adm/lastlog Xfile exists, then a successful user login will be recorded to this Xfile. Furthermore, if this option is enabled then the times of the Xmost recent successful and unsuccessful logins will be displayed to Xthe user upon login. The unsuccessful login display will be suppressed Xif FAILLOG_ENAB is not enabled. If ``hushlogin'' conditions are in Xeffect, then both the successful and unsuccessful login information Xwill be suppressed. X.\" X.IP "LOG_UNKFAIL_ENAB (boolean)" XIf X.I yes Xthen unknown usernames will be included when a login failure is Xrecorded. Note that this is a potential security risk; a common login Xfailure mode is transposition of the user name and password, thus this Xmode will often cause passwords to accumulate in the failure logs. XIf this option is disabled then unknown usernames will be suppressed Xin login failure messages. X.\" X.IP "MAIL_CHECK_ENAB (boolean)" XIf X.IR yes , Xthe user will be notified of his or her mailbox status upon login. XSee MAIL_DIR for related information. X.\" X.IP "MAIL_DIR (string)" XThis parameter specifies the full pathname to the directory which Xcontains the user mailbox files. The user's login name is appended Xto this path to form the MAIL environment parameter \- the path to Xthe user's mailbox. This parameter must be defined; if undefined some Xpossibly incorrect default value will be assumed. See MAIL_CHECK_ENAB Xfor related information. X.\" X.IP "MOTD_FILE (string)" XThis parameter specifies a colon-delimited list of pathnames to ``message Xof the day'' files. XIf a specified file exists, then its contents are displayed to the user Xupon login. XIf this parameter is not defined or ``hushlogin'' login conditions are Xin effect, this information will be suppressed. X.\" X.IP "NOLOGIN_STR (string)" XThis parameter specifies a value which will prevent logins on particular Xaccounts. If this value is found in the ``shell'' field of a user's X.I passwd Xentry, then logins will not be allowed under that user name. The X.I su Xcommand may still be used. If this parameter is not specified then Xthis feature will be suppressed. X.\" X.IP "NOLOGINS_FILE (string)" XThis parameter specifies the full pathname to a file which inhibits Xnon-root logins. If this file exists and a user other than root Xattempts to log in, the contents of the file will be displayed and Xthe user will be disconnected. If this parameter is not specified Xthen this feature will be inhibited. X.\" X.IP "OBSCURE_CHECKS_ENAB (boolean)" XIf X.IR yes , Xthe X.I passwd Xprogram will perform additional checks before accepting a password change. XThe checks performed are fairly simple, and their use is recommended. XThese obscurity checks are bypassed if X.I passwd Xis run by X.IR root . XSee PASS_MIN_LEN for related information. X.\" X.IP "PASS_MIN_DAYS (number)" XThe minimum number of days allowed between password changes. Any password Xchanges attempted sooner than this will be rejected. If not specified, a Xzero value will be assumed. X.\" X.IP "PASS_MIN_LEN (number)" XThe minimum number of characters in an acceptable password. An attempt to Xassign a password with fewer characters will be rejected. A zero value Xsuppresses this check. If not specified, a zero value will be assumed. X.\" X.IP "PASS_MAX_DAYS (number)" XThe maximum number of days a password may be used. If the password is Xolder than this, then the account will be locked. If not specified, Xa large value will be assumed. X.\" X.IP "PASS_WARN_AGE (number)" XThe number of days warning given before a password expires. A zero means Xwarning is given only upon the day of expiration, a negative value means Xno warning is given. If not specified, no warning will be provided. X.IP "PORTTIME_CHECKS_ENAB (boolean)" XIf X.I yes Xand an X.I /etc/porttime Xfile exists, that file will be consulted to ensure the user may login Xat this time on the given line. Xc.f. porttime(4) X.\" X.IP "QUOTAS_ENAB (boolean)" XIf X.I yes , Xthen the user's ``ulimit,'' ``umask,'' and ``niceness'' will be Xinitialized to the values if specified in the X.I gecos Xfield of the X.I passwd Xfile. Xc.f. passwd(4). X.\" X.IP "SULOG_FILE (string)" XThis parameter specifies a full pathname of a file in which X.I su Xactivity is logged. XIf this parameter is not specified, the logging is suppressed. XBecause the X.I su Xcommand may be used when attempting to authenticate a password, Xeither this option, or X.I syslog Xshould be used to note X.I su Xactivity. See the SYSLOG_SU_ENAB option for related information. X.\" X.IP "SYSLOG_SU_ENAB (boolean)" XIf X.I yes Xand X.I login Xwas compiled with X.I syslog Xsupport, then all X.I su Xactivity will be noted through the X.I syslog Xfacility. XSee SULOG_FILE for related information. X.\" X.IP "TTYPERM (number)" XThe login terminal permissions are initialized to this value. Typical Xvalues will be \f(CW0622\fP to permit others write access to the line Xor \f(CW0600\fP to secure the line from other users. If not specified, Xthe terminal permissions will be initialized to \f(CW0622\fP. X.\" X.IP "TTYTYPE_FILE (string)" XThis parameter specifies the full pathname to a file which maps terminal Xlines to terminal types. Each line of the file contains a terminal Xtype and a terminal line, seperated by whitespace, for example: X.nf X.sp X.ft CW X vt100\0 tty01 X wyse60 tty02 X \0\0.\0\0\0 \0\0. X \0\0.\0\0\0 \0\0. X \0\0.\0\0\0 \0\0. X.ft P X.sp X.fi XThis information is used to initialize the TERM environment parameter. XA line starting with a ``#'' pound sign will be treated as a comment. XIf this paramter is not specified, the file does not exist, or the terminal Xline is not found in the file, then the TERM environment parameter will not Xbe set. X.\" X.IP "ULIMIT (long number)" XThe file size limit is initialized to this value. This is supported Xonly on systems with a X.IR ulimit , Xe.g. System V. If not specified, the file size limit will be initialized Xto some large value. X.\" X.IP "UMASK (number)" XThe permission mask is initialized to this value. If not specified, Xthe permission mask will be initialized to zero. X.\" X.SH CROSS REFERENCE XThe following cross reference shows which programs in the shadow login Xsuite use which parameters. X.na X.IP login 12 XCONSOLE DIALUPS_CHECK_ENAB ENV_HZ ENV_SUPATH ENV_TZ ERASECHAR FAILLOG_ENAB XFTMP_FILE HUSHLOGIN_FILE KILLCHAR LASTLOG_ENAB LOG_UNKFAIL_ENAB XMAIL_CHECK_ENAB MAIL_DIR MOTD_FILE NOLOGINS_FILE PORTTIME_CHECKS_ENAB XQUOTAS_ENAB TTYPERM TTYTYPE_FILE ULIMIT UMASK X.IP newusers 12 XPASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE UMASK X.IP passwd 12 XOBSCURE_CHECKS_ENAB PASS_MIN_LEN X.IP pwconv 12 XPASS_MAX_DAYS PASS_MIN_DAYS PASS_WARN_AGE X.IP su 12 XENV_HZ ENV_SUPATH ENV_TZ HUSHLOGIN_FILE MAIL_CHECK_ENAB MAIL_DIR XMOTD_FILE NOLOGIN_STR QUOTAS_ENAB SULOG_FILE SYSLOG_SU_ENAB X.IP sulogin 12 XENV_HZ ENV_SUPATH ENV_TZ MAIL_DIR QUOTAS_ENAB TTYPERM X.ad X.SH SEE ALSO Xlogin(1), passwd(4), faillog(4), porttime(4), faillog(8) END_OF_FILE if test 13490 -ne `wc -c <'login.5'`; then echo shar: \"'login.5'\" unpacked with wrong size! fi # end of 'login.5' fi if test -f 'passwd.1' -a "${1}" != "-c" ; then echo shar: Will not clobber existing file \"'passwd.1'\" else echo shar: Extracting \"'passwd.1'\" $4116 characters$ sed "s/^X//" >'passwd.1' <<'END_OF_FILE' X.\" Copyright 1989, 1990, John F. Haugh II X.\" All rights reserved. X.\" X.\" Use, duplication, and disclosure prohibited without X.\" the express written permission of the author. X.\" X.\" @(#)passwd.1 3.1 09:34:23 11/21/90 X.\" X.TH PASSWD 1 X.SH NAME Xpasswd \- change user password X.SH SYNOPSIS X\fBpasswd\fR [ \fB-f\fR ] [ \fIname\fR ] X.br X\fBpasswd\fR [ \fB-g\fR ] [ \fB-r\fR ] \fIgroup\fR X.SH DESCRIPTION X\fIpasswd\f changes passwords for user accounts. XA normal user may only change the password for their own account, Xthe super user may change the password for any account. X.PP XThe user is first prompted for their old password, Xif one is present. XThis password is then encrypted and compared against the Xstored password. XThe user has only one chance to enter the correct password. XThe super user is permitted to bypass this step so that forgotten Xpasswords may be changed. X.PP XAfter the password has been entered password aging information Xis checked to see if the user is permitted to change their password Xat this time. XIf not, \fIpasswd\fR refuses to change the password and exits. X.PP XThe user is then prompted for a replacement password. XThis password is tested for complexity. XAs a general guideline, Xpasswords should consist of 6 to 8 characters including Xone or more from each of following sets: X.IP "" .5i XLower case alphabetics X.IP "" .5i XUpper case alphabetics X.IP "" .5i XDigits 0 thru 9 X.IP "" .5i XPunctuation marks X.PP XCare must be taken not to include the system default erase Xor kill characters. X\fIpasswd\fR will reject any password which is not suitably Xcomplex. X.PP XIf the password is accepted, X\fIpasswd\fR will prompt again and compare the second entry Xagainst the first. XBoth entries are require to match in order for the password Xto be changed. X.PP XWhen the \fB-g\f option is used, the password for the named Xgroup is changed. XThe user must either be the super user, or the first group Xmember listed for the named group. XThe current group password is not prompted for. XThe \fB-r\f option is used with the \fB-g\f option to remove Xthe current password from the named group. X.SH Hints for user passwords XThe security of a password depends upon the strength of the Xencryption algorithm and the size of the key space. XThe \fB\s-2UNIX\s+2\fR System encryption method is based on Xthe NBS DES algorithm and is very secure. XThe size of the key space depends upon the randomness of the Xpassword which is selected. X.PP XCompromises in password security normally result from careless Xpassword selection or handling. XFor this reason, you should select a password which does not Xappear in a dictionary or which must be written down. XThe password should also not be a proper name, your license Xnumber, birth date, or street address. XAny of these may be used as guesses to violate system security. X.PP XYour password must easily remembered so that you will not Xbe forced to write it on a piece of paper. XThis can be accomplished by appending two small words together Xand separating each with a special character or digit. XFor example, Pass%word. X.PP XOther methods of construction involve selecting an easily Xremembered phrase from literature and selecting the first Xor last letter from each. XAn example of this is X.IP "" .5i XAsk not for whom the bell tolls. X.PP Xwhich produces X.IP "" .5i XAn4wtbt. X.PP XYou may be reasonably sure few crackers will have Xincluded this in their dictionary. X.SH Notes about group passwords XGroup passwords are an inherent security problem since more Xthan one person is permitted to know the password. XHowever, groups are a useful tool for permitting co-operation Xbetween different users. X.SH CAVEATS XNot all options may be supported. XPassword complexity checking may vary from site to site. XThe user is urged to select as complex a password as they Xfeel comfortable with. XA \fB-f\fR option exists to permit the superuser to override Xany password complexity testing; Xnormal users must create passwords which pass the complexity Xtest. X.SH Files X/etc/passwd \- user account information X.br X/etc/shadow \- encrypted user passwords X.SH See Also Xpasswd(3), Xshadow(3), Xgroup(4), Xpasswd(4) END_OF_FILE if test 4116 -ne `wc -c <'passwd.1'`; then echo shar: \"'passwd.1'\" unpacked with wrong size! fi # end of 'passwd.1' fi echo shar: End of archive 3 $of 11$. cp /dev/null ark3isdone MISSING="" for I in 1 2 3 4 5 6 7 8 9 10 11 ; do if test ! -f ark${I}isdone ; then MISSING="${MISSING} ${I}" fi done if test "${MISSING}" = "" ; then echo You have unpacked all 11 archives. rm -f ark[1-9]isdone ark[1-9][0-9]isdone else echo You still must unpack the following archives: echo " " ${MISSING} fi exit 0 exit 0 # Just in case...