SOURCES: shadow-login.defs - drop !USE_PAM items

glen glen at pld-linux.org
Tue Jun 13 15:15:45 CEST 2006


Author: glen                         Date: Tue Jun 13 13:15:45 2006 GMT
Module: SOURCES                       Tag: HEAD
---- Log message:
- drop !USE_PAM items

---- Files affected:
SOURCES:
   shadow-login.defs (1.8 -> 1.9) 

---- Diffs:

================================================================
Index: SOURCES/shadow-login.defs
diff -u SOURCES/shadow-login.defs:1.8 SOURCES/shadow-login.defs:1.9
--- SOURCES/shadow-login.defs:1.8	Sun Jun 11 11:14:49 2006
+++ SOURCES/shadow-login.defs	Tue Jun 13 15:15:40 2006
@@ -18,11 +18,6 @@
 FAIL_DELAY		3
 
 #
-# Enable logging and display of /var/log/faillog login failure info.
-#
-FAILLOG_ENAB		yes
-
-#
 # Enable display of unknown usernames when login failures are recorded.
 #
 LOG_UNKFAIL_ENAB	no
@@ -33,34 +28,6 @@
 LOG_OK_LOGINS		no
 
 #
-# Enable logging and display of /var/log/lastlog login time info.
-#
-LASTLOG_ENAB		yes
-
-#
-# Enable checking and display of mailbox status upon login.
-#
-# Disable if the shell startup files already check for mail
-# ("mailx -e" or equivalent).
-#
-MAIL_CHECK_ENAB		yes
-
-#
-# Enable additional checks upon password changes.
-#
-OBSCURE_CHECKS_ENAB	yes
-
-#
-# Enable checking of time restrictions specified in /etc/porttime.
-#
-PORTTIME_CHECKS_ENAB	yes
-
-#
-# Enable setting of ulimit, umask, and niceness from passwd gecos field.
-#
-QUOTAS_ENAB		yes
-
-#
 # Enable "syslog" logging of su activity - in addition to sulog file logging.
 # SYSLOG_SG_ENAB does the same for newgrp and sg.
 #
@@ -81,37 +48,12 @@
 #SULOG_FILE	/var/log/sulog
 
 #
-# If defined, ":" delimited list of "message of the day" files to
-# be displayed upon login.
-#
-MOTD_FILE	/etc/motd
-#MOTD_FILE	/etc/motd:/usr/lib/news/news-motd
-
-#
-# If defined, this file will be output before each login prompt.
-#
-#ISSUE_FILE	/etc/issue
-
-#
 # If defined, file which maps tty line to TERM environment parameter.
 # Each line of the file is in a format something like "vt100  tty01".
 #
 #TTYTYPE_FILE	/etc/ttytype
 
 #
-# If defined, login failures will be logged here in a utmp format.
-# last, when invoked as lastb, will read /var/log/btmp, so...
-#
-FTMP_FILE	/var/log/btmpx
-
-#
-# If defined, name of file whose presence which will inhibit non-root
-# logins.  The contents of this file should be a message indicating
-# why logins are inhibited.
-#
-NOLOGINS_FILE	/etc/nologin
-
-#
 # If defined, the command name to display when running "su -".  For
 # example, if this is defined as "su" then a "ps" will display the
 # command is "-su".  If not defined, then "ps" would display the
@@ -123,9 +65,7 @@
 # *REQUIRED*
 #   Directory where mailboxes reside, _or_ name of file, relative to the
 #   home directory.  If you _do_ define both, MAIL_DIR takes precedence.
-#   QMAIL_DIR is for Qmail
 #
-#QMAIL_DIR	Maildir
 MAIL_DIR	/var/mail
 #MAIL_FILE	.mail
 
@@ -139,29 +79,6 @@
 #HUSHLOGIN_FILE	/etc/hushlogins
 
 #
-# If defined, the presence of this value in an /etc/passwd "shell" field will
-# disable logins for that user, although "su" will still be allowed.
-#
-# XXX this does not seem to be implemented yet...  --marekm
-# no, it was implemented but I ripped it out ;-) -- jfh
-NOLOGIN_STR	NOLOGIN
-
-#
-# If defined, either a TZ environment parameter spec or the
-# fully-rooted pathname of a file containing such a spec.
-#
-#ENV_TZ		TZ=CST6CDT
-#ENV_TZ		/etc/tzname
-
-#
-# If defined, an HZ environment parameter spec.
-#
-# for Linux/x86
-ENV_HZ		HZ=100
-# For Linux/Alpha...
-#ENV_HZ		HZ=1024
-
-#
 # *REQUIRED*  The default PATH settings, for superuser and normal users.
 #
 # (they are minimal, add the rest in the shell startup files)
@@ -188,44 +105,14 @@
 #	ERASECHAR	Terminal ERASE character ('\010' = backspace).
 #	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
 #	UMASK		Default "umask" value.
-#	ULIMIT		Default "ulimit" value.
 #
 # The ERASECHAR and KILLCHAR are used only on System V machines.
-# The ULIMIT is used only if the system supports it.
-# (now it works with setrlimit too; ulimit is in 512-byte units)
 #
 # Prefix these values with "0" to get octal, "0x" to get hexadecimal.
 #
 #ERASECHAR	0177
 #KILLCHAR	025
 UMASK		022
-#ULIMIT		2097152
-
-#
-# Password aging controls:
-#
-#	PASS_MAX_DAYS	Maximum number of days a password may be used.
-#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
-#	PASS_MIN_LEN	Minimum acceptable password length.
-#	PASS_WARN_AGE	Number of days warning given before a password expires.
-#
-PASS_MAX_DAYS	99999
-PASS_MIN_DAYS	0
-PASS_MIN_LEN	8
-PASS_WARN_AGE	5
-
-#
-# If "yes", the user must be listed as a member of the first gid 0 group
-# in /etc/group (called "root" on most Linux systems) to be able to "su"
-# to uid 0 accounts.  If the group doesn't exist or is empty, no one
-# will be able to "su" to uid 0.
-#
-SU_WHEEL_ONLY	no
-
-#
-# If compiled with cracklib support, where are the dictionaries
-#
-CRACKLIB_DICTPATH	/usr/share/dict
 
 #
 # Min/max values for automatic uid selection in useradd
@@ -250,28 +137,6 @@
 LOGIN_TIMEOUT		60
 
 #
-# Maximum number of attempts to change password if rejected (too easy)
-#
-PASS_CHANGE_TRIES	5
-
-#
-# Warn about weak passwords (but still allow them) if you are root.
-#
-PASS_ALWAYS_WARN	yes
-
-#
-# Number of significant characters in the password for crypt().
-# Default is 8, don't change unless your crypt() is better.
-# Ignored if MD5_CRYPT_ENAB set to "yes".
-#
-#PASS_MAX_LEN		8
-
-#
-# Require password before chfn/chsh can make any changes.
-#
-CHFN_AUTH		yes
-
-#
 # Which fields may be changed by regular users using chfn - use
 # any combination of letters "frwh" (full name, room number, work
 # phone, home phone).  If not defined, no changes are allowed.
@@ -280,23 +145,6 @@
 CHFN_RESTRICT		yes
 
 #
-# Password prompt (%s will be replaced by user name).
-#
-# XXX - it doesn't work correctly yet, for now leave it commented out
-# to use the default which is just "Password: ".
-#LOGIN_STRING		"%s's Password: "
-
-#
-# Only works if compiled with MD5_CRYPT defined:
-# If set to "yes", new passwords will be encrypted using the MD5-based
-# algorithm compatible with the one used by recent releases of FreeBSD.
-# It supports passwords of unlimited length and longer salt strings.
-# Set to "no" if you need to copy encrypted passwords to other systems
-# which don't understand the new algorithm.  Default is "no".
-#
-MD5_CRYPT_ENAB	yes
-
-#
 # List of groups to add to the user's supplementary group set
 # when logging in on the console (as determined by the CONSOLE
 # setting).  Default is none.
@@ -312,12 +160,6 @@
 # Default in no.
 #
 DEFAULT_HOME	yes
-
-#
-# If this file exists and is readable, login environment will be
-# read from it.  Every line should be in the form name=value.
-#
-ENVIRON_FILE	/etc/environment
 
 #
 # If defined, this command is run when removing a user.
================================================================

---- CVS-web:
    http://cvs.pld-linux.org/SOURCES/shadow-login.defs?r1=1.8&r2=1.9&f=u



More information about the pld-cvs-commit mailing list