# --- ROCK-COPYRIGHT-NOTE-BEGIN --- # # This copyright note is auto-generated by ./scripts/Create-CopyPatch. # Please add additional copyright information _after_ the line containing # the ROCK-COPYRIGHT-NOTE-END tag. Otherwise it might get removed by # the ./scripts/Create-CopyPatch script. Do not edit this copyright text! # # ROCK Linux: rock-src/package/base/shadow/login_defs.patch # ROCK Linux is Copyright (C) 1998 - 2006 Clifford Wolf # # This patch file is dual-licensed. It is available under the license the # patched project is licensed under, as long as it is an OpenSource license # as defined at http://www.opensource.org/ (e.g. BSD, X11) or under the terms # of the GNU General Public License as published by the Free Software # Foundation; either version 2 of the License, or (at your option) any later # version. # # --- ROCK-COPYRIGHT-NOTE-END --- --- ./etc/login.defs.orig 2005-09-01 21:57:45.000000000 +0200 +++ ./etc/login.defs 2005-12-28 18:11:09.000000000 +0100 @@ -4,6 +4,9 @@ # $Id: login.defs,v 1.8 2005/09/01 19:57:45 kloczek Exp $ # +## WARNING: Many of the configuration variables described in this file +## do not work on systems using PAM. + # # Delay in seconds before being allowed another attempt after a login failure # @@ -12,7 +15,7 @@ # # Enable logging and display of /var/log/faillog login failure info. # -FAILLOG_ENAB yes +#FAILLOG_ENAB yes # # Enable display of unknown usernames when login failures are recorded. @@ -27,7 +30,7 @@ # # Enable logging and display of /var/log/lastlog login time info. # -LASTLOG_ENAB yes +#LASTLOG_ENAB yes # # Enable checking and display of mailbox status upon login. @@ -35,22 +38,22 @@ # Disable if the shell startup files already check for mail # ("mailx -e" or equivalent). # -MAIL_CHECK_ENAB yes +#MAIL_CHECK_ENAB yes # # Enable additional checks upon password changes. # -OBSCURE_CHECKS_ENAB yes +#OBSCURE_CHECKS_ENAB yes # # Enable checking of time restrictions specified in /etc/porttime. # -PORTTIME_CHECKS_ENAB yes +#PORTTIME_CHECKS_ENAB yes # # Enable setting of ulimit, umask, and niceness from passwd gecos field. # -QUOTAS_ENAB yes +#QUOTAS_ENAB yes # # Enable "syslog" logging of su activity - in addition to sulog file logging. @@ -76,7 +79,7 @@ # If defined, ":" delimited list of "message of the day" files to # be displayed upon login. # -MOTD_FILE /etc/motd +#MOTD_FILE /etc/motd #MOTD_FILE /etc/motd:/usr/lib/news/news-motd # @@ -94,14 +97,14 @@ # If defined, login failures will be logged here in a utmp format. # last, when invoked as lastb, will read /var/log/btmp, so... # -FTMP_FILE /var/log/btmp +#FTMP_FILE /var/log/btmp # # If defined, name of file whose presence which will inhibit non-root # logins. The contents of this file should be a message indicating # why logins are inhibited. # -NOLOGINS_FILE /etc/nologin +#NOLOGINS_FILE /etc/nologin # # If defined, the command name to display when running "su -". For @@ -139,7 +142,7 @@ # If defined, an HZ environment parameter spec. # # for Linux/x86 -ENV_HZ HZ=100 +#ENV_HZ HZ=100 # For Linux/Alpha... #ENV_HZ HZ=1024 @@ -193,7 +196,7 @@ # PASS_MAX_DAYS 99999 PASS_MIN_DAYS 0 -PASS_MIN_LEN 5 +#PASS_MIN_LEN 5 PASS_WARN_AGE 7 # @@ -202,12 +205,12 @@ # to uid 0 accounts. If the group doesn't exist or is empty, no one # will be able to "su" to uid 0. # -SU_WHEEL_ONLY no +#SU_WHEEL_ONLY no # # If compiled with cracklib support, where are the dictionaries # -CRACKLIB_DICTPATH /var/cache/cracklib/cracklib_dict +#CRACKLIB_DICTPATH /usr/share/dict/cracklib_dict # # Min/max values for automatic uid selection in useradd @@ -234,12 +237,12 @@ # # Maximum number of attempts to change password if rejected (too easy) # -PASS_CHANGE_TRIES 5 +#PASS_CHANGE_TRIES 5 # # Warn about weak passwords (but still allow them) if you are root. # -PASS_ALWAYS_WARN yes +#PASS_ALWAYS_WARN yes # # Number of significant characters in the password for crypt(). @@ -251,7 +254,7 @@ # # Require password before chfn/chsh can make any changes. # -CHFN_AUTH yes +#CHFN_AUTH yes # # Which fields may be changed by regular users using chfn - use @@ -276,7 +279,7 @@ # Set to "no" if you need to copy encrypted passwords to other systems # which don't understand the new algorithm. Default is "no". # -#MD5_CRYPT_ENAB no +#MD5_CRYPT_ENAB yes # # List of groups to add to the user's supplementary group set @@ -299,7 +302,7 @@ # If this file exists and is readable, login environment will be # read from it. Every line should be in the form name=value. # -ENVIRON_FILE /etc/environment +#ENVIRON_FILE /etc/environment # # If defined, this command is run when removing a user.