Web Analytics
Privacy Policy Cookie Policy Terms and Conditions Linux Shadow Password HOWTO: Compiling the programs. Next Previous Contents

4. Compiling the programs.

4.1 Unpacking the archive.

The first step after retrieving the package is unpacking it. The package is in the tar (tape archive) format and compressed using gzip, so first move it to /usr/src, then type:

tar -xzvf shadow-current.tar.gz

This will unpack it into the directory: /usr/src/shadow-YYMMDD

4.2 Configuring with the config.h file

The first thing that you need to do is to copy over the Makefile and the config.h file:

cd /usr/src/shadow-YYMMDD
cp Makefile.linux Makefile
cp config.h.linux config.h

You should then take a look at the config.h file. This file contains definitions for some of the configuration options. If you are using the recommended package, I recommend that you disable group shadow support for your first time around.

By default shadowed group passwords are enabled. To disable these edit the config.h file, and change the #define SHADOWGRP to #undef SHADOWGRP. I recommend that you disable them to start with, and then if you really want group passwords and group administrators that you enable it later and recompile. If you leave it enabled, you must create the file /etc/gshadow.

Enabling the long passwords option is NOT recommended as discussed above.

Do NOT change the setting: #undef AUTOSHADOW

The AUTOSHADOW option was originally designed so that programs that were shadow ignorant would still function. This sounds good in theory, but does not work correctly. If you enable this option, and the program runs as root, it may call getpwnam() as root, and later write the modified entry back to the /etc/passwd file (with the no-longer-shadowed password). Such programs include chfn and chsh. (You can't get around this by swapping real and effective uid before calling getpwnam() because root may use chfn and chsh too.)

The same warning is also valid if you are building libc, it has a SHADOW_COMPAT option which does the same thing. It should NOT be used! If you start getting encoded passwords back in your /etc/passwd file, this is the problem.

If you are using a libc version prior to 4.6.27, you will need to make a couple more changes to config.h and the Makefile. To config.h edit and change:

#define HAVE_BASENAME
to:
#undef HAVE_BASENAME
And then in the Makefile, change:

SOBJS = smain.o env.o entry.o susetup.o shell.o \
        sub.o mail.o motd.o sulog.o age.o tz.o hushed.o

SSRCS = smain.c env.c entry.c setup.c shell.c \
        pwent.c sub.c mail.c motd.c sulog.c shadow.c age.c pwpack.c rad64.c \
        tz.c hushed.c
SOBJS = smain.o env.o entry.o susetup.o shell.o \
        sub.o mail.o motd.o sulog.o age.o tz.o hushed.o basename.o

SSRCS = smain.c env.c entry.c setup.c shell.c \
        pwent.c sub.c mail.c motd.c sulog.c shadow.c age.c pwpack.c rad64.c \
        tz.c hushed.c basename.c
These changes add the code contained in basename.c which is contained in libc 4.6.27 and later.

4.3 Making backup copies of your original programs.

It would also be a good idea to track down and make backup copies of the programs that the shadow suite will replace. On a Slackware 3.0 system these are:

The BETA package has a save target in the Makefile, but it's commented out because different distributions place the programs in different places.

You should also make a backup copy of your /etc/passwd file, but be careful to name it something else if you place it in the same directory so you don't overwrite the passwd command.

4.4 Running make

You need to be logged as root to do most of the installation.

Run make to compile the executables in the package:

make all

You may see the warning: rcsid defined but not used. This is fine, it just happens because the author is using a version control package.


Next Previous Contents