Since size is not a problem here, use libxcrypt to avoid algorithm
availability. Changed default to bcrypt as that's the strongest
supported by shadow-utils.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
If musl has no bcrypt:
passwd: failed to crypt password with salt '$2a$13$w8EJ0Yfz5bGsG4U/0m7bk/': Function not implemented
The password for root is unchanged.
glibc output as it has no bcrypt:
passwd: failed to crypt password with salt '$2a$13$xbpmAYmq6Q/rZN5jOlNxJZ': Invalid argument
The password for root is unchanged.
--without-bcrypt output:
Invalid ENCRYPT_METHOD value: 'BCRYPT'.
Defaulting to DES.
passwd: password changed.
The solution was tested on glibc despite using a musl specific variable
Still works.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Fixed license information.
Removed patch requiring autoreconf and replaced with a configure variable.
Removed faulty patch that broke systems without a disabled crypt size hack.
Replaced with using a SED command as well as bcrypt, which works in musl.
Removed su patch and converted it to a SED command in the Makefile.
Added new shadow utilities.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Busybox in default uses SHA512 as well.
On big ditribution this default is sourced from PAM. That means that
shadow reads pam settings and uses that. OpenWrt in most cases does not
have PAM installed and in such case shadow fallbacks to its own default
which is DES. This just changes that default to SHA512 which is
consistent with rest of the system.
Signed-off-by: Karel Kočí <karel.koci@nic.cz>
During 4.2.1 version update support for subordinate IDs has been
disabled. It was handled by:
1) Adding --disable-subordinate-ids to avoid:
configure: error: cannot run test program while cross compiling
2) Adding patch 003-fix-disabling-subids.patch to avoid:
usermod.c: In function 'process_flags':
usermod.c:1364:10: error: 'vflg' undeclared (first use in this function)
if ( (vflg || Vflg)
^
This commit adds a patch with a proper configure.in fix. We don't need
to disable subordinate IDs anymore.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
fix Makefile chmod (644)
replace MD5SUM with HASH
add PKG_MIRROR_HASH when PKG_SOURCE_PROTO:=git
(PKG_SOURCE_PROTO:=svn tarballs are not reproducible for now)
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
If you have a firstboot script which seeds a passwd based on
run-time information (like MAC addresses, hostname, etc) then
you need to be able to pass in a cleartext string via chpasswd.
Other applets are similarly potentially useful in other corner
cases.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
The "+ALL:shadow" dependency causes conflict with passwd utility
as it is provided by busybox in the default configuration.
Signed-off-by: Gergely Kiss <mail.gery@gmail.com>
Include nls.mk rather than explicitly using the stub versions.
This allows to make the packages depend on the full versions
of libiconv & libintl and thus to have full language support.
Signed-off-by: Gergely Kiss <mail.gery@gmail.com>
Rosen Penev
Karel Kočí
Jan Pavlinec
Rafał Miłecki
Etienne Champetier
Philip Prindeville
Pelle Johnsen
Gergely Kiss
Steven Barth
Ted Hess