From 1be510f9529cb082f802408b472a77d074b394c0 Mon Sep 17 00:00:00 2001 From: Nicolas Vigier Date: Sun, 14 Apr 2013 13:46:12 +0000 Subject: Add zarb MLs html archives --- zarb-ml/mageia-sysadm/2011-January/002305.html | 294 +++++++++++++++++++++++++ 1 file changed, 294 insertions(+) create mode 100644 zarb-ml/mageia-sysadm/2011-January/002305.html (limited to 'zarb-ml/mageia-sysadm/2011-January/002305.html') diff --git a/zarb-ml/mageia-sysadm/2011-January/002305.html b/zarb-ml/mageia-sysadm/2011-January/002305.html new file mode 100644 index 000000000..8774040be --- /dev/null +++ b/zarb-ml/mageia-sysadm/2011-January/002305.html @@ -0,0 +1,294 @@ + + + + [Mageia-sysadm] [863] add shadow module for login.defs + + + + + + + + + +

[Mageia-sysadm] [863] add shadow module for login.defs

+ root at mageia.org + root at mageia.org +
+ Thu Jan 20 19:21:17 CET 2011 +

+
+ +
Revision: 863
+Author:   boklm
+Date:     2011-01-20 19:21:17 +0100 (Thu, 20 Jan 2011)
+Log Message:
+-----------
+add shadow module for login.defs
+
+Added Paths:
+-----------
+    puppet/deployment/shadow/
+    puppet/deployment/shadow/files/
+    puppet/deployment/shadow/files/login.defs
+    puppet/deployment/shadow/manifests/
+    puppet/deployment/shadow/manifests/init.pp
+
+Added: puppet/deployment/shadow/files/login.defs
+===================================================================
+--- puppet/deployment/shadow/files/login.defs	                        (rev 0)
++++ puppet/deployment/shadow/files/login.defs	2011-01-20 18:21:17 UTC (rev 863)
+@@ -0,0 +1,193 @@
++# *REQUIRED*
++#   Directory where mailboxes reside, _or_ name of file, relative to the
++#   home directory.  If you _do_ define both, MAIL_DIR takes precedence.
++#   QMAIL_DIR is for Qmail
++#
++#QMAIL_DIR	Maildir
++MAIL_DIR	/var/spool/mail
++#MAIL_FILE	.mail
++
++# Password aging controls:
++#
++#	PASS_MAX_DAYS	Maximum number of days a password may be used.
++#	PASS_MIN_DAYS	Minimum number of days allowed between password changes.
++#	PASS_MIN_LEN	Minimum acceptable password length.
++#	PASS_WARN_AGE	Number of days warning given before a password expires.
++#
++PASS_MAX_DAYS	99999
++PASS_MIN_DAYS	0
++#PASS_MIN_LEN	5
++PASS_WARN_AGE	7
++
++#
++# Min/max values for automatic uid selection in useradd
++#
++UID_MIN			  500
++UID_MAX			60000
++
++#
++# Min/max values for automatic gid selection in groupadd
++#
++GID_MIN			  500
++GID_MAX			60000
++
++#
++# If defined, this command is run when removing a user.
++# It should remove any at/cron/print jobs etc. owned by
++# the user to be removed (passed as the first argument).
++#
++# USERDEL_CMD	/usr/sbin/userdel_local
++
++#
++# If useradd should create home directories for users by default
++# On RH systems, we do. This option is ORed with the -m flag on
++# useradd command line.
++#
++CREATE_HOME	yes
++
++#
++# The password hashing method and iteration count to use for group
++# passwords that may be set with gpasswd(1).
++#
++CRYPT_PREFIX            $2a$
++CRYPT_ROUNDS            8
++
++#
++# Whether to use tcb password shadowing scheme.  Use 'yes' if using
++# tcb and 'no' if using /etc/shadow
++#
++USE_TCB                 no
++
++#
++# Whether newly created tcb-style shadow files should be readable by
++# group "auth".
++#
++TCB_AUTH_GROUP          yes
++
++#
++# Whether useradd should create symlinks rather than directories under
++# /etc/tcb for newly created accounts with UIDs over 1000.  See tcb(5)
++# for information on why this may be needed.
++#
++TCB_SYMLINKS            no
++
++#
++# Delay in seconds before being allowed another attempt after a login failure
++#
++FAIL_DELAY		3
++
++#
++# Enable display of unknown usernames when login failures are recorded.
++#
++LOG_UNKFAIL_ENAB	no
++
++#
++# Enable logging of successful logins
++#
++LOG_OK_LOGINS		no
++
++#
++# Enable "syslog" logging of su activity - in addition to sulog file logging.
++# SYSLOG_SG_ENAB does the same for newgrp and sg.
++#
++SYSLOG_SU_ENAB		yes
++SYSLOG_SG_ENAB		yes
++
++#
++# If defined, either full pathname of a file containing device names or
++# a ":" delimited list of device names.  Root logins will be allowed only
++# upon these devices.
++#
++CONSOLE		/etc/securetty
++#CONSOLE	console:tty01:tty02:tty03:tty04
++
++#
++# If defined, the command name to display when running "su -".  For
++# example, if this is defined as "su" then a "ps" will display the
++# command is "-su".  If not defined, then "ps" would display the
++# name of the shell actually being run, e.g. something like "-sh".
++#
++SU_NAME		su
++
++#
++# If defined, file which inhibits all the usual chatter during the login
++# sequence.  If a full pathname, then hushed mode will be enabled if the
++# user's name or shell are found in the file.  If not a full pathname, then
++# hushed mode will be enabled if the file exists in the user's home directory.
++#
++HUSHLOGIN_FILE	.hushlogin
++#HUSHLOGIN_FILE	/etc/hushlogins
++
++#
++# *REQUIRED*  The default PATH settings, for superuser and normal users.
++#
++# (they are minimal, add the rest in the shell startup files)
++ENV_SUPATH	PATH=/sbin:/bin:/usr/sbin:/usr/bin
++ENV_PATH	PATH=/bin:/usr/bin
++
++#
++# Terminal permissions
++#
++#	TTYGROUP	Login tty will be assigned this group ownership.
++#	TTYPERM		Login tty will be set to this permission.
++#
++# If you have a "write" program which is "setgid" to a special group
++# which owns the terminals, define TTYGROUP to the group number and
++# TTYPERM to 0620.  Otherwise leave TTYGROUP commented out and assign
++# TTYPERM to either 622 or 600.
++#
++TTYGROUP	tty
++TTYPERM		0600
++
++#
++# Login configuration initializations:
++#
++#	ERASECHAR	Terminal ERASE character ('\010' = backspace).
++#	KILLCHAR	Terminal KILL character ('\025' = CTRL/U).
++#	UMASK		Default "umask" value.
++#	ULIMIT		Default "ulimit" value.
++#
++# The ERASECHAR and KILLCHAR are used only on System V machines.
++# The ULIMIT is used only if the system supports it.
++# (now it works with setrlimit too; ulimit is in 512-byte units)
++#
++# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
++#
++ERASECHAR	0177
++KILLCHAR	025
++UMASK		022
++#ULIMIT		2097152
++
++#
++# Max number of login retries if password is bad
++#
++LOGIN_RETRIES		5
++
++#
++# Max time in seconds for login
++#
++LOGIN_TIMEOUT		60
++
++#
++# Which fields may be changed by regular users using chfn - use
++# any combination of letters "frwh" (full name, room number, work
++# phone, home phone).  If not defined, no changes are allowed.
++# For backward compatibility, "yes" = "rwh" and "no" = "frwh".
++# 
++CHFN_RESTRICT		rwh
++
++#
++# Should login be allowed if we can't cd to the home directory?
++# Default in no.
++#
++DEFAULT_HOME	yes
++
++#
++# Enable setting of the umask group bits to be the same as owner bits
++# (examples: 022 -> 002, 077 -> 007) for non-root users, if the uid is
++# the same as gid, and username is the same as the primary group name.
++#
++# This also enables userdel to remove user groups if no members exist.
++#
++USERGROUPS_ENAB yes
++
+
+Added: puppet/deployment/shadow/manifests/init.pp
+===================================================================
+--- puppet/deployment/shadow/manifests/init.pp	                        (rev 0)
++++ puppet/deployment/shadow/manifests/init.pp	2011-01-20 18:21:17 UTC (rev 863)
+@@ -0,0 +1,8 @@
++class shadow {
++    file {"/etc/login.defs":
++    	owner => 'root',
++	group => 'shadow',
++    	mode => 640,
++	source => 'shadow/login.defs',
++    }
++}
+-------------- next part --------------
+An HTML attachment was scrubbed...
+URL: </pipermail/mageia-sysadm/attachments/20110120/a10cdbae/attachment-0001.html>
+
+ + + + + + + + + + + +
+

+ +
+More information about the Mageia-sysadm +mailing list
+ -- cgit v1.2.1