The first step after retrieving the package is unpacking it. The package
is in the tar (tape archive) format and compressed using gzip, so first move
it to /usr/src, then type:
tar -xzvf shadow-current.tar.gz
This will unpack it into the directory: /usr/src/shadow-YYMMDD
The first thing that you need to do is to copy over the Makefile
and the config.h file:
cd /usr/src/shadow-YYMMDD
cp Makefile.linux Makefile
cp config.h.linux config.h
You should then take a look at the config.h file. This file
contains definitions for some of the configuration options. If you are
using the recommended package, I recommend that you disable group
shadow support for your first time around.
By default shadowed group passwords are enabled. To disable these edit the
config.h file, and change the #define SHADOWGRP to
#undef SHADOWGRP. I recommend that you disable them to start
with, and then if you really want group passwords and group administrators
that you enable it later and recompile. If you leave it enabled, you
must create the file /etc/gshadow.
Enabling the long passwords option is NOT recommended as discussed above.
Do NOT change the setting: #undef AUTOSHADOW
The AUTOSHADOW option was originally designed so that programs
that were shadow ignorant would still function. This sounds good in theory,
but does not work correctly. If you enable this option, and the program runs
as root, it may call getpwnam() as root, and later write the modified
entry back to the /etc/passwd file (with the no-longer-shadowed
password). Such programs include chfn and chsh. (You can't get around
this by swapping real and effective uid before calling getpwnam()
because root may use chfn and chsh too.)
The same warning is also valid if you are building libc, it has a
SHADOW_COMPAT option which does the same thing. It should
NOT be used! If you start getting encoded passwords back in your
/etc/passwd file, this is the problem.
If you are using a libc version prior to 4.6.27, you will need to
make a couple more changes to config.h and the Makefile.
To config.h edit and change:
#define HAVE_BASENAME
#undef HAVE_BASENAME
Makefile, change:
SOBJS = smain.o env.o entry.o susetup.o shell.o \
sub.o mail.o motd.o sulog.o age.o tz.o hushed.o
SSRCS = smain.c env.c entry.c setup.c shell.c \
pwent.c sub.c mail.c motd.c sulog.c shadow.c age.c pwpack.c rad64.c \
tz.c hushed.c
SOBJS = smain.o env.o entry.o susetup.o shell.o \
sub.o mail.o motd.o sulog.o age.o tz.o hushed.o basename.o
SSRCS = smain.c env.c entry.c setup.c shell.c \
pwent.c sub.c mail.c motd.c sulog.c shadow.c age.c pwpack.c rad64.c \
tz.c hushed.c basename.c
basename.c which is
contained in libc 4.6.27 and later.
It would also be a good idea to track down and make backup copies of the programs that the shadow suite will replace. On a Slackware 3.0 system these are:
The BETA package has a save target in the Makefile, but it's commented out because different distributions place the programs in different places.
You should also make a backup copy of your /etc/passwd file, but be
careful to name it something else if you place it in the same directory
so you don't overwrite the passwd command.
You need to be logged as root to do most of the installation.
Run make to compile the executables in the package:
make all
You may see the warning: rcsid defined but not used. This is fine,
it just happens because the author is using a version control package.