File shadow-login_defs-comments.patch of Package shadow.29817

Overview Repositories Revisions Requests Users Attributes Meta

File shadow-login_defs-comments.patch of Package shadow.29817

Improve comments in login.defs.

Index: etc/login.defs
===================================================================
--- etc/login.defs.orig
+++ etc/login.defs
@@ -3,8 +3,6 @@
 # Some variables are used by login(1), su(1) and runuser(1) from util-linux
 # package as well pam pam_unix(8) from pam package.
 #
-#	$Id$
-#
 
 #
 # Delay in seconds before being allowed another attempt after a login failure
@@ -23,15 +21,6 @@ LOG_UNKFAIL_ENAB	no
 #
 
 #
-# Limit the highest user ID number for which the lastlog entries should
-# be updated.
-#
-# No LASTLOG_UID_MAX means that there is no user ID limit for writing
-# lastlog entries.
-#
-#LASTLOG_UID_MAX
-
-#
 # Enable "syslog" logging of newgrp(1) and sg(1) activity - in addition
 # to sulog file logging.
 #
@@ -46,6 +35,15 @@ CONSOLE		/etc/securetty
 #CONSOLE	console:tty01:tty02:tty03:tty04
 
 #
+# Limit the highest user ID number for which the lastlog entries should
+# be updated.
+#
+# No LASTLOG_UID_MAX means that there is no user ID limit for writing
+# lastlog entries.
+#
+#LASTLOG_UID_MAX
+
+#
 # If defined, all su(1) activity is logged to this file.
 #
 #SULOG_FILE	/var/log/sulog
@@ -99,11 +97,14 @@ ENV_PATH	/bin:/usr/bin
 ENV_ROOTPATH	/sbin:/bin:/usr/sbin:/usr/bin
 #ENV_SUPATH	/sbin:/bin:/usr/sbin:/usr/bin
 
-# If this variable is set to "yes", su will always set path. every su
-# call will overwrite the PATH variable.
+# If this variable is set to "yes" (default is "no"), su will always set
+# path. every su call will overwrite the PATH variable.
 #
 # Per default, only "su -" will set a new PATH.
 #
+# The recommended value is "yes". The default "no" behavior could have
+# a security implication in applications that use commands without path.
+#
 ALWAYS_SET_PATH	no
 
 #
@@ -148,6 +149,11 @@ PASS_WARN_AGE	7
 #
 # Min/max values for automatic uid selection in useradd(8)
 #
+# SYS_UID_MIN to SYS_UID_MAX inclusive is the range for
+# UIDs for dynamically allocated administrative and system accounts.
+# UID_MIN to UID_MAX inclusive is the range of UIDs of dynamically
+# allocated user accounts.
+#
 UID_MIN			 1000
 UID_MAX			60000
 # System accounts
@@ -161,6 +167,11 @@ SUB_UID_COUNT		    65536
 #
 # Min/max values for automatic gid selection in groupadd(8)
 #
+# SYS_GID_MIN to SYS_GID_MAX inclusive is the range for
+# GIDs for dynamically allocated administrative and system groups.
+# GID_MIN to GID_MAX inclusive is the range of GIDs of dynamically
+# allocated groups.
+#
 GID_MIN			 1000
 GID_MAX			60000
 # System accounts
@@ -190,7 +201,6 @@ LOGIN_TIMEOUT		60
 CHFN_RESTRICT		rwh
 
 #
-# Only works if compiled with MD5_CRYPT defined:
 # If set to "yes", new passwords will be encrypted using the MD5-based
 # algorithm compatible with the one used by recent releases of FreeBSD.
 # It supports passwords of unlimited length and longer salt strings.
@@ -205,7 +215,6 @@ CHFN_RESTRICT		rwh
 #MD5_CRYPT_ENAB	no
 
 #
-# Only works if compiled with ENCRYPTMETHOD_SELECT defined:
 # If set to MD5, MD5-based algorithm will be used for encrypting password
 # If set to SHA256, SHA256-based algorithm will be used for encrypting password
 # If set to SHA512, SHA512-based algorithm will be used for encrypting password

Places

File shadow-login_defs-comments.patch of Package shadow.29817

Places