- Cleanup login.defs and enable ENCRYPT_METHOD [bnc#802006]

OBS-URL: https://build.opensuse.org/package/show/Base:System/shadow?expand=0&rev=7

shadow-login_defs.diff

@@ -1,5 +1,5 @@
 --- etc/login.defs
-+++ etc/login.defs	2012/11/13 16:30:57
++++ etc/login.defs	2013/02/05 12:16:54
 @@ -1,8 +1,6 @@
  #
  # /etc/login.defs - Configuration control definitions for the shadow package.
@@ -260,7 +260,7 @@
  # Which fields may be changed by regular users using chfn - use
  # any combination of letters "frwh" (full name, room number, work
  # phone, home phone).  If not defined, no changes are allowed.
-@@ -277,13 +167,6 @@
+@@ -277,29 +167,6 @@
  CHFN_RESTRICT		rwh
  
  #
@@ -271,10 +271,35 @@
 -#LOGIN_STRING		"%s's Password: "
 -
 -#
- # Only works if compiled with MD5_CRYPT defined:
- # If set to "yes", new passwords will be encrypted using the MD5-based
- # algorithm compatible with the one used by recent releases of FreeBSD.
-@@ -345,16 +228,12 @@
+-# Only works if compiled with MD5_CRYPT defined:
+-# If set to "yes", new passwords will be encrypted using the MD5-based
+-# algorithm compatible with the one used by recent releases of FreeBSD.
+-# It supports passwords of unlimited length and longer salt strings.
+-# Set to "no" if you need to copy encrypted passwords to other systems
+-# which don't understand the new algorithm.  Default is "no".
+-#
+-# Note: If you use PAM, it is recommended to use a value consistent with
+-# the PAM modules configuration.
+-#
+-# This variable is deprecated. You should use ENCRYPT_METHOD.
+-#
+-#MD5_CRYPT_ENAB	no
+-
+-#
+-# Only works if compiled with ENCRYPTMETHOD_SELECT defined:
+ # If set to MD5 , MD5-based algorithm will be used for encrypting password
+ # If set to SHA256, SHA256-based algorithm will be used for encrypting password
+ # If set to SHA512, SHA512-based algorithm will be used for encrypting password
+@@ -309,7 +176,7 @@
+ # Note: If you use PAM, it is recommended to use a value consistent with
+ # the PAM modules configuration.
+ #
+-#ENCRYPT_METHOD DES
++ENCRYPT_METHOD SHA512
+ 
+ #
+ # Only works if ENCRYPT_METHOD is set to SHA256 or SHA512.
+@@ -345,16 +212,12 @@
  DEFAULT_HOME	yes
  
  #
@@ -293,7 +318,7 @@
  #USERDEL_CMD	/usr/sbin/userdel_local
  
  #
-@@ -364,7 +243,7 @@
+@@ -364,7 +227,7 @@
  #
  # This also enables userdel to remove user groups if no members exist.
  #
@@ -302,7 +327,7 @@
  
  #
  # If set to a non-nul number, the shadow utilities will make sure that
-@@ -383,5 +262,41 @@
+@@ -383,5 +246,41 @@
  # This option is overridden with the -M or -m flags on the useradd command
  # line.
  #

shadow.changes

@@ -1,3 +1,8 @@
+-------------------------------------------------------------------
+Tue Feb  5 13:19:46 CET 2013 - kukuk@suse.de
+
+- Cleanup login.defs and enable ENCRYPT_METHOD [bnc#802006]
+
 -------------------------------------------------------------------
 Tue Nov 13 17:31:50 CET 2012 - kukuk@suse.de
 

shadow.spec

@@ -1,7 +1,7 @@
 #
 # spec file for package shadow
 #
-# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed