Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Shadow file password policy
Operating Systems Linux Red Hat Shadow file password policy Post 302458554 by zaxxon on Friday 1st of October 2010 05:18:49 AM
Old 10-01-2010
Maybe I should read what I copy and paste to it's full length. I do not know other means they talk about or at least did not try any out - maybe another member of the forum can give you the answer or you just try out yourself some available to you.
Maybe using PAM and bypassing normal Unix login methods, idk.

To check the maximal value of a gid, I guess you take a look into your distributions header files in /usr/include (I checked on a Debian Linux):
Code:
somebox:/usr/include/bits> grep -i gid typesizes.h
#define __GID_T_TYPE            __U32_TYPE
somebox:/usr/include/bits> grep __U32_TYPE types.h
#define __U32_TYPE              unsigned int
__STD_TYPE __U32_TYPE __socklen_t;

I am not totally sure but I think that is what defines the max for the gid in the system. On a 32-bit system this would 2^32-1 ie. 4294967295 afaik.
Just out of curiosity - why do you need to know that?
 

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

I want to append password in /etc/shadow file

Hi, I want to append password into /etc/shadow file using a shell script. My below script does add the users to both /etc/passwd and /etc/shadow but how can I add the hordcoded passwords to /etc/shadow file can some one help me ? # To add the groups into /etc/group file for a_user... (5 Replies)
Discussion started by: modgil
5 Replies

2. UNIX for Dummies Questions & Answers

shadow file after a password reset

hi, I had to reset a lost root password by editing the /etc/passwd and /etc/shadow files ( this is a xen vm file, so i mounted and chrooted the file ) after the reboot with an empty password on root , i have set a new password with passwd but it only changed the /etc/passwd file.... (0 Replies)
Discussion started by: progressdll
0 Replies

3. Solaris

Password Recovery From /etc/shadow file

Is it possible to reset a normal user password , by editing password field in /etc/shadow file? Thanks (6 Replies)
Discussion started by: ksvaisakh
6 Replies

4. Solaris

Password policy problem ??

Hi Solaris's expert I need to change user password on Solaris10 2 servers. With the same password I can change it just only one. Try to check everything but not found difference?? password pattern: abcdeFgh9Jk server1 check all characters but server2 check only first 8 characters.Why??... (10 Replies)
Discussion started by: arm_naja
10 Replies

5. Red Hat

NIS password policy

Hi, I am running NIS server on redhat linux 5 and I want to implement password restrictions for the yppasswd, how can I do it.Please help me. I can implement password restriction for passwd by configuring /etc/pam.d/system-auth and setting crack_lib.so but I don't know how to implent the same... (3 Replies)
Discussion started by: ktrimu
3 Replies

6. Solaris

password policy for new user

hi folk, i try to setup a new password policy for our solaris box user, below are the /etc/default/passwd/, but then when i tried to create a user, it didn't ask for numeric character, and the new password also didn't ask for special characters. # useradd testing # passwd testing New... (7 Replies)
Discussion started by: dehetoxic
7 Replies

7. Shell Programming and Scripting

how to remove the non : characters after the password in shadow file?

On SPARC Solaris 10. I set the app account so it's expired. I also want it so not required to change password at first login, I can do this by removing the numbers after the password in /etc/shadow. example using user1 The /etc/shadow file looks like this: user1:kOmcVXAImRTAY:0::::90:: ... (8 Replies)
Discussion started by: TKD
8 Replies

8. UNIX for Dummies Questions & Answers

Using the encrypted password of the shadow file

i have an application that uses the encrypted password that's in the /etc/shadow file. i copied the line for the particular username i was interested it in from shadow file and i pasted it into the password file of the application. the application is nagios. this application allowed that... (5 Replies)
Discussion started by: SkySmart
5 Replies

9. Ubuntu

Password Expiration Policy

Hello Team, I am using Lubuntu & have DRBL remote boot setup with open Ldap authentication. Currently there is no password expire policy. I want to set Password Policy so that user's password will expire after a month & they will get prompt to change their password. Using PAM we can do it,... (1 Reply)
Discussion started by: paragnehete
1 Replies

10. AIX

Password Policy

I need help. I have set a password policy. But I want to dis allow setting user name as password. My policy is as below... min length =8 min diff=2 min alpha=2 max repeats=2 dictionary= /usr/share/dict/words Still user can set his username as password (i.e. Jackie1234). Code tags for... (11 Replies)
Discussion started by: powerAIX
11 Replies

LEARN ABOUT DEBIAN

pure-authd

pure-authd(8)							     Pure-FTPd							     pure-authd(8)

NAME

       pure-authd - External authentication agent for Pure-FTPd.

SYNTAX

       pure-authd [-p </path/to/pidfile>] [-u uid] [-g gid] [-B] <-s /path/to/socket> -r /program/to/run

DESCRIPTION

       pure-authd is a daemon that forks an authentication program, waits for an authentication reply, and feed them to an application server.

       pure-authd listens to a local Unix socket. A new connection to that socket should feed pure-authd the following structure :

	      account:xxx

	      password:xxx

	      localhost:xxx

	      localport:xxx

	      peer:xxx

	      end

       (replace  xxx  with  appropriate  values) . localhost, localport and peer are numeric IP addresses and ports. peer is the IP address of the
       remote client.

       These arguments are passed to the authentication program, as environment variables :

	      AUTHD_ACCOUNT

	      AUTHD_PASSWORD

	      AUTHD_LOCAL_IP

	      AUTHD_LOCAL_PORT

	      AUTHD_REMOTE_IP

	      AUTHD_ENCRYPTED

       The authentication program should take appropriate actions to fetch account info according to these arguments, and reply  to  the  standard
       output a structure like the following one :

	      auth_ok:1

	      uid:42

	      gid:21

	      dir:/home/j

	      end

       auth_ok:xxx
	      If  xxx is 0, the user was not found (the next authentication method passed to pure-ftpd will be tried) . If xxx is -1, the user was
	      found, but there was a fatal authentication error : user is root, password is wrong, account has expired, etc  (next  authentication
	      methods will not be tried) . If xxx is 1, the user was found and successfully authenticated.

       uid:xxx
	      The system uid to be assigned to that user. Must be > 0.

       gid:xxx
	      The primary system gid. Must be > 0.

       dir:xxx
	      The absolute path to the home directory. Can contain /./ for a chroot jail.

       slow_tilde_expansion:xxx (optional, default is 1)
	      When  the  command  'cd  ~user'  is  issued, it's handy to go to that user's home directory, as expected in a shell environment. But
	      fetching account info can be an expensive operation for non-system accounts. If xxx is 0, 'cd ~user' will expand to the system  user
	      home  directory.	If  xxx  is 1, 'cd ~user' won't expand. You should use 1 in most cases with external authentication, when your FTP
	      users don't match system users. You can also set xxx to 1 if you're using slow nss_* system authentication modules.

       throttling_bandwidth_ul:xxx (optional)
	      The allocated bandwidth for uploads, in bytes per second.

       throttling_bandwidth_dl:xxx (optional)
	      The allocated bandwidth for downloads, in bytes per second.

       user_quota_size:xxx (optional)
	      The maximal total size for this account, in bytes.

       user_quota_files:xxx (optional)
	      The maximal number of files for this account.

       ratio_upload:xxx (optional)

       radio_download:xxx (optional)
	      The user must match a ratio_upload:ratio_download ratio.

       Only one authentication program is forked at a time. It must return quickly.

OPTIONS

       -u <uid>
	      Have the daemon run with that uid.

       -g <gid>
	      Have the daemon run with that gid.

       -B     Fork in background (daemonization).

       -s </path/to/socket>
	      Set the full path to the local Unix socket.

       -R </path/to/program>
	      Set the full path to the authentication program.

       -h     Output help information and exit.

EXAMPLES

       To run this program the standard way type:

       pure-authd -s /var/run/ftpd.sock -r /usr/bin/my-auth-program &

       pure-ftpd -lextauth:/var/run/ftpd.sock &

       /usr/bin/my-auth-program can be as simple as :
	      #! /bin/sh

	      echo 'auth_ok:1'

	      echo 'uid:42'

	      echo 'gid:21'

	      echo 'dir:/home/j'

	      echo 'end'

AUTHORS

       Frank DENIS <j at pureftpd dot org>

SEE ALSO

       ftp(1), pure-ftpd(8) pure-ftpwho(8) pure-mrtginfo(8) pure-uploadscript(8) pure-statsdecode(8) pure-pw(8) pure-quotacheck(8) pure-authd(8)

       RFC 959, RFC 2389, RFC 2228 and RFC 2428.

Pure-FTPd team							      1.0.36							     pure-authd(8)
All times are GMT -4. The time now is 03:44 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy