guix-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] system: Make PAM use SHA-512 to encrypt passwords.

From: 宋文武
Subject: Re: [PATCH] system: Make PAM use SHA-512 to encrypt passwords.
Date: Sat, 22 Aug 2015 23:01:19 +0800
User-agent: Notmuch/0.19 (http://notmuchmail.org) Emacs/24.5.1 (x86_64-unknown-linux-gnu) 
宋文武 <address@hidden> writes:

> Fixes <https://bugs.gnu.org/21318>.
>
> * gnu/system/linux.scm (unix-pam-service)[password]: Add 'sha512'
>   to arguments.
> ---
>  gnu/system/linux.scm | 5 ++++-
>  1 file changed, 4 insertions(+), 1 deletion(-)
>
> diff --git a/gnu/system/linux.scm b/gnu/system/linux.scm
> index aaaa8c6..cc2eabe 100644
> --- a/gnu/system/linux.scm
> +++ b/gnu/system/linux.scm
> @@ -148,7 +148,10 @@ should be the name of a file used as the 
> message-of-the-day."
>                            (module "pam_unix.so")
>                            (arguments '("nullok")))
>                           unix)))
> -         (password (list unix))
> +         (password (list (pam-entry
> +                          (control "required")
> +                          (module "pam_unix.so")
> +                          (arguments '("sha512")))))
To store the hashed passwords in '/etc/shadow' (0600) instead of
'/etc/passwd' (0644), we should add 'shadow' to arguments too.
>           (session (if motd
>                        (list unix
>                              (pam-entry
> -- 
> 2.4.3
reply via email to
[Prev in Thread] Current Thread [Next in Thread]