[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] system: Make PAM use SHA-512 to encrypt passwords.
From: |
宋文武 |
Subject: |
Re: [PATCH] system: Make PAM use SHA-512 to encrypt passwords. |
Date: |
Sat, 22 Aug 2015 23:01:19 +0800 |
User-agent: |
Notmuch/0.19 (http://notmuchmail.org) Emacs/24.5.1 (x86_64-unknown-linux-gnu) |
宋文武 <address@hidden> writes:
> Fixes <https://bugs.gnu.org/21318>.
>
> * gnu/system/linux.scm (unix-pam-service)[password]: Add 'sha512'
> to arguments.
> ---
> gnu/system/linux.scm | 5 ++++-
> 1 file changed, 4 insertions(+), 1 deletion(-)
>
> diff --git a/gnu/system/linux.scm b/gnu/system/linux.scm
> index aaaa8c6..cc2eabe 100644
> --- a/gnu/system/linux.scm
> +++ b/gnu/system/linux.scm
> @@ -148,7 +148,10 @@ should be the name of a file used as the
> message-of-the-day."
> (module "pam_unix.so")
> (arguments '("nullok")))
> unix)))
> - (password (list unix))
> + (password (list (pam-entry
> + (control "required")
> + (module "pam_unix.so")
> + (arguments '("sha512")))))
To store the hashed passwords in '/etc/shadow' (0600) instead of
'/etc/passwd' (0644), we should add 'shadow' to arguments too.
> (session (if motd
> (list unix
> (pam-entry
> --
> 2.4.3