  Linux Shadow Password HOWTO
  Michael H. Jackson, mmhhjjaacckk@@ttssccnneett..ccoomm
  v1.3, 04 March 1996

  This document aims to describe how to obtain, install, and configure
  the Linux password _S_h_a_d_o_w _S_u_i_t_e. It also discusses obtaining, and
  reinstalling other software and network daemons that require access to
  user passwords.  This other software is not actually part of the
  Shadow Suite, but these programs will need to be recompiled to support
  the _S_h_a_d_o_w _S_u_i_t_e.  This document also contains a programming example
  for adding shadow support to a program.  Answers to some of the more
  frequently asked questions are included near the end of this document.

  11..  IInnttrroodduuccttiioonn..

  This is the Linux Shadow-Password-HOWTO.  This document describes why
  and how to add shadow password support on a Linux system.  Some
  examples of how to use some of the _S_h_a_d_o_w _S_u_i_t_e_'_s features is also
  included.

  When installing the _S_h_a_d_o_w _S_u_i_t_e and when using many of the utility
  programs, you must be logged in as _r_o_o_t.  When installing the _S_h_a_d_o_w
  _S_u_i_t_e you will be making changes to system software, and it is highly
  recommended that you make backup copies of programs as indicated.  I
  also recommend that you read and understand all the instructions
  before you begin.


  11..11..  CChhaannggeess ffrroomm tthhee pprreevviioouuss rreelleeaassee..


  Additions:
          Added a sub-section on why you might not want to install shadow
          Added a sub-section on updating the xdm program
          Added a section on how to put Shadow Suite features to work
          Added a section containing frequently asked questions

  Corrections/Updates:
          Corrected html references on Sunsite
          Corrected section on wu-ftp to reflect adding -lshadow to the Makefile
          Corrected minor spelling and verbiage errors
          Changed section on wu-ftpd to support ELF
          Updated to reflect security problems in various login programs
          Updated to recommend the Linux Shadow Suite by Marek Michalkiewicz




  11..22..  NNeeww vveerrssiioonnss ooff tthhiiss ddooccuummeenntt..

  The latest released version of this document can always be retrieved
  by anonymous FTP from:

  ssuunnssiittee..uunncc..eedduu

  /pub/Linux/docs/HOWTO/Shadow-Password-HOWTO


  or:

  /pub/Linux/docs/HOWTO/other-formats/Shadow-Password-HOWTO{-html.tar,ps,dvi}.gz



  or via the World Wide Web from the Linux Documentation Project Web
  Server <hhttttpp::////ssuunnssiittee..uunncc..eedduu//mmddww//lliinnuuxx..hhttmmll>, at page: Shadow-
  Password-HOWTO <hhttttpp::////ssuunnssiittee..uunncc..eedduu//lliinnuuxx//HHOOWWTTOO//SShhaaddooww--PPaasssswwoorrdd--
  HHOOWWTTOO..hhttmmll> or directly from me, <<mmhhjjaacckk@@ttssccnneett..ccoomm>>. It will also be
  posted to the newsgroup: ccoommpp..ooss..lliinnuuxx..aannsswweerrss


  11..33..  FFeeeeddbbaacckk..

  Please send any comments, updates, or suggestions to me: Michael H.
  Jackson <mhjack@tscnet.com>  The sooner I get feedback, the sooner I
  can update and correct this document.  If you find any problems with
  it, please mail me directly as I very rarely stay up-to-date on the
  newsgroups.


  22..  WWhhyy sshhaaddooww yyoouurr ppaasssswwdd ffiillee??

  By default, most current Linux distributions do not contain the _S_h_a_d_o_w
  _S_u_i_t_e installed.  This includes Slackware 2.3, Slackware 3.0, and
  other popular distributions.  One of the reasons for this is that the
  copyright notices in the original _S_h_a_d_o_w _S_u_i_t_e were not clear on
  redistribution if a fee was charged.  Linux uses a GNU Copyright
  (sometimes refereed to as a Copyleft) that allows people to package it
  into a convenient package (like a CD-ROM distribution) and charge a
  fee for it.

  The current maintainer of the _S_h_a_d_o_w _S_u_i_t_e, Marek Michalkiewicz
  <marekm@i17linuxb.ists.pwr.wroc.pl> received the source code from the
  original author under a BSD style copyright that allowed
  redistribution.   Now that the copyright issues are resolved, it is
  expected that future distributions will contain password shadowing by
  default.  Until then, you will need to install it yourself.

  If you installed your distribution from a CD-ROM, you may find that,
  even though the distribution did not have the _S_h_a_d_o_w _S_u_i_t_e installed,
  some of the files you need to install the _S_h_a_d_o_w _S_u_i_t_e may be on the
  CD-ROM.

  _H_o_w_e_v_e_r_, _S_h_a_d_o_w _S_u_i_t_e _v_e_r_s_i_o_n_s _3_._3_._1_, _3_._3_._1_-_2_, _a_n_d _s_h_a_d_o_w_-_m_k _a_l_l _h_a_v_e
  _s_e_c_u_r_i_t_y _p_r_o_b_l_e_m_s _w_i_t_h _t_h_e_i_r _l_o_g_i_n _p_r_o_g_r_a_m _a_n_d _s_e_v_e_r_a_l _o_t_h_e_r _s_u_i_d _r_o_o_t
  _p_r_o_g_r_a_m_s _t_h_a_t _c_a_m_e _w_i_t_h _t_h_e_m_, _a_n_d _s_h_o_u_l_d _n_o _l_o_n_g_e_r _b_e _u_s_e_d_.

  All of the necessary files may be obtained via anonymous FTP or
  through the World Wide Web.

  On a Linux system without the _S_h_a_d_o_w _S_u_i_t_e installed, user information
  including passwords is stored in the //eettcc//ppaasssswwdd file.  The password
  is stored in an _e_n_c_r_y_p_t_e_d format.  If you ask a cryptography expert,
  however, he or she will tell you that the password is actually in an
  _e_n_c_o_d_e_d rather than _e_n_c_r_y_p_t_e_d format because when using crypt(3), the
  text is set to null and the password is the key.  Therefore, from here
  on, I will use the term _e_n_c_o_d_e_d in this document.

  The algorithm used to encode the password field is technically
  referred to as a _o_n_e _w_a_y _h_a_s_h _f_u_n_c_t_i_o_n.  This is an algorithm that is
  easy to compute in one direction, but very difficult to calculate in
  the reverse direction.  More about the actual algorithm used can be
  found in section 2.4 or your crypt(3) manual page.

  When a user picks or is assigned a password, it is encoded with a
  randomly generated value called the _s_a_l_t.  This means that any
  particular password could be stored in 4096 different ways.  The _s_a_l_t
  value is then stored with the encoded password.

  When a user logs in and supplies a password, the _s_a_l_t is first
  retrieved from the stored encoded password.  Then the supplied
  password is _e_n_c_o_d_e_d with the _s_a_l_t value, and then compared with the
  _e_n_c_o_d_e_d password.  If there is a match, then the user is
  authenticated.

  It is computationally difficult (but not impossible) to take a
  randomly _e_n_c_o_d_e_d password and recover the original password.  However,
  on any system with more than just a few users, at least some of the
  passwords will be common words (or simple variations of common words).

  System crackers know all this, and will simply encrypt a dictionary of
  words and common passwords using all possible 4096 _s_a_l_t values.  Then
  they will compare the encoded passwords in your //eettcc//ppaasssswwdd file with
  their database.  Once they have found a match, they have the password
  for another account.  This is referred to as a _d_i_c_t_i_o_n_a_r_y _a_t_t_a_c_k, and
  is one of the most common methods for gaining or expanding
  unauthorized access to a system.

  If you think about it, an 8 character password encodes to 4096 * 13
  character strings.  So a dictionary of say 400,000 common words,
  names, passwords, and simple variations would easily fit on a 4GB hard
  drive.  The attacker need only sort them, and then check for matches.
  Since a 4GB hard drive can be had for under $1000.00, this is well
  within the means of most system crackers.

  Also, if a cracker obtains your //eettcc//ppaasssswwdd file first, they only need
  to encode the dictionary with the ssaalltt values actually contained in
  your //eettcc//ppaasssswwdd file.  This method is usable by your average teenager
  with a couple of hundred spare Megabytes and a 486 class computer.

  Even without lots of drive space, utilities like crack(1) can usually
  break at least a couple of passwords on a system with enough users
  (assuming the users of the system are allowed to pick their own
  passwords).

  The //eettcc//ppaasssswwdd file also contains information like user ID's and
  group ID's that are used by many system programs.  Therefore, the
  //eettcc//ppaasssswwdd file _m_u_s_t remain world readable.  If you were to change
  the //eettcc//ppaasssswwdd file so that nobody can read it, the first thing that
  you would notice is that the llss --ll command now displays user ID's
  instead of names!

  The _S_h_a_d_o_w _S_u_i_t_e solves the problem by relocating the passwords to
  another file (usually //eettcc//sshhaaddooww).  The //eettcc//sshhaaddooww file is set so
  that it cannot be read by just anyone.  Only _r_o_o_t will be able to read
  and write to the //eettcc//sshhaaddooww file.  Some programs (like xlock) don't
  need to be able to change passwords, they only need to be able to
  verify them.  These programs can either be run _s_u_i_d _r_o_o_t or you can
  set up a group _s_h_a_d_o_w that is allowed read only access to the
  //eettcc//sshhaaddooww file.  Then the program can be run _s_g_i_d _s_h_a_d_o_w.

  By moving the passwords to the //eettcc//sshhaaddooww file, we are effectively
  keeping the attacker from having access to the encoded passwords with
  which to perform a _d_i_c_t_i_o_n_a_r_y _a_t_t_a_c_k.

  Additionally, the _S_h_a_d_o_w _S_u_i_t_e adds lots of other nice features:

  +o  A configuration file to set login defaults (//eettcc//llooggiinn..ddeeffss)

  +o  Utilities for adding, modifying, and deleting user accounts and
     groups

  +o  Password aging and expiration

  +o  Account expiration and locking

  +o  Shadowed group passwords (optional)

  +o  Double length passwords (16 character passwords) NOT RECOMMENDED

  +o  Better control over user's password selection

  +o  Dial-up passwords

  +o  Secondary authentication programs NOT RECOMMENDED

  Installing the _S_h_a_d_o_w _S_u_i_t_e contributes toward a more secure system,
  but there are many other things that can also be done to improve the
  security of a Linux system, and there will eventually be a series of
  Linux Security HOWTO's that will discuss other security measures and
  related issues.

  For current information on other Linux security issues, including
  warnings on known vulnerabilities see the Linux Security home page.
  <hhttttpp::////bbaacchh..cciiss..tteemmppllee..eedduu//lliinnuuxx//lliinnuuxx--sseeccuurriittyy//>



  22..11..  WWhhyy yyoouu mmiigghhtt NNOOTT wwaanntt ttoo sshhaaddooww yyoouurr ppaasssswwdd ffiillee..

  There are a few circumstances and configurations in which installing
  the _S_h_a_d_o_w _S_u_i_t_e would _N_O_T be a good idea:

  +o  The machine does not contain user accounts.

  +o  Your machine is running on a LAN and is using NIS (Network
     Information Services) to get or supply user names and passwords to
     other machines on the network.  (This can actually be done, but is
     beyond the scope of this document, and really won't increase
     security much anyway)

  +o  Your machine is being used by terminal servers to verify users via
     NFS (Network File System), NIS, or some other method.

  +o  Your machine runs other software that validates users, and there is
     no shadow version available, and you don't have the source code.



  22..22..  FFoorrmmaatt ooff tthhee //eettcc//ppaasssswwdd ffiillee

  A non-shadowed //eettcc//ppaasssswwdd file has the following format:


       username:passwd:UID:GID:full_name:directory:shell




  Where:

     uusseerrnnaammee
        The user (login) name

     ppaasssswwdd
        The encoded password

     UUIIDD
        Numerical user ID

     GGIIDD
        Numerical default group ID


     ffuullll__nnaammee
        The user's full name - Actually this field is called the GECOS
        (General Electric Comprehensive Operating System) field and can
        store information other than just the full name.  The Shadow
        commands and manual pages refer to this field as the comment
        field.

     ddiirreeccttoorryy
        User's home directory (Full pathname)

     sshheellll
        User's login shell (Full Pathname)

  For example:


       username:Npge08pfz4wuk:503:100:Full Name:/home/username:/bin/sh




  Where NNpp is the salt and ggee0088ppffzz44wwuukk is the _e_n_c_o_d_e_d password.  The
  encoded salt/password could just as easily have been kkbbeeMMVVnnZZMM00ooLL77II and
  the two are exactly the same password.  There are 4096 possible encod-
  ings for the same password.  (The example password in this case is
  'password', a really _b_a_d password).

  Once the shadow suite is installed, the //eettcc//ppaasssswwdd file would instead
  contain:


       username:x:503:100:Full Name:/home/username:/bin/sh




  The xx in the second field in this case is now just a place holder.
  The format of the //eettcc//ppaasssswwdd file really didn't change, it just no
  longer contains the _e_n_c_o_d_e_d password.  This means that any program
  that reads the //eettcc//ppaasssswwdd file but does not actually need to verify
  passwords will still operate correctly.

  The passwords are now relocated to the shadow file (usually
  //eettcc//sshhaaddooww file).


  22..33..  FFoorrmmaatt ooff tthhee sshhaaddooww ffiillee

  The //eettcc//sshhaaddooww file contains the following information:


       username:passwd:last:may:must:warn:expire:disable:reserved




  Where:

     uusseerrnnaammee
        The User Name

     ppaasssswwdd
        The Encoded password

     llaasstt
        Days since Jan 1, 1970 that password was last changed
     mmaayy
        Days before password may be changed

     mmuusstt
        Days after which password must be changed

     wwaarrnn
        Days before password is to expire that user is warned

     eexxppiirree
        Days after password expires that account is disabled

     ddiissaabbllee
        Days since Jan 1, 1970 that account is disabled

     rreesseerrvveedd
        A reserved field

  The previous example might then be:


       username:Npge08pfz4wuk:9479:0:10000::::





  22..44..  RReevviieeww ooff ccrryypptt((33))..

  From the crypt(3) manual page:

  "_c_r_y_p_t is the password encryption function.  It is based on the _D_a_t_a
  _E_n_c_r_y_p_t_i_o_n _S_t_a_n_d_a_r_d algorithm with variations intended (among other
  things) to discourage use of hardware implementations of a key search.

  The key is a user's typed password.  The encoded string is all NULLs

  The _s_a_l_t is a two-character string chosen from the set a-zA-Z0-9./.
  This string is used to perturb the algorithm in one of 4096 different
  ways.

  By taking the lowest 7 bits of each character of the key, a 56-bit key
  is obtained.  This 56-bit key is used to encrypt repeatedly a constant
  string (usually a string consisting of all zeros).  The returned value
  points to the encrypted password, a series of 13 printable ASCII
  characters (the first two characters represent the salt itself).  The
  return value points to static data whose content is overwritten by
  each call.


  WWaarrnniinngg:: The key space consists of 2**56 equal 7.2e16 possible values.
  Exhaustive searches of this key space aarree ppoossssiibbllee using massively
  parallel computers.  Software, such as ccrraacckk((11)), is available which
  will search the portion of this key space that is generally used by
  humans for passwords.  Hence, password selection should, at minimum,
  avoid common words and names.  The use of a ppaasssswwdd((11)) program that
  checks for crackable passwords during the selection process is
  recommended.

  The DES algorithm itself has a few quirks which make the use of the
  ccrryypptt((33)) interface a very poor choice for anything other than password
  authentication.  If you are planning on using the ccrryypptt((33)) interface
  for a cryptography project, don't do it: get a good book on encryption
  and one of the widely available DES libraries."


  Most _S_h_a_d_o_w _S_u_i_t_e_s contain code for doubling the length of the
  password to 16 characters.  Experts in ddeess recommend against this, as
  the encoding is simply applied first to the left half and then to the
  right half of the longer password.  Because of the way ccrryypptt works,
  this may make for a _l_e_s_s secure encoded password then if double length
  passwords were not used in the first place.  Additionally, it is less
  likely that a user will be able to remember a 16 character password.

  There is development work under way that would allow the
  authentication algorithm to be replaced with something more secure and
  with support for longer passwords (specifically the MD5 algorithm) and
  retain compatibility with the ccrryypptt method.

  If you are looking for a good book on encryption, I recommend:

          "Applied Cryptography: Protocols, Algorithms, and Source Code in C"
          by Bruce Schneier <schneier@chinet.com>
          ISBN: 0-471-59756-2





  33..  GGeettttiinngg tthhee SShhaaddooww SSuuiittee..

  33..11..  HHiissttoorryy ooff tthhee SShhaaddooww SSuuiittee ffoorr LLiinnuuxx

  _D_O _N_O_T _U_S_E _T_H_E _P_A_C_K_A_G_E_S _I_N _T_H_I_S _S_E_C_T_I_O_N_, _T_H_E_Y _H_A_V_E _S_E_C_U_R_I_T_Y _P_R_O_B_L_E_M_S

  The original _S_h_a_d_o_w _S_u_i_t_e was written by JJoohhnn FF.. HHaauugghh IIII.

  There are several versions that have been used on Linux systems:

  +o  sshhaaddooww--33..33..11 is the original.

  +o  sshhaaddooww--33..33..11--22 is Linux specific patch made by Florian La Roche
     <flla@stud.uni-sb.de> and contains some further enhancements.

  +o  sshhaaddooww--mmkk was specifically packaged for Linux.

  The sshhaaddooww--mmkk package contains the sshhaaddooww--33..33..11 package distributed by
  JJoohhnn FF.. HHaauugghh IIII with the sshhaaddooww--33..33..11--22 ppaattcchh installed, a few fixes
  made by Mohan Kokal <magnus@texas.net> that make installation a lot
  easier, a patch by JJoosseepphh RR..MM.. ZZbbiicciiaakk for llooggiinn11..cc (login.secure)
  that eliminates the -f, -h security holes in /bin/login, and some
  other miscellaneous patches.

  The sshhaaddooww..mmkk package was the _p_r_e_v_i_o_u_s_l_y recommended package, but
  should be replaced due to a _s_e_c_u_r_i_t_y _p_r_o_b_l_e_m with the llooggiinn program.

  There are _s_e_c_u_r_i_t_y _p_r_o_b_l_e_m_s with Shadow versions 3.3.1, 3.3.1-2, and
  shadow-mk involving the llooggiinn program.  This llooggiinn bug involves not
  checking the length of a login name.  This causes the buffer to
  overflow causing crashes or worse.  It has been rumored that this
  buffer overflow can allow someone with an account on the system to use
  this bug and the shared libraries to gain _r_o_o_t access.  I won't
  discuss exactly how this is possible because there are a lot of Linux
  systems that are affected, but systems with these _S_h_a_d_o_w _S_u_i_t_e_s
  installed, and most pre-ELF distributions _w_i_t_h_o_u_t the _S_h_a_d_o_w _S_u_i_t_e are
  vulnerable!

  For more information on this and other Linux security issues, see the
  Linux Security home page (Shared Libraries and login Program
  Vulnerability) <hhttttpp::////bbaacchh..cciiss..tteemmppllee..eedduu//lliinnuuxx//lliinnuuxx--sseeccuurriittyy//LLiinnuuxx--
  SSeeccuurriittyy--FFAAQQ//LLiinnuuxx--tteellnneettdd..hhttmmll>

  33..22..  WWhheerree ttoo ggeett tthhee SShhaaddooww SSuuiittee..

  The only recommended _S_h_a_d_o_w _S_u_i_t_e is still in BETA testing, however
  the latest versions are safe in a production environment and don't
  contain a vulnerable llooggiinn program.

  The package uses the following naming convention:


       shadow-YYMMDD.tar.gz




  where YYYYMMMMDDDD is the issue date of the Suite.

  This version will eventually be _V_e_r_s_i_o_n _3_._3_._3 when it is released from
  Beta testing, and is maintained by Marek Michalkiewicz
  <marekm@i17linuxb.ists.pwr.wroc.pl>.  It's available as: shadow-
  current.tar.gz
  <ffttpp::////ii1177lliinnuuxxbb..iissttss..ppwwrr..wwrroocc..ppll//ppuubb//lliinnuuxx//sshhaaddooww//sshhaaddooww--
  ccuurrrreenntt..ttaarr..ggzz>.

  The following mirror sites have also been established:

  +o  ftp://ftp.icm.edu.pl/pub/Linux/shadow/shadow-current.tar.gz

  +o  ftp://iguana.hut.fi/pub/linux/shadow/shadow-current.tar.gz

  +o  ftp://ftp.cin.net/usr/ggallag/shadow/shadow-current.tar.gz

  +o  ftp://ftp.netural.com/pub/linux/shadow/shadow-current.tar.gz

  You should use the currently available version.

  You should NOT use a version _o_l_d_e_r than sshhaaddooww--996600112299 as they also
  have the llooggiinn security problem discussed above.

  When this document refers to the _S_h_a_d_o_w _S_u_i_t_e I am referring to the
  this package.  It is assumed that this is the package that you are
  using.

  For reference, I used sshhaaddooww--996600112299 to make these installation
  instructions.

  If you were previously using sshhaaddooww--mmkk, you should upgrade to this
  version and rebuild everything that you originally compiled.


  33..33..  WWhhaatt iiss iinncclluuddeedd wwiitthh tthhee SShhaaddooww SSuuiittee..

  The _S_h_a_d_o_w _S_u_i_t_e contains replacement programs for:

  ssuu,, llooggiinn,, ppaasssswwdd,, nneewwggrrpp,, cchhffnn,, cchhsshh,, aanndd iidd

  The package also contains the new programs:

  cchhaaggee,, nneewwuusseerrss,, ddppaasssswwdd,, ggppaasssswwdd,, uusseerraadddd,, uusseerrddeell,, uusseerrmmoodd,,
  ggrroouuppaadddd,, ggrroouuppddeell,, ggrroouuppmmoodd,, ggrroouuppss,, ppwwcckk,, ggrrppcckk,, llaassttlloogg,, ppwwccoonnvv,,
  aanndd ppwwuunnccoonnvv

  Additionally, the library: lliibbsshhaaddooww..aa is included for writing and/or
  compiling programs that need to access user passwords.

  Also, manual pages for the programs are also included.

  There is also a configuration file for the login program which will be
  installed as //eettcc//llooggiinn..ddeeffss.


  44..  CCoommppiilliinngg tthhee pprrooggrraammss..

  44..11..  UUnnppaacckkiinngg tthhee aarrcchhiivvee..

  The first step after retrieving the package is unpacking it.  The
  package is in the tar (tape archive) format and compressed using gzip,
  so first move it to //uussrr//ssrrcc, then type:


       tar -xzvf shadow-current.tar.gz




  This will unpack it into the directory: //uussrr//ssrrcc//sshhaaddooww--YYYYMMMMDDDD


  44..22..  CCoonnffiigguurriinngg wwiitthh tthhee ccoonnffiigg..hh ffiillee

  The first thing that you need to do is to copy over the MMaakkeeffiillee and
  the ccoonnffiigg..hh file:


       cd /usr/src/shadow-YYMMDD
       cp Makefile.linux Makefile
       cp config.h.linux config.h




  You should then take a look at the ccoonnffiigg..hh file.  This file contains
  definitions for some of the configuration options.  If you are using
  the _r_e_c_o_m_m_e_n_d_e_d package, I recommend that you disable group shadow
  support for your first time around.

  By default shadowed group passwords are enabled.  To disable these
  edit the ccoonnffiigg..hh file, and change the ##uunnddeeff to ##ddeeffiinnee.  I recommend
  that you disable them to start with, and then if you really want group
  passwords and group administrators that you enable it later and
  recompile.  If you leave it enabled, you _m_u_s_t create the file
  //eettcc//ggsshhaaddooww.

  Enabling the long passwords option is NOT recommended as discussed
  above.

  _D_o _N_O_T change the setting: ##uunnddeeff AAUUTTOOSSHHAADDOOWW

  The AAUUTTOOSSHHAADDOOWW option was originally designed so that programs that
  were shadow ignorant would still function.  This sounds good in
  theory, but does not work correctly.  If you enable this option, and
  the program runs as root, it may call ggeettppwwnnaamm(()) as root, and later
  write the modified entry back to the //eettcc//ppaasssswwdd file (with the _n_o_-
  _l_o_n_g_e_r_-_s_h_a_d_o_w_e_d _p_a_s_s_w_o_r_d).  Such programs include chfn and chsh.  (You
  can't get around this by swapping real and effective uid before
  calling ggeettppwwnnaamm(()) because root may use chfn and chsh too.)

  The same warning is also valid if you are building libc, it has a
  SSHHAADDOOWW__CCOOMMPPAATT option which does the same thing.  It _s_h_o_u_l_d _N_O_T be
  used!  If you start getting encoded passwords back in your //eettcc//ppaasssswwdd
  file, this is the problem.


  If you are using a lliibbcc version prior to 4.6.27, you will need to make
  a couple more changes to ccoonnffiigg..hh and the MMaakkeeffiillee.  To ccoonnffiigg..hh edit
  and change:


       #define HAVE_BASENAME




  to:


       #undef HAVE_BASENAME




  And then in the MMaakkeeffiillee, change:



       SOBJS = smain.o env.o entry.o susetup.o shell.o \
               sub.o mail.o motd.o sulog.o age.o tz.o hushed.o

       SSRCS = smain.c env.c entry.c setup.c shell.c \
               pwent.c sub.c mail.c motd.c sulog.c shadow.c age.c pwpack.c rad64.c \
               tz.c hushed.c






       SOBJS = smain.o env.o entry.o susetup.o shell.o \
               sub.o mail.o motd.o sulog.o age.o tz.o hushed.o basename.o

       SSRCS = smain.c env.c entry.c setup.c shell.c \
               pwent.c sub.c mail.c motd.c sulog.c shadow.c age.c pwpack.c rad64.c \
               tz.c hushed.c basename.c




  These changes add the code contained in bbaasseennaammee..cc which is contained
  in lliibbcc 44..66..2277 and later.


  44..33..  MMaakkiinngg bbaacckkuupp ccooppiieess ooff yyoouurr oorriiggiinnaall pprrooggrraammss..

  It would also be a good idea to track down and make backup copies of
  the programs that the shadow suite will replace.  On a Slackware 3.0
  system these are:

  +o  /bin/su

  +o  /bin/login

  +o  /usr/bin/passwd

  +o  /usr/bin/newgrp

  +o  /usr/bin/chfn

  +o  /usr/bin/chsh

  +o  /usr/bin/id

  The BETA package has a _s_a_v_e target in the Makefile, but it's commented
  out because different distributions place the programs in different
  places.

  You should also make a backup copy of your //eettcc//ppaasssswwdd file, but be
  careful to name it something else if you place it in the same
  directory so you don't overwrite the ppaasssswwdd command.


  44..44..  RRuunnnniinngg mmaakkee

  _Y_o_u _n_e_e_d _t_o _b_e _l_o_g_g_e_d _a_s _r_o_o_t _t_o _d_o _m_o_s_t _o_f _t_h_e _i_n_s_t_a_l_l_a_t_i_o_n.

  Run make to compile the executables in the package:


       make all




  You may see the warning: rrccssiidd ddeeffiinneedd bbuutt nnoott uusseedd.  This is fine, it
  just happens because the author is using a version control package.


  55..  IInnssttaalllliinngg

  55..11..  HHaavvee aa bboooott ddiisskk hhaannddyy iinn ccaassee yyoouu bbrreeaakk aannyytthhiinngg..

  If something goes terribly wrong, it would be handy to have a boot
  disk.  If you have a boot/root combination from your installation,
  that will work, otherwise see the Bootdisk-HOWTO
  <hhttttpp::////ssuunnssiittee..uunncc..eedduu//mmddww//HHOOWWTTOO//BBoooottddiisskk--HHOOWWTTOO..hhttmmll>, which
  describes how to make a bootable disk.


  55..22..  RReemmoovviinngg dduupplliiccaattee mmaann ppaaggeess

  You should also move the manual pages that are about to be replaced.
  Even if you are brave enough install the Shadow Suite without making
  backups, you will still want to remove the old manual pages.  The new
  manual pages won't normally overwrite the old ones because the old
  ones are probably compressed.

  You can use a combination of: mmaann --aaWW ccoommmmaanndd and llooccaattee ccoommmmaanndd to
  locate the manual pages that need to be (re)moved.  It's generally
  easier to figure out which are the older pages before you run mmaakkee
  iinnssttaallll.

  If you are using the Slackware 3.0 distribution, then the manual pages
  you want to remove are:

  +o  /usr/man/man1/chfn.1.gz

  +o  /usr/man/man1/chsh.1.gz

  +o  /usr/man/man1/id.1.gz

  +o  /usr/man/man1/login.1.gz

  +o  /usr/man/man1/passwd.1.gz

  +o  /usr/man/man1/su.1.gz

  +o  /usr/man/man5/passwd.5.gz

  There may also be man pages of the same name in the //vvaarr//mmaann//ccaatt[[11--99]]
  subdirectories that should also be deleted.


  55..33..  RRuunnnniinngg mmaakkee iinnssttaallll

  You are now ready to type: (do this as root)


       make install




  This will install the new and replacement programs and fix-up the file
  permissions.  It will also install the man pages.

  This also takes care of installing the Shadow Suite include files in
  the correct places in //uussrr//iinncclluuddee//sshhaaddooww.

  Using the BETA package you must manually copy the file llooggiinn..ddeeffss to
  the //eettcc subdirectory and make sure that only _r_o_o_t can make changes to
  it.


       cp login.defs /etc
       chmod 700 /etc/login.defs




  This file is the configuration file for the _l_o_g_i_n program.  You should
  review and make changes to this file for your particular system.  This
  is where you decide which tty's root can login from, and set other
  security policy settings (like password expiration defaults).


  55..44..  RRuunnnniinngg ppwwccoonnvv

  The next step is to run ppwwccoonnvv.  This must also be done as _r_o_o_t, and
  is best done from the //eettcc subdirectory:


       cd /etc
       /usr/sbin/pwconv




  ppwwccoonnvv takes your //eettcc//ppaasssswwdd file and strips out the fields to create
  two files: //eettcc//nnppaasssswwdd and //eettcc//nnsshhaaddooww.

  A ppwwuunnccoonnvv program is also provided if you need to make a normal
  //eettcc//ppaasssswwdd file out of an //eettcc//ppaasssswwdd and //eettcc//sshhaaddooww combination.


  55..55..  RReennaammiinngg nnppaasssswwdd aanndd nnsshhaaddooww

  Now that you have run ppwwccoonnvv you have created the files //eettcc//nnppaasssswwdd
  and //eettcc//nnsshhaaddooww.  These need to be copied over to //eettcc//ppaasssswwdd and
  //eettcc//sshhaaddooww.  We also want to make a backup copy of the original
  //eettcc//ppaasssswwdd file, and make sure only root can read it.  We'll put the
  backup in root's home directory:

  cd /etc
  cp passwd ~passwd
  chmod 600 ~passwd
  mv npasswd passwd
  mv nshadow shadow




  You should also ensure that the file ownerships and permissions are
  correct.  If you are going to be using _X_-_W_i_n_d_o_w_s, the xxlloocckk and xxddmm
  programs need to be able to read the sshhaaddooww file (but not write it).

  There are two ways that this can be done.  You can set xxlloocckk to suid
  root (xxddmm is usually run as root anyway).  Or you can make the sshhaaddooww
  file owned by rroooott with a group of sshhaaddooww, but before you do this,
  make sure that you have a shadow group (look in //eettcc//ggrroouupp).  None of
  the users on the system should actually be in the shadow group.


       chown root.root passwd
       chown root.shadow shadow
       chmod 0644 passwd
       chmod 0640 shadow




  Your system now has the password file shadowed.  You _s_h_o_u_l_d now pop
  over to another virtual terminal and verify that you can login.

  _R_e_a_l_l_y_, _d_o _t_h_i_s _n_o_w_!

  If you can't, then something is wrong!  To get back to a non-shadowed
  state, do the following the following:


       cd /etc
       cp ~passwd passwd
       chmod 644 passwd




  You would then restore the files that you saved earlier to their
  proper locations.



  66..  OOtthheerr pprrooggrraammss yyoouu mmaayy nneeeedd ttoo uuppggrraaddee oorr ppaattcchh

  Even though the shadow suite contains replacement programs for most
  programs that need to access passwords, there are a few additional
  programs on most systems that require access to passwords.

  If you are running a _D_e_b_i_a_n _D_i_s_t_r_i_b_u_t_i_o_n (or even if you are not), you
  can obtain Debian sources for the programs that need to be rebuild
  from: ftp://ftp.debian.org/debian/stable/source/

  The remainder of this section discusses how to upgrade aadddduusseerr,
  wwuu__ffttppdd, ffttppdd, ppoopp33dd, xxlloocckk, xxddmm and ssuuddoo so that they support the
  shadow suite.

  See the section ``Adding Shadow Support to a C program'' for a
  discussion on how to put shadow support into any other program that
  needs it (although the program must then be run SUID root or SGID
  shadow to be able to actually access the shadow file).


  66..11..  SSllaacckkwwaarree aadddduusseerr pprrooggrraamm

  Slackware distributions (and possibly some others) contain a
  interactive program for adding users called //ssbbiinn//aadddduusseerr.  A shadow
  version of this program can be obtained from
  ftp://sunsite.unc.edu/pub/Linux/
  system/Admin/accounts/adduser.shadow-1.4.tar.gz.

  I would encourage you to use the programs that are supplied with the
  _S_h_a_d_o_w _S_u_i_t_e (uusseerraadddd, uusseerrmmoodd, and uusseerrddeell) instead of the slackware
  aadddduusseerr program.  They take a little time to learn how to use, but
  it's well worth the effort because you have much more control and they
  perform proper file locking on the //eettcc//ppaasssswwdd and //eettcc//sshhaaddooww file
  (aadddduusseerr doesn't).

  See the section on ``Putting the Shadow Suite to use'' for more
  information.

  But if you gotta have it, here is what you do:


       tar -xzvf adduser.shadow-1.4.tar.gz
       cd adduser
       make clean
       make adduser
       chmod 700 adduser
       cp adduser /sbin





  66..22..  TThhee wwuu__ffttppdd SSeerrvveerr

  Most Linux systems some with the wwuu__ffttppdd server.  If your distribution
  does not come with shadow installed, then your wwuu__ffttppdd will not be
  compiled for shadow.  wwuu__ffttppdd is launched from iinneettdd//ttccppdd as a _r_o_o_t
  process.  If you are running an old wwuu__ffttppdd daemon, you will want to
  upgrade it anyway because older ones had a bug that would allow the
  _r_o_o_t account to be compromised (For more info see the Linux security
  home page <hhttttpp::////bbaacchh..cciiss..tteemmppllee..eedduu//lliinnuuxx//lliinnuuxx--sseeccuurriittyy//LLiinnuuxx--
  SSeeccuurriittyy--FFAAQQ//LLiinnuuxx--wwuu..ffttppdd--22..44--UUppddaattee..hhttmmll>).

  Fortunately, you only need to get the source code and recompile it
  with shadow enabled.

  If you are not running an ELF system, The wwuu__ffttpp server can be found
  on Sunsite as wu-ftp-2.4-fixed.tar.gz
  <ffttpp::////ssuunnssiittee..uunncc..eedduu//ppuubb//LLiinnuuxx//ssyysstteemm//NNeettwwoorrkk//ffiillee--ttrraannssffeerr//wwuu--
  ffttppdd--22..44--ffiixxeedd..ttaarr..ggzz>

  Once you retrieve the server, put it in //uussrr//ssrrcc, then type:


       cd /usr/src
       tar -xzvf wu-ftpd-2.4-fixed.tar.gz
       cd wu-ftpd-2.4-fixed
       cp ./src/config/config.lnx.shadow ./src/config/config.lnx





  Then edit ..//ssrrcc//mmaakkeeffiilleess//MMaakkeeffiillee..llnnxx, and change the line:


       LIBES    = -lbsd -support




  to:


       LIBES    = -lbsd -support -lshadow




  Now you are ready to run the build script and install:


       cd /usr/src/wu-ftpd-2.4-fixed
       /usr/src/wu-ftp-2.4.fixed/build lnx
       cp /usr/sbin/wu.ftpd /usr/sbin/wu.ftpd.old
       cp ./bin/ftpd /usr/sbin/wu.ftpd





  This uses the Linux shadow configuration file, compiles and installs
  the server.

  On my Slackware 2.3 system I also had to do the following before
  running bbuuiilldd:


       cd /usr/include/netinet
       ln -s in_systm.h in_system.h
       cd -




  Problems have been reported compiling this package under ELF systems,
  but the Beta version of the next release works fine.  It can be found
  as wu-ftp-2.4.2-beta-9.tar.gz <ffttpp::////ffttpp..aaccaaddeemm..ccoomm//ppuubb//wwuu--
  ffttppdd//pprriivvaattee//wwuu--ffttppdd--22..44..22--bbeettaa--99..ttaarr..ggzz>

  Once you retrieve the server, put it in //uussrr//ssrrcc, then type:


       cd /usr/src
       tar -xzvf wu-ftpd-2.4.2-beta-9.tar.gz
       cd wu-ftpd-beta-9
       cd ./src/config




  Then edit ccoonnffiigg..llnnxx, and change:


       #undef SHADOW.PASSWORD




  to:


       #define SHADOW.PASSWORD




  Then,


       cd ../Makefiles




  and edit the file MMaakkeeffiillee..llnnxx and change:


       LIBES = -lsupport -lbsd # -lshadow




  to:


       LIBES = -lsupport -lbsd -lshadow




  Then build and install:


       cd ..
       build lnx
       cp /usr/sbin/wu.ftpd /usr/sbin/wu.ftpd.old
       cp ./bin/ftpd /usr/sbin/wu.ftpd





  Note that you should check your //eettcc//iinneettdd..ccoonnff file to make sure that
  this is where your wu.ftpd server really lives.  It has been reported
  that some distributions place the server daemons in different places,
  and then wu.ftpd in particular may be named something else.


  66..33..  SSttaannddaarrdd ffttppdd

  If you are running the standard ffttppdd server, I would recommend that
  you upgrade to the wwuu__ffttppdd server.  Aside from the known bug discussed
  above, it's generally thought to be more secure.

  If you insist on the standard one, or you need _N_I_S support, Sunsite
  has ftpd-shadow-nis.tgz
  <ffttpp::////ssuunnssiittee..uunncc..eedduu//ppuubb//LLiinnuuxx//ssyysstteemm//NNeettwwoorrkk//ffiillee--ttrraannssffeerr//ffttppdd--
  sshhaaddooww--nniiss..ttggzz>


  66..44..  ppoopp33dd ((PPoosstt OOffffiiccee PPrroottooccooll 33))

  If you need to support the third _P_o_s_t _O_f_f_i_c_e _P_r_o_t_o_c_o_l _(_P_O_P_3_), you will
  need to recompile a ppoopp33dd program.  ppoopp33dd is normally run by
  iinneettdd//ttccppdd as rroooott.

  There are two versions available from Sunsite:
  pop3d-1.00.4.linux.shadow.tar.gz
  <ffttpp::////ssuunnssiittee..uunncc..eedduu//ppuubb//LLiinnuuxx//ssyysstteemm//MMaaiill//ppoopp//
  ppoopp33dd--11..0000..44..lliinnuuxx..sshhaaddooww..ttaarr..ggzz> and pop3d+shadow+elf.tar.gz
  <ffttpp::////ssuunnssiittee..uunncc..eedduu//ppuubb//LLiinnuuxx//ssyysstteemm//MMaaiill//ppoopp//
  ppoopp33dd++sshhaaddooww++eellff..ttaarr..ggzz>

  Both of these are fairly straight forward to install.


  66..55..  xxlloocckk

  If you install the shadow suite, and then run _X_-_w_i_n_d_o_w_s and lock the
  screen without upgrading your xxlloocckk, you will have to use CCNNTTLL--AALLTT--FFxx
  to switch to another _t_t_y, login, and kill the xxlloocckk process (or use
  CCNNTTLL--AALLTT--BBSS to kill the X server).  Fortunately it's fairly easy to
  upgrade your xxlloocckk program.

  If you are running XFree86 Versions 3.x.x, you are probably using
  xxlloocckkmmoorree (which is a great screen-saver in addition to a lock).  This
  package supports _s_h_a_d_o_w with a recompile.  If you have an older xxlloocckk,
  I recommend that you upgrade to this one.

  xxlloocckkmmoorree--33..55..ttggzz is available at:
  <ffttpp::////ssuunnssiittee..uunncc..eedduu//ppuubb//LLiinnuuxx//XX1111//xxuuttiillss//ssccrreeeenn--
  ssaavveerrss//xxlloocckkmmoorree--33..55..ttggzz>

  Basically, this is what you need to do:

  Get the xxlloocckkmmoorree--33..55..ttggzz file and put it in //uussrr//ssrrcc unpack it:


       tar -xzvf xlockmore-3.5.tgz




  Edit the file: //uussrr//XX1111RR66//lliibb//XX1111//ccoonnffiigg//lliinnuuxx..ccff, and change the
  line:


       #define HasShadowPasswd    NO

       to

       #define HasShadowPasswd    YES




  Then build the executables:


       cd /usr/src/xlockmore
       xmkmf
       make depend
       make




  Then move everything into place and update file ownerships and
  permissions:

  cp xlock /usr/X11R6/bin/
  cp XLock /var/X11R6/lib/app-defaults/
  chown root.shadow /usr/X11R6/bin/xlock
  chmod 2755 /usr/X11R6/bin/xlock
  chown root.shadow /etc/shadow
  chmod 640 /etc/shadow




  Your xlock will now work correctly.


  66..66..  xxddmm

  xxddmm is a program that presents a login screen for X-Windows.  Some
  systems start xxddmm when the system is told to goto a specified run
  level (see //eettcc//iinniittttaabb.

  With the _S_h_a_d_o_w _S_u_i_t_e install, xxddmm will need to be updated.
  Fortunately it's fairly easy to upgrade your xxddmm program.


  xxddmm..ttaarr..ggzz is available at:
  <ffttpp::////ssuunnssiittee..uunncc..eedduu//ppuubb//LLiinnuuxx//XX1111//xxuuttiillss//xxddmm..ttaarr..ggzz>

  Get the xxddmm..ttaarr..ggzz file and put it in //uussrr//ssrrcc, then to unpack it:


       tar -xzvf xdm.tar.gz




  Edit the file: //uussrr//XX1111RR66//lliibb//XX1111//ccoonnffiigg//lliinnuuxx..ccff, and change the
  line:


       #define HasShadowPasswd    NO

       to

       #define HasShadowPasswd    YES




  Then build the executables:


       cd /usr/src/xdm
       xmkmf
       make depend
       make




  Then move everything into place:


       cp xdm /usr/X11R6/bin/




  xxddmm is run as _r_o_o_t so you don't need to change it file permissions.



  66..77..  ssuuddoo

  The program ssuuddoo allows a system administrator to let users run
  programs that would normally require root access.  This is handy
  because it lets the administrator limit access to the root account
  itself while still allowing users to do things like mounting drives.

  ssuuddoo needs to read passwords because it verifies the users password
  when it's invoked.  ssuuddoo already runs SUID root, so accessing the
  //eettcc//sshhaaddooww file is not a problem.

  ssuuddoo for the shadow suite, is available as at:
  <ffttpp::////ssuunnssiittee..uunncc..eedduu//ppuubb//LLiinnuuxx//ssyysstteemm//AAddmmiinn//ssuuddoo--11..22--sshhaaddooww..ttggzz>

  _W_a_r_n_i_n_g: When you install ssuuddoo your //eettcc//ssuuddooeerrss file will be replaced
  with a default one, so you need to make a backup of it if you have
  added anything to the default one.  (you could also edit the Makefile
  and remove the line that copies the default file to //eettcc).

  The package is already setup for shadow, so all that's required is to
  recompile the package (put it in //uussrr//ssrrcc):


       cd /usr/src
       tar -xzvf sudo-1.2-shadow.tgz
       cd sudo-1.2-shadow
       make all
       make install





  66..88..  iimmaappdd ((EE--MMaaiill ppiinnee ppaacckkaaggee))

  iimmaappdd is an e-mail server similar to ppoopp33dd.  iimmaappdd comes with the _P_i_n_e
  _E_-_m_a_i_l package.  The documentation that comes with the package states
  that the default for Linux systems is to include support for shadow.
  However, I have found that this is not true.  Furthermore, the build
  script / Makefile combination on this package is makes it very
  difficult to add the lliibbsshhaaddooww..aa library at compile time, so I was
  unable to add shadow support for iimmaappdd.

  If anyone has this figured out, please E-mail me, and I'll include the
  solution here.


  66..99..  ppppppdd ((PPooiinntt--ttoo--PPooiinntt PPrroottooccooll SSeerrvveerr))

  The pppd server can be setup to use several types of authentication:
  _P_a_s_s_w_o_r_d _A_u_t_h_e_n_t_i_c_a_t_i_o_n _P_r_o_t_o_c_o_l (PAP) and _C_r_y_p_t_o_g_r_a_p_h_i_c _H_a_n_d_s_h_a_k_e
  _A_u_t_h_e_n_t_i_c_a_t_i_o_n _P_r_o_t_o_c_o_l (CHAP).  The pppd server usually reads the
  password strings that it uses from //eettcc//pppppp//cchhaapp--sseeccrreettss and/or
  //eettcc//pppppp//ppaapp--sseeccrreettss.  If you are using this default behavior of pppd,
  it is not necessary to reinstall pppd.

  pppd also allows you to use the _l_o_g_i_n parameter (either on the command
  line, or in the configuration or ooppttiioonnss file).  If the _l_o_g_i_n option
  is given, then pppd will use the //eettcc//ppaasssswwdd file for the username and
  passwords for the _P_A_P.  This, of course, will no longer work now that
  our password file is shadowed.  For pppd-1.2.1d this requires adding
  code for shadow support.
  The example given in the next section is adding shadow support to
  ppppppdd--11..22..11dd (an older version of pppd).

  ppppppdd--22..22..00 already contains shadow support.


  77..  PPuuttttiinngg tthhee SShhaaddooww SSuuiittee ttoo uussee..

  This section discusses some of the things that you will want to know
  now that you have the _S_h_a_d_o_w _S_u_i_t_e installed on your system.  More
  information is contained in the manual pages for each command.


  77..11..  AAddddiinngg,, MMooddiiffyyiinngg,, aanndd ddeelleettiinngg uusseerrss

  The _S_h_a_d_o_w _S_u_i_t_e added the following command line oriented commands
  for adding, modifying, and deleting users.  You may also have
  installed the aadddduusseerr program.


  77..11..11..  uusseerraadddd

  The uusseerraadddd command can be used to add users to the system.  You also
  invoke this command to change the default settings.

  The first thing that you should do is to examine the default settings
  and make changes specific to your system:


       useradd -D




  ______________________________________________________________________
  GROUP=1
  HOME=/home
  INACTIVE=0
  EXPIRE=0
  SHELL=
  SKEL=/etc/skel
  ______________________________________________________________________



  The defaults are probably not what you want, so if you started adding
  users now you would have to specify all the information for each user.
  However, we can and should change the default values.

  On my system:

  +o  I want the default group to be 100

  +o  I want passwords to expire every 60 days

  +o  I don't want to lock an account because the password is expired

  +o  I want to default shell to be //bbiinn//bbaasshh

     To make these changes I would use:


       useradd -D -g100 -e60 -f0 -s/bin/bash



  Now running uusseerraadddd --DD will give:

  ______________________________________________________________________
  GROUP=100
  HOME=/home
  INACTIVE=0
  EXPIRE=60
  SHELL=/bin/bash
  SKEL=/etc/skel
  ______________________________________________________________________



  Just in case you wanted to know, these defaults are stored in the file
  //eettcc//ddeeffaauulltt//uusseerraadddd.

  Now you can use uusseerraadddd to add users to the system.  For example, to
  add the user ffrreedd, using the defaults, you would use the following:


       useradd -m -c "Fred Flintstone" fred




  This will create the following entry in the //eettcc//ppaasssswwdd file:


       fred:*:505:100:Fred Flintstone:/home/fred:/bin/bash




  And the following entry in the //eettcc//sshhaaddooww file:


       fred:!:0:0:60:0:0:0:0




  ffrreedd's home directory will be created and the contents of //eettcc//sskkeell
  will be copied there because of the --mm switch.

  Also, since we did not specify a UID, the next available one was used.

  ffrreedd's account is created, but ffrreedd still won't be able to login until
  we unlock the account.  We do this by changing the password.


       passwd fred





  ______________________________________________________________________
  Changing password for fred
  Enter the new password (minimum of 5 characters)
  Please use a combination of upper and lower case letters and numbers.
  New Password: *******
  Re-enter new password: *******
  ______________________________________________________________________



  Now the //eettcc//sshhaaddooww will contain:


       fred:J0C.WDR1amIt6:9559:0:60:0:0:0:0




  And ffrreedd will now be able to login and use the system.  The nice thing
  about uusseerraadddd and the other programs that come with the _S_h_a_d_o_w _S_u_i_t_e
  is that they make changes to the //eettcc//ppaasssswwdd and //eettcc//sshhaaddooww files
  atomically.  So if you are adding a user, and another user is changing
  their password at the same time, both operations will be performed
  correctly.

  You should use the supplied commands rather than directly editing
  //eettcc//ppaasssswwdd and //eettcc//sshhaaddooww.  If you were editing the //eettcc//sshhaaddooww
  file, and a user were to change his password while you are editing,
  and then you were to save the file you were editing, the user's
  password change would be lost.

  Here is a small interactive script that adds users using uusseerraadddd and
  ppaasssswwdd:











































  ______________________________________________________________________
  #!/bin/bash
  #
  # /sbin/newuser - A script to add users to the system using the Shadow
  #                 Suite's useradd and passwd commands.
  #
  # Written my Mike Jackson <mhjack@tscnet.com> as an example for the Linux
  # Shadow Password Howto.  Permission to use and modify is expressly granted.
  #
  # This could be modified to show the defaults and allow modification similar
  # to the Slackware Adduser program.  It could also be modified to disallow
  # stupid entries.  (i.e. better error checking).
  #
  ##
  #  Defaults for the useradd command
  ##
  GROUP=100        # Default Group
  HOME=/home       # Home directory location (/home/username)
  SKEL=/etc/skel   # Skeleton Directory
  INACTIVE=0       # Days after password expires to disable account (0=never)
  EXPIRE=60        # Days that a passwords lasts
  SHELL=/bin/bash  # Default Shell (full path)
  ##
  #  Defaults for the passwd command
  ##
  PASSMIN=0        # Days between password changes
  PASSWARN=14      # Days before password expires that a warning is given
  ##
  #  Ensure that root is running the script.
  ##
  WHOAMI=`/usr/bin/whoami`
  if [ $WHOAMI != "root" ]; then
          echo "You must be root to add news users!"
          exit 1
  fi
  ##
  #  Ask for username and fullname.
  ##
  echo ""
  echo -n "Username: "
  read USERNAME
  echo -n "Full name: "
  read FULLNAME
  #
  echo "Adding user: $USERNAME."
  #
  # Note that the "" around $FULLNAME is required because this field is
  # almost always going to contain at least on space, and without the "'s
  # the useradd command would think that you we moving on to the next
  # parameter when it reached the SPACE character.
  #
  /usr/sbin/useradd -c"$FULLNAME" -d$HOME/$USERNAME -e$EXPIRE \
          -f$INACTIVE -g$GROUP -m -k$SKEL -s$SHELL $USERNAME
  ##
  #  Set password defaults
  ##
  /bin/passwd -n $PASSMIN -w $PASSWARN $USERNAME >/dev/null 2>&1
  ##
  #  Let the passwd command actually ask for password (twice)
  ##
  /bin/passwd $USERNAME
  ##
  #  Show what was done.
  ##
  echo ""
  echo "Entry from /etc/passwd:"
  echo -n "   "
  grep "$USERNAME:" /etc/passwd
  echo "Entry from /etc/shadow:"
  echo -n "   "
  grep "$USERNAME:" /etc/shadow
  echo "Summary output of the passwd command:"
  echo -n "   "
  passwd -S $USERNAME
  echo ""
  ______________________________________________________________________



  Using a script to add new users is really much more preferable than
  editing the //eettcc//ppaasssswwdd or //eettcc//sshhaaddooww files directly or using a
  program like the Slackware aadddduusseerr program.  Feel free to use and
  modify this script for your particular system.

  For more information on the uusseerraadddd see the online manual page.


  77..11..22..  uusseerrmmoodd

  The uusseerrmmoodd program is used to modify the information on a user.  The
  switches are similar to the uusseerraadddd program.

  Let's say that you want to change ffrreedd's shell, you would do the
  following:


       usermod -s /bin/tcsh fred




  Now ffrreedd's //eettcc//ppaasssswwdd file entry would be change to this:


       fred:*:505:100:Fred Flintstone:/home/fred:/bin/tcsh




  Let's make ffrreedd's account expire on 09/15/97:


       usermod -e 09/15/97 fred




  Now ffrreedd's entry in //eettcc//sshhaaddooww becomes:


       fred:J0C.WDR1amIt6:9559:0:60:0:0:10119:0




  For more information on the uusseerrmmoodd command see the online manual
  page.





  77..11..33..  uusseerrddeell

  uusseerrddeell does just what you would expect, it deletes the user's
  account.  You simply use:


       userdel -r username




  The --rr causes all files in the user's home directory to be removed
  along with the home directory itself.  Files located in other file
  system will have to be searched for and deleted manually.

  If you want to simply lock the account rather than delete it, use the
  ppaasssswwdd command instead.


  77..22..  TThhee ppaasssswwdd ccoommmmaanndd aanndd ppaasssswwdd aaggiinngg..

  The ppaasssswwdd command has the obvious use of changing passwords.
  Additionally, it is used by the _r_o_o_t user to:

  +o  Lock and unlock accounts (--ll and --uu)

  +o  Set the maximum number of days that a password remains valid (--xx)

  +o  Set the minimum days between password changes (--nn)

  +o  Sets the number of days of warning that a password is about to
     expire (--ww)

  +o  Sets the number of days after the password expires before the
     account is locked (--ii)

  +o  Allow viewing of account information in a clearer format (--SS)

  For example, let look again at ffrreedd


       passwd -S fred
       fred P 03/04/96 0 60 0 0




  This means that ffrreedd's password is valid, it was last changed on
  03/04/96, it can be changed at any time, it expires after 60 days,
  fred will not be warned, and and the account won't be disabled when
  the password expires.

  This simply means that if ffrreedd logs in after the password expires, he
  will be prompted for a new password at login.

  If we decide that we want to warn ffrreedd 14 days before his password
  expires and make his account inactive 14 days after he lets it expire,
  we would need to do the following:


       passwd -w14 -i14 fred




  Now ffrreedd is changed to:
       fred P 03/04/96 0 60 14 14




  For more information on the ppaasssswwdd command see the online manual page.


  77..33..  TThhee llooggiinn..ddeeffss ffiillee..

  The file //eettcc//llooggiinn is the configuration file for the llooggiinn program
  and also for the _S_h_a_d_o_w _S_u_i_t_e as a whole.

  //eettcc//llooggiinn contains settings from what the prompts will look like to
  what the default expiration will be when a user changes his password.

  The //eettcc//llooggiinn..ddeeffss file is quite well documented just by the comments
  that are contained within it.  However, there are a few things to
  note:

  +o  It contains flags that can be turned on or off that determine the
     amount of logging that takes place.

  +o  It contains pointers to other configuration files.

  +o  It contains defaults assignments for things like password aging.

  From the above list you can see that this is a rather important file,
  and you should make sure that it is present, and that the settings are
  what you desire for your system.


  77..44..  GGrroouupp ppaasssswwoorrddss..

  The //eettcc//ggrroouuppss file may contain passwords that permit a user to
  become a member of a particular group.  This function is enabled if
  you define the constant SSHHAADDOOWWGGRRPP in the //uussrr//ssrrcc//sshhaaddooww--
  YYYYMMMMDDDD//ccoonnffiigg..hh file.

  If you define this constant and then compile, you must create an
  //eettcc//ggsshhaaddooww file to hold the group passwords and the group
  administrator information.

  When you created the //eettcc//sshhaaddooww, you used a program called ppwwccoonnvv,
  there no equivalent program to create the //eettcc//ggsshhaaddooww file, but it
  really doesn't matter, it takes care of itself.

  To create the initial //eettcc//ggsshhaaddooww file do the following:


       touch /etc/gshadow
       chown root.root /etc/gshadow
       chmod 700 /etc/gshadow




  Once you create new groups, they will be added to the //eettcc//ggrroouupp and
  the //eettcc//ggsshhaaddooww files.  If you modify a group by adding or removing
  users or changing the group password, the //eettcc//ggsshhaaddooww file will be
  changed.

  The programs ggrroouuppss, ggrroouuppaadddd, ggrroouuppmmoodd, and ggrroouuppddeell are provided as
  part of the _S_h_a_d_o_w _S_u_i_t_e to modify groups.


  The format of the //eettcc//ggrroouupp file is as follows:


       groupname:!:GID:member,member,...




  Where:

     ggrroouuppnnaammee
        The name of the group

     !!  The field that normally holds the password, but that is now
        relocated to the //eettcc//ggsshhaaddooww file.

     GGIIDD
        The numerical group ID number

     mmeemmbbeerr
        List of group members

  The format of the //eettcc//ggsshhaaddooww file is as follows:


       groupname:password:admin,admin,...:member,member,...




  Where:

     ggrroouuppnnaammee
        The name of the group

     ppaasssswwoorrdd
        The encoded group password.

     aaddmmiinn
        List of group administrators

     mmeemmbbeerr
        List of group members

  The command ggppaasssswwdd is used only for adding or removing administrators
  and members to or from a group.  rroooott or someone in the list of
  administrators may add or remove group members.

  The groups password can be changed using the ppaasssswwdd command by _r_o_o_t or
  anyone listed as an administrator for the group.

  Despite the fact that there is not currently a manual page for
  ggppaasssswwdd, typing ggppaasssswwdd without any parameters gives a listing of
  options.  It's fairly easy to grasp how it all works once you
  understand the file formats and the concepts.



  77..55..  CCoonnssiisstteennccyy cchheecckkiinngg pprrooggrraammss



  77..55..11..  ppwwcckk

  The program ppwwcckk is provided to provide a consistency check on the
  //eettcc//ppaasssswwdd and //eettcc//sshhaaddooww files.  It will check each username and
  verify that it has the following:

  +o  the correct number of fields

  +o  unique user name

  +o  valid user and group identifier

  +o  valid primary group

  +o  valid home directory

  +o  valid login shell

  It will also warn of any account that has no password.

  It's a good idea to run ppwwcckk after installing the _S_h_a_d_o_w _S_u_i_t_e.  It's
  also a good idea to run it periodically, perhaps weekly or monthly.
  If you use the --rr option, you can use ccrroonn to run it on a regular
  basis and have the report mailed to you.


  77..55..22..  ggrrppcckk

  ggrrppcckk is the consistency checking program for the //eettcc//ggrroouupp and
  //eettcc//ggsshhaaddooww files.  It performs the following checks:

  +o  the correct number of fields

  +o  unique group name

  +o  valid list of members and administrators

  It also has the --rr option for automated reports.


  77..66..  DDiiaall--uupp ppaasssswwoorrddss..

  Dial-up passwords are another optional line of defense for systems
  that allow dial-in access.  If you have a system that allows many
  people to connect locally or via a network, but you want to limit who
  can dial in and connect, then dial-up passwords are for you.  To
  enable dial-up passwords, you must edit the file //eettcc//llooggiinn..ddeeffss and
  ensure that DDIIAALLUUPPSS__CCHHEECCKK__EENNAABB is set to yyeess.

  Two files contain the dial-up information, //eettcc//ddiiaalluuppss which contains
  the ttys (one per line, with the leading "/dev/" removed).  If a tty
  is listed then dial-up checks are performed.

  The second file is the //eettcc//dd__ppaasssswwdd file.  This file contains the
  fully qualified path name of a shell, followed by an optional
  password.

  If a user logs into a line that is listed in //eettcc//ddiiaalluuppss, and his
  shell is listed in the file //eettcc//dd__ppaasssswwdd he will be allowed access
  only by suppling the correct password.

  Another useful purpose for using dial-up passwords might be to setup a
  line that only allows a certain type of connect (perhaps a PPP or UUCP
  connection).  If a user tries to get another type of connection (i.e.
  a list of shells), he must know a password to use the line.

  Before you can use the dial-up feature, you must create the files.

  The command ddppaasssswwdd is provided to assign passwords to the shells in
  the //eettcc//dd__ppaasssswwdd file.  See the manual page for more information.
  88..  AAddddiinngg sshhaaddooww ssuuppppoorrtt ttoo aa CC pprrooggrraamm

  Adding shadow support to a program is actually fairly straightforward.
  The only problem is that the program must be run by root (or SUID
  root) in order for the the program to be able to access the
  //eettcc//sshhaaddooww file.

  This presents one big problem: very careful programming practices must
  be followed when creating SUID programs.  For instance, if a program
  has a shell escape, this must not occur as root if the program is SUID
  root.

  For adding shadow support to a program so that it can check passwords,
  but otherwise does need to run as root, it's a lot safer to run the
  program SUID shadow instead.  The xxlloocckk program is an example of this.

  In the example given below, ppppppdd--11..22..11dd already runs SUID as root, so
  adding shadow support should not make the program any more vulnerable.


  88..11..  HHeeaaddeerr ffiilleess

  The header files should reside in //uussrr//iinncclluuddee//sshhaaddooww.  There should
  also be a //uussrr//iinncclluuddee//sshhaaddooww..hh, but it will be a symbolic link to
  //uussrr//iinncclluuddee//sshhaaddooww//sshhaaddooww..hh.

  To add shadow support to a program, you need to include the header
  files:

  #include <shadow/shadow.h>
  #include <shadow/pwauth.h>



  It might be a good idea to use compiler directives to conditionally
  compile the shadow code (I do in the example below).


  88..22..  lliibbsshhaaddooww..aa lliibbrraarryy

  When you installed the _S_h_a_d_o_w _S_u_i_t_e the lliibbsshhaaddooww..aa file was created
  and installed in //uussrr//lliibb.

  When compiling shadow support into a program, the linker needs to be
  told to include the lliibbsshhaaddooww..aa library into the link.

  This is done by:


       gcc program.c -o program -lshadow




  However, as we will see in the example below, most large programs use
  a MMaakkeeffiillee, and usually have a variable called LLIIBBSS==...... that we will
  modify.


  88..33..  SShhaaddooww SSttrruuccttuurree

  The lliibbsshhaaddooww..aa library uses a structure called ssppwwdd for the
  information it retrieves from the //eettcc//sshhaaddooww file.  This is the
  definition of the ssppwwdd structure from the //uussrr//iinncclluuddee//sshhaaddooww//sshhaaddooww..hh
  header file:

  ______________________________________________________________________
  struct spwd
  {
    char *sp_namp;                /* login name */
    char *sp_pwdp;                /* encrypted password */
    sptime sp_lstchg;             /* date of last change */
    sptime sp_min;                /* minimum number of days between changes */
    sptime sp_max;                /* maximum number of days between changes */
    sptime sp_warn;               /* number of days of warning before password
                                     expires */
    sptime sp_inact;              /* number of days after password expires
                                     until the account becomes unusable. */
    sptime sp_expire;             /* days since 1/1/70 until account expires
  */
    unsigned long sp_flag;        /* reserved for future use */
  };
  ______________________________________________________________________



  The _S_h_a_d_o_w _S_u_i_t_e can put things into the sspp__ppwwddpp field besides just
  the encoded passwd.  The password field could contain:


       username:Npge08pfz4wuk;@/sbin/extra:9479:0:10000::::




  This means that in addition to the password, the program //ssbbiinn//eexxttrraa
  should be called for further authentication.  The program called will
  get passed the username and a switch that indicates why it's being
  called.  See the file //uussrr//iinncclluuddee//sshhaaddooww//ppwwaauutthh..hh and the source code
  for ppwwaauutthh..cc for more information.

  What this means is that we should use the function ppwwaauutthh to perform
  the actual authentication, as it will take care of the secondary
  authentication as well.  The example below does this.

  The author of the _S_h_a_d_o_w _S_u_i_t_e indicates that since most programs in
  existence don't do this, and that it may be removed or changed in
  future versions of the _S_h_a_d_o_w _S_u_i_t_e.


  88..44..  SShhaaddooww FFuunnccttiioonnss

  The sshhaaddooww..hh file also contains the function prototypes for the
  functions contained in the lliibbsshhaaddooww..aa library:

  ______________________________________________________________________
  extern void setspent __P ((void));
  extern void endspent __P ((void));
  extern struct spwd *sgetspent __P ((__const char *__string));
  extern struct spwd *fgetspent __P ((FILE *__fp));
  extern struct spwd *getspent __P ((void));
  extern struct spwd *getspnam __P ((__const char *__name));
  extern int putspent __P ((__const struct spwd *__sp, FILE *__fp));
  ______________________________________________________________________



  The function that we are going to use in the example is: ggeettssppnnaamm
  which will retrieve for us a ssppwwdd structure for the supplied name.



  88..55..  EExxaammppllee

  This is an example of adding shadow support to a program that needs
  it, but does not have it by default.

  This example uses the _P_o_i_n_t_-_t_o_-_P_o_i_n_t _P_r_o_t_o_c_o_l _S_e_r_v_e_r (pppd-1.2.1d),
  which has a mode in which it performs _P_A_P authentication using user
  names and passwords from the //eettcc//ppaasssswwdd file instead of the _P_A_P or
  _C_H_A_P files.  You would not need to add this code to ppppppdd--22..22..00 because
  it's already there.

  This feature of pppd probably isn't used very much, but if you
  installed the _S_h_a_d_o_w _S_u_i_t_e, it won't work anymore because the
  passwords are no longer stored in //eettcc//ppaasssswwdd.

  The code for authenticating users under ppppppdd--11..22..11dd is located in the
  //uussrr//ssrrcc//ppppppdd--11..22..11dd//ppppppdd//aauutthh..cc file.

  The following code needs to be added to the top of the file where all
  the other ##iinncclluuddee directives are.  We have surrounded the ##iinncclluuddeess
  with conditional directives (i.e. only include if we are compiling for
  shadow support).


  ______________________________________________________________________
  #ifdef HAS_SHADOW
  #include <shadow.h>
  #include <shadow/pwauth.h>
  #endif
  ______________________________________________________________________



  The next thing to do is to modify the actual code.  We are still
  making changes to the aauutthh..cc file.

  Function aauutthh..cc before modifications:





























  ______________________________________________________________________
  /*
   * login - Check the user name and password against the system
   * password database, and login the user if OK.
   *
   * returns:
   *      UPAP_AUTHNAK: Login failed.
   *      UPAP_AUTHACK: Login succeeded.
   * In either case, msg points to an appropriate message.
   */
  static int
  login(user, passwd, msg, msglen)
      char *user;
      char *passwd;
      char **msg;
      int *msglen;
  {
      struct passwd *pw;
      char *epasswd;
      char *tty;

      if ((pw = getpwnam(user)) == NULL) {
          return (UPAP_AUTHNAK);
      }
       /*
       * XXX If no passwd, let them login without one.
       */
      if (pw->pw_passwd == '\0') {
          return (UPAP_AUTHACK);
      }

      epasswd = crypt(passwd, pw->pw_passwd);
      if (strcmp(epasswd, pw->pw_passwd)) {
          return (UPAP_AUTHNAK);
      }

      syslog(LOG_INFO, "user %s logged in", user);

      /*
       * Write a wtmp entry for this user.
       */
      tty = strrchr(devname, '/');
      if (tty == NULL)
          tty = devname;
      else
          tty++;
      logwtmp(tty, user, "");             /* Add wtmp login entry */
      logged_in = TRUE;

      return (UPAP_AUTHACK);
  }
  ______________________________________________________________________



  The user's password is placed into ppww-->>ppww__ppaasssswwdd, so all we really
  need to do is add the function ggeettssppnnaamm.  This will put the password
  into ssppwwdd-->>sspp__ppwwddpp.

  We will add the function ppwwaauutthh to perform the actual authentication.
  This will automatically perform secondary authentication if the shadow
  file is setup for it.

  Function aauutthh..cc after modifications to support shadow:


  ______________________________________________________________________
  /*
   * login - Check the user name and password against the system
   * password database, and login the user if OK.
   *
   * This function has been modified to support the Linux Shadow Password
   * Suite if USE_SHADOW is defined.
   *
   * returns:
   *      UPAP_AUTHNAK: Login failed.
   *      UPAP_AUTHACK: Login succeeded.
   * In either case, msg points to an appropriate message.
   */
  static int
  login(user, passwd, msg, msglen)
      char *user;
      char *passwd;
      char **msg;
      int *msglen;
  {
      struct passwd *pw;
      char *epasswd;
      char *tty;

  #ifdef USE_SHADOW
      struct spwd *spwd;
      struct spwd *getspnam();
  #endif

      if ((pw = getpwnam(user)) == NULL) {
          return (UPAP_AUTHNAK);
      }

  #ifdef USE_SHADOW
          spwd = getspnam(user);
          if (spwd)
                  pw->pw_passwd = spwd->sp-pwdp;
  #endif

       /*
       * XXX If no passwd, let NOT them login without one.
       */
      if (pw->pw_passwd == '\0') {
          return (UPAP_AUTHNAK);
      }
  #ifdef HAS_SHADOW
      if ((pw->pw_passwd && pw->pw_passwd[0] == '@'
           && pw_auth (pw->pw_passwd+1, pw->pw_name, PW_LOGIN, NULL))
          || !valid (passwd, pw)) {
          return (UPAP_AUTHNAK);
      }
  #else
      epasswd = crypt(passwd, pw->pw_passwd);
      if (strcmp(epasswd, pw->pw_passwd)) {
          return (UPAP_AUTHNAK);
      }
  #endif

      syslog(LOG_INFO, "user %s logged in", user);

      /*
       * Write a wtmp entry for this user.
       */
      tty = strrchr(devname, '/');
      if (tty == NULL)
          tty = devname;
      else
          tty++;
      logwtmp(tty, user, "");             /* Add wtmp login entry */
      logged_in = TRUE;

      return (UPAP_AUTHACK);
  }
  ______________________________________________________________________



  Careful examination will reveal that we made another change as well.
  The original version allowed access (returned UUPPAAPP__AAUUTTHHAACCKK if there
  was NO password in the //eettcc//ppaasssswwdd file.  This is _n_o_t good, because a
  common use of this login feature is to use one account to allow access
  to the PPP process and then check the username and password supplied
  by PAP with the username in the //eettcc//ppaasssswwdd file and the password in
  the //eettcc//sshhaaddooww file.

  So if we had set the original version up to run as the shell for a
  user i.e.  pppppp, then anyone could get a ppp connection by setting
  their PAP to user pppppp and a password of null.

  We fixed this also by returning UUPPAAPP__AAUUTTHHNNAAKK instead of UUPPAAPP__AAUUTTHHAACCKK
  if the password field was empty.

  Interestingly enough, ppppppdd--22..22..00 has the same problem.

  Next we need to modify the Makefile so that two things occur:
  UUSSEE__SSHHAADDOOWW must be defined, and lliibbsshhaaddooww..aa needs to be added to the
  linking process.

  Edit the Makefile, and add:


       LIBS = -lshadow




  Then we find the line:


       COMPILE_FLAGS = -I.. -D_linux_=1 -DGIDSET_TYPE=gid_t




  And change it to:


       COMPILE_FLAGS = -I.. -D_linux_=1 -DGIDSET_TYPE=gid_t -DUSE_SHADOW




  Now make and install.


  99..  FFrreeqquueennttllyy AAsskkeedd QQuueessttiioonnss..

  _Q_: I used to control which tty's _r_o_o_t could log into using the file
  //eettcc//sseeccuurreettttyyss, but it doesn't seem to work anymore, what's going on?

  _A_: The file //eettcc//sseeccuurreettttyyss does absolutely nothing now that the
  _S_h_a_d_o_w _S_u_i_t_e is installed.  The tty's that _r_o_o_t can use are now
  located in the login configuration file //eettcc//llooggiinn..ddeeffss.  The entry in
  this file may point to another file.


  _Q_: I installed the _S_h_a_d_o_w _S_u_i_t_e, but now I can't login, what did I
  miss?

  _A_: You probably installed the Shadow programs, but didn't run ppwwccoonnvv
  or you forgot to copy //eettcc//nnppaasssswwdd to //eettcc//ppaasssswwdd and //eettcc//nnsshhaaddooww to
  //eettcc//sshhaaddooww.  Also, you may need to copy llooggiinn..ddeeffss to //eettcc.


  _Q_: In the section on xlock, it said to change the group ownership of
  the //eettcc//sshhaaddooww file to sshhaaddooww.  I don't have a sshhaaddooww group, what do
  I do?

  _A_: You can add one.  Simply edit the //eettcc//ggrroouupp file, and insert a
  line for the shadow group.  You need to ensure that the group number
  is not used by another group, and you need to insert it before the
  nnooggrroouupp entry.  Or you can simply suid xxlloocckk to root.


  _Q_: Is there a mailing list for the Linux Shadow Password Suite?

  _A_: Yes, but it's for the development and beta testing of the next
  Shadow Suite for Linux.  You can get added to the list by mailing to:
  sshhaaddooww--lliisstt--rreeqquueesstt@@nneeppttuunnee..cciinn..nneett with a subject of: ssuubbssccrriibbee.  The
  list is actually for discussions of the Linux sshhaaddooww--YYYYMMMMSSSS series of
  releases.  You should join if you want to get involved in further
  development or if you install the Suite on your system and want to get
  information on newer releases.


  _Q_: I installed the _S_h_a_d_o_w _S_u_i_t_e, but when I use the uusseerrddeell command, I
  get "userdel: cannot open shadow group file", what did I do wrong?

  _A_: You compiled the _S_h_a_d_o_w _S_u_i_t_e with the SSHHAADDOOWWGGRRPP option enabled,
  but you don't have an //eettcc//ggsshhaaddooww file.  You need to either edit the
  ccoonnffiigg..hh file and recompile, or create an //eettcc//ggrroouupp file.  See the
  section on shadow groups.


  _Q_: I installed the _S_h_a_d_o_w _S_u_i_t_e but now I'm getting encoded passwords
  back in my //eettcc//ppaasssswwdd file, what's wrong?

  _A_: You either enabled the AAUUTTOOSSHHAADDOOWW option in the Shadow ccoonnffiigg..hh
  file, or your lliibbcc was compiled with the SSAAHHDDOOWW__CCOOMMPPAATT option.  You
  need to determine which is the problem, and recompile.


  1100..  CCooppyyrriigghhtt MMeessssaaggee..

  The Linux Shadow Password HOWTO is Copyright (c) 1996 Michael H.
  Jackson.

  Permission is granted to make and distribute verbatim copies of this
  document provided the copyright notice and this permission notice are
  preserved on all copies.

  Permission is granted to copy and distribute modified versions of this
  document under the conditions for verbatim copies above, provided a
  notice clearly stating that the document is a modified version is also
  included in the modified document.

  Permission is granted to copy and distribute translations of this
  document into another language, under the conditions specified above
  for modified versions.

  Permission is granted to convert this document into another media
  under the conditions specified above for modified versions provided
  the requirement to acknowledge the source document is fulfilled by
  inclusion of an obvious reference to the source document in the new
  media. Where there is any doubt as to what defines 'obvious' the
  copyright owner reserves the right to decide.


  1111..  MMiisscceellllaanneeoouuss aanndd AAcckknnoowwlleeddggmmeennttss..

  The code examples for aauutthh..cc are taken from pppd-1.2.1d and
  ppp-2.1.0e, Copyright (c) 1993 and The Australian National University
  and Copyright (c) 1989 Carnegie Mellon University.

  Thanks to Marek Michalkiewicz <marekm@i17linuxb.ists.pwr.wroc.pl> for
  writing and maintaining the _S_h_a_d_o_w _S_u_i_t_e for Linux, and for his review
  and comments on this document.

  Thanks to Ron Tidd <rtidd@tscnet.com> for his helpful review and
  testing.

  Thanks to everyone who has sent me feedback to help improve this
  document.

  Please, if you have any comments or suggestions then mail them to me.

  regards

  Michael H. Jackson <mhjack@tscnet.com>



































