From: Todd C. Miller Date: Sat, 15 Dec 2001 15:29:57 +0000 (+0000) Subject: Add notes on shadow passwords X-Git-Tag: SUDO_1_6_4~67 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=8dd7527bd14aed7d9936baed28f7a8058e6939b5;p=sudo Add notes on shadow passwords --- diff --git a/PORTING b/PORTING index e69dd7560..861e0c03e 100644 --- a/PORTING +++ b/PORTING @@ -5,7 +5,10 @@ Before trying to port sudo to a new architecture, please join the sudo-workers mailing list (see the README file) and ask if anyone has a port working or in-progress. Sudo should be fairly easy to port. Since it uses a configure script, most of the work is often -done for you. +done for you. As long as your operating system is reasonably POSIX +compliant porting should be easy. If your operating system has a +separate library for POSIX compatibility you may need to add it by +using configure's --with-libraries option. If your OS is an SVR4 derivative (or some approximation thereof), it may be sufficient to tell configure you are runnng SVR4, something like: @@ -35,7 +38,28 @@ at the Password: prompt). It is possible that your C library contains a broken or unusable crypt() function--try linking with -lcrypt if that exists. Another possibility is that select() is not fully functional; running configure with --with-password-timeout=0 -will disable the use of select(). +will disable the use of select(). If sudo prompts you for a +password but never accepts it, see below. + +Sudo detects and recognizes most common shadow password schemes +automatically. If you find that sudo is not accepting your password +and you are sure that it has been typed in correctly there are two +likely problems. One possibility is that your C library has a +broken crypt() function (see above). The other is that your operating +system is using shadow passwords and sudo has not detected that +fact. Look in config.h to see what, if any, shadow password scheme +was detected. The most common are SVR4 (HAVE_GETSPNAM will be +defined) and SecureWare (HAVE_GETPRPWNAM will be defined). Check +the manual pages on your system for "getspnam" and "getprpwnam". +If one of those exist but the appropriate define does not exist in +config.h then the problem is most likely that those routines live +in a library that sudo does not know to link against. The manual +page should tell you what library this is. You can then use the +--with-libraries option to configure to tell sudo to link with the +library in question. For example: + --with-libraries='-lgen' +would cause sudo to link in libgen which contains "getspnam" on SCO +systems. If you are trying to port to a system without standard Berkeley networking you may find that interfaces.c will not compile. This