mirror of
https://github.com/sheumann/hush.git
synced 2024-12-22 14:30:31 +00:00
184 lines
5.1 KiB
Plaintext
184 lines
5.1 KiB
Plaintext
#
|
|
# For a description of the syntax of this configuration file,
|
|
# see scripts/kbuild/config-language.txt.
|
|
#
|
|
|
|
menu "Login/Password Management Utilities"
|
|
|
|
config FEATURE_SHADOWPASSWDS
|
|
bool "Support for shadow passwords"
|
|
default n
|
|
help
|
|
Build support for shadow password in /etc/shadow. This file is only
|
|
readable by root and thus the encrypted passwords are no longer
|
|
publicly readable.
|
|
|
|
config USE_BB_SHADOW
|
|
bool " Use busybox shadow password functions"
|
|
default y
|
|
depends on USE_BB_PWD_GRP && FEATURE_SHADOWPASSWDS
|
|
help
|
|
If you leave this disabled, busybox will use the system's shadow
|
|
password handling functions. And if you are using the GNU C library
|
|
(glibc), you will then need to install the /etc/nsswitch.conf
|
|
configuration file and the required /lib/libnss_* libraries in
|
|
order for the shadow password functions to work. This generally
|
|
makes your embedded system quite a bit larger.
|
|
|
|
Enabling this option will cause busybox to directly access the
|
|
system's /etc/shadow file when handling shadow passwords. This
|
|
makes your system smaller and I will get fewer emails asking about
|
|
how glibc NSS works). When this option is enabled, you will not be
|
|
able to use PAM to access shadow passwords from remote LDAP
|
|
password servers and whatnot.
|
|
|
|
config USE_BB_PWD_GRP
|
|
bool "Use internal password and group functions rather than system functions"
|
|
default n
|
|
help
|
|
If you leave this disabled, busybox will use the system's password
|
|
and group functions. And if you are using the GNU C library
|
|
(glibc), you will then need to install the /etc/nsswitch.conf
|
|
configuration file and the required /lib/libnss_* libraries in
|
|
order for the password and group functions to work. This generally
|
|
makes your embedded system quite a bit larger.
|
|
|
|
Enabling this option will cause busybox to directly access the
|
|
system's /etc/password, /etc/group files (and your system will be
|
|
smaller, and I will get fewer emails asking about how glibc NSS
|
|
works). When this option is enabled, you will not be able to use
|
|
PAM to access remote LDAP password servers and whatnot. And if you
|
|
want hostname resolution to work with glibc, you still need the
|
|
/lib/libnss_* libraries.
|
|
|
|
If you enable this option, it will add about 1.5k to busybox.
|
|
|
|
config ADDGROUP
|
|
bool "addgroup"
|
|
default n
|
|
help
|
|
Utility for creating a new group account.
|
|
|
|
config DELGROUP
|
|
bool "delgroup"
|
|
default n
|
|
help
|
|
Utility for deleting a group account.
|
|
|
|
config ADDUSER
|
|
bool "adduser"
|
|
default n
|
|
help
|
|
Utility for creating a new user account.
|
|
|
|
config DELUSER
|
|
bool "deluser"
|
|
default n
|
|
help
|
|
Utility for deleting a user account.
|
|
|
|
config GETTY
|
|
bool "getty"
|
|
default n
|
|
select FEATURE_SYSLOG
|
|
help
|
|
getty lets you log in on a tty, it is normally invoked by init.
|
|
|
|
config FEATURE_UTMP
|
|
bool "Support utmp file"
|
|
depends on GETTY || LOGIN || SU || WHO
|
|
default n
|
|
help
|
|
The file /var/run/utmp is used to track who is currently logged in.
|
|
|
|
config FEATURE_WTMP
|
|
bool "Support wtmp file"
|
|
depends on GETTY || LOGIN || SU || LAST
|
|
default n
|
|
select FEATURE_UTMP
|
|
help
|
|
The file /var/run/wtmp is used to track when user's have logged into
|
|
and logged out of the system.
|
|
|
|
config LOGIN
|
|
bool "login"
|
|
default n
|
|
select FEATURE_SUID
|
|
select FEATURE_SYSLOG
|
|
help
|
|
login is used when signing onto a system.
|
|
|
|
Note that Busybox binary must be setuid root for this applet to
|
|
work properly.
|
|
|
|
config LOGIN_SCRIPTS
|
|
bool "Support for login scripts"
|
|
depends on LOGIN
|
|
default n
|
|
help
|
|
Enable this if you want login to execute $LOGIN_PRE_SUID_SCRIPT
|
|
just prior to swithching from root to logged-in user.
|
|
|
|
config FEATURE_SECURETTY
|
|
bool "Support for /etc/securetty"
|
|
default y
|
|
depends on LOGIN
|
|
help
|
|
The file /etc/securetty is used by (some versions of) login(1).
|
|
The file contains the device names of tty lines (one per line,
|
|
without leading /dev/) on which root is allowed to login.
|
|
|
|
config PASSWD
|
|
bool "passwd"
|
|
default n
|
|
select FEATURE_SUID
|
|
select FEATURE_SYSLOG
|
|
help
|
|
passwd changes passwords for user and group accounts. A normal user
|
|
may only change the password for his/her own account, the super user
|
|
may change the password for any account. The administrator of a group
|
|
may change the password for the group.
|
|
|
|
Note that Busybox binary must be setuid root for this applet to
|
|
work properly.
|
|
|
|
config SU
|
|
bool "su"
|
|
default n
|
|
select FEATURE_SUID
|
|
select FEATURE_SYSLOG
|
|
help
|
|
su is used to become another user during a login session.
|
|
Invoked without a username, su defaults to becoming the super user.
|
|
|
|
Note that Busybox binary must be setuid root for this applet to
|
|
work properly.
|
|
|
|
config SU_SYSLOG
|
|
bool "Support for syslog in su"
|
|
default y
|
|
depends on SU
|
|
help
|
|
Enables support for syslog in su.
|
|
|
|
config SULOGIN
|
|
bool "sulogin"
|
|
default n
|
|
select FEATURE_SYSLOG
|
|
help
|
|
sulogin is invoked when the system goes into single user
|
|
mode (this is done through an entry in inittab).
|
|
|
|
config VLOCK
|
|
bool "vlock"
|
|
default n
|
|
select FEATURE_SUID
|
|
help
|
|
Build the "vlock" applet which allows you to lock (virtual) terminals.
|
|
|
|
Note that Busybox binary must be setuid root for this applet to
|
|
work properly.
|
|
|
|
endmenu
|
|
|