  Linux Shadow Password HOWTO
  Michael H. Jackson, mhjack@tscnet.com
  v1.3, 1996N43
  P, fujiwara@linux.or.jp

  ̕ Linux ̃pX[h shadow  Shadow Suit ̓AC
  Xg[yѐݒ̕@ɂĐ̂łB܂A[ŨpX[
  hF؂s\tgEFAf[()CXg[ɂĂ
  B̃vO Shadow Suit ̈ꕔł͂܂񂪁AShadow
  Suit T|[g邽߂ɂ͍ăRpCKv܂B܂A
  ɂ shadow pX[hT|[gvO̗Ă
  B̉ł͂悭鎿ւ̉񓚂ɉłB
  ______________________________________________________________________

  ڎ

  1. ͂߂
     1.1 ȑO̔ł̕ύX_
     1.2 ̍̕ŐVłɂ
     1.3 tB[hobN

  2. shadow pX[hgׂR
     2.1 shadow pX[hgȂقǂꍇ
     2.2 /etc/passwd t@C̃tH[}bg
     2.3 shadow t@C̃tH[}bg
     2.4 crypt(3) ̊Tv

  3. Shadow Suite ̓
     3.1 Linux p Shadow Suite ̗j
     3.2 Shadow Suite ̓
     3.3 Shadow Suite ɂ͉܂܂Ă邩

  4. vÕRpC
     4.1 A[JCu̓WJ
     4.2 config.h ɂݒ
     4.3 ̃vÕobNAbv̍쐬
     4.4 Make ̎s

  5. CXg[
     5.1 VXejɔẴu[gfBXN쐬
     5.2 dIC}jA̍폜
     5.3 make install ̎s
     5.4 pwconv ̎s
     5.5 npasswd  nshadow ̃l[

  6. AbvO[h邩pb`𓖂ĂKvvO
     6.1 Slackware adduser program
     6.2 wu_ftpd T[o
     6.3 W ftpd
     6.4 pop3d (Post Office Protocol 3)
     6.5 xlock
     6.6 xdm
     6.7 sudo
     6.8 imapd (E-Mail [pine pbP[W])
     6.9 pppd (PPP vgRT[o)

  7. Shadow Suite gĂ݂
     7.1 [U̒ǉAύXA폜
        7.1.1 useradd
        7.1.2 usermod
        7.1.3 userdel
     7.2 passwd R}hƃpX[h̊ݒ
     7.3 login.defs t@C
     7.4 O[ṽpX[h
     7.5 ѐ`FbNvO
        7.5.1 pwck
        7.5.2 grpck
     7.6 _CAAbvEpX[h

  8. CvO Shadow Suite ɑΉ@
     8.1 wb_t@C
     8.2 libshadow.a Cu
     8.3 Shadow \
     8.4 Shadow T|[ĝ߂̊֐
     8.5 

  9. 悭鎿(Frequently Asked Questions).
  10. Copyright Message(쌠\)
  11. ̑ / ӎ
  12. ҂

  ______________________________________________________________________

  1.  ͂߂

  ̕ Linux Shadow-Password-HOWTO łB̕ Linux VXe
  ɂȂ shadow pX[h𓱓̂A܂ǂ̂悤ɓ̂
  ܂BShadow Suite ̋@\̗p@ɂĂ̐܂B

  Shadow Suite CXg[鎞A[eBeBgɂ root
  łȂ΂Ȃ܂BShadow Suite CXg[ۂɂ̓VXe
  \tgEFA̕ύXŝŁAŐ悤ɃobNAbv
  ׂłB܂Ƃn߂Oɂ́Aꂩsׂēǂ݁A
  Ăׂł傤B

  1.1.  ȑO̔ł̕ύX_

  ǉ:
          shadow pX[hCXg[Ȃق悢ꍇɂĂ̐߂ǉ
          xdm ̍XVɂĂ̐߂ǉ
          Shadwo Sutie ̓̂ɂĂ̏͂ǉ
          悭鎿ɂĂ̏͂ǉ

  /XV:
          Sunsite  html ւ̎QƂ
          wu-ftp ̏͂ Makefile  -lshadow  Makefile ɉ悤
          뎚E̒
          wu-ftp ̏͂ ELF T|[g悤ύX
          vO'login'łZLeB̖XV
          Marek Michalkiewicz ɂ Linux Shadow Suite 𐄏悤XV

  1.2.  ̍̕ŐVłɂ

  ̍̕ŐVł͈ȉ̃TCg anonymous FTP œł܂:
  sunsite.unc.edu

  /pub/Linux/docs/HOWTO/Shadow-Password-HOWTO

  邢:

  /pub/Linux/docs/HOWTO/other-formats/Shadow-Password-HOWTO{-html.tar,ps,dvi}.gz

  邢́AWWW 𗘗pāA Linux Documentation Project Web Server
  <http://sunsite.unc.edu/mdw/linux.html>  Shadow-Password-HOWTO
  <http://sunsite.unc.edu/linux/HOWTO/Shadow-Password-HOWTO.html> ̃y[
  W肷邱Ƃł܂B

  ܂AM(<mhjack@tscnet.com>) 璼ړ肷邱Ƃł܂A
  comp.os.linux.answers j[XO[vɂe܂B

  ݂͌̕ Shadow-YYDDMM pbP[Wɂ܂܂悤ɂȂ܂
  B

  : {̍ŐVłɂĂ WWWpłȂ JF-INDEX
  <http://jf.linux.or.jp/JF/JF-ftp/other-formats/INDEX-JF.html> A
  ftp płȂ jf.linux.or.jp /Linux/JF/fBNgȂǂ
  ł܂B
  1.3.  tB[hobN

  RgAĂȂǂ͕M(Michael H. Jackson <mhjack@tscnet.com>)
  ɑĉBtB[hobN𓾂΁Aꂾ̕
  Ƃł܂B܂lbgj[X͌ĂȂ̂ŁAs
  ꍇɂ͒ڃ[𑗂ĉB

  2.  shadow pX[hgׂR

  ݂͂قƂǂ Linux ̃pbP[Wł Shadow Suite ͕Wł̓CX
  g[܂BSlackware 2.3, Slackware 3.0 ⑼̃|s[ȃpb
  P[WłȂĂ܂B̗R̈̓IWi Shadow Suite 
  쌠\́AzzłȂꍇɂĕsmłBLinux  CD-
  ROM ̂悤Ȕzzɕ֗ȃfBAփpbP[WAɑ΂V
  邱Ƃs₷ GNU Copyright (Copyleft Ƃ܂)̗p
  Ă܂B

  Shadow SuiteeiXĂ, Marek Michalkiewicz
  <marekm@i17linuxb.ists.pwr.wroc.pl> ͌̍҂AĔzẑł
  BSD X^C̒쌠̂ƂɃ\[XR[h󂯎Ă܂B݂͒
  ̖͉Ă̂ŁA͕W Linux ̃pbP[W Shadow
  Suite ܂܂邱ƂɂȂł傤B܂ł́A[UgŃC
  Xg[Ȃ΂Ȃ܂B

  pbP[W CD-ROM CXg[ꍇɂ́ApbP[Ŵ
  Shadow Suite CXg[ȂĂAShadow Suite ̃CXg[ɕK
  vȃt@C CD-ROM Ɋ܂܂Ă邱Ƃ܂B

  Ao[W3.3.1, 3.3.1-2 Shadow Suite  shadow-mk ł
  login vOroot  suid ꂽvOŃZLeB̖
  N܂BłAgĂ͂܂B

  Kvȃt@C anonymous FTP  WWW 𗘗pē肷邱Ƃł
  B

  Shadow Suite CXg[ĂȂ Linux VXeł̓pX[h
  ܂߂[U /etc/passwd t@CɋL^Ă܂BA
  pX[h͈ÍꂽԂŋL^Ă܂BAÍ̐Ƃ
  킹Ƃ͈Í(encrypt)ł͂ȂGR[h(encode)ɉ߂Ȃ
  łBcrypt(3) pꍇ̕񂪋ł΃pX[h̓L[
  ȂĂ܂łB̗RAȍ~̕ł'Í'ł͂
   'GR[h'̌p܂B

  ŃpX[hGR[h邽߂ɗpASÝAZpI
  ɂ͒P̃nbV֐ƌ̂łB́Aɂ͌vZ
  ₷ǁA̋ťvZ͔ɓƂASYłB
  ۂ̃ASYɂĂ̂ڂ 2.4߂ crypt(3) ̃}jA
  QƂĉB

  [UpX[h߂ꍇÃpX[h̓_Ɍ߂
   salt ƌĂ΂lpăGR[h܂B邱Ƃň̕
  񂪃GR[hꂽʂƂĎ肤錋ʂ 4096 ʂɂȂ
  Bsalt ̒l̓GR[hꂽpX[hƈꏏɋL^܂B

  [UOCɃpX[h͂ƁA܂ salt GR[h
  ĂpX[ho܂BāA͂ꂽpX[h
  salt păGR[hĂ̌ʂGR[hꂽƔr
  Bꂪvꍇɐ[UƂĔF؂܂B

  _ɃGR[hꂽpX[h肵ÃpX[h𕜌
  Ƃ͌vZ̓_獢ł(s\ł͂Ȃ)BAȏ̐lg
  VXeł͏Ȃ炸̃pX[h͂ӂꂽP(邢͂ӂꂽ
  Pς̂)ɂȂĂ܂B

  NbJ[͂̂悤Ȏ悭mĂ̂ 4096 SĂ salt p
  Ď̒PƂ悭gꂻȃpX[h炩߃GR[hĂ
  ܂BāA/etc/passwd ɏĂGR[hpX[h
  ̌ʂƔr܂Bňv̂΁ANbJ[͑l
  pX[hjƂɂȂ킯łB́uUvƌĂ΂
  ŁAK̔F؂󂯂ɃVXeɃANZX邽߂̏퓅iłB

   8 ȂpX[h A13 琬 4096 ʂ̕
  ǂꂩɃGR[h܂BāA{ŗLƂɊȒP
  ω̂W߂č400,000 x̎ 4GB ̃n[hfB
  XNɏ\܂邭炢̑傫łBNbJ[͂\[gĂ
  A /etc/passwd ̕ƈv邩ǂ𒲂ׂ邾ł悢̂
  B4GB ̃n[hfBXN 1,000 hȉŔ邭炢łA
  ̃NbJ[͎ĂƍlׂłB

  ܂ANbJ[ŏɂȂ /etc/passwd t@Cɓꂽꍇ
  ɂ̓NbJ[͂̃t@CɊ܂܂ĂsaltgĎGR[h
  Ă䂯΂悢ɂȂĂ܂܂BfBXNSKoCg486N
  XCPU}V΁A̒x̂Ƃ͎qłłĂ܂
  B

  ʂ̃fBXNȂĂ crack(1) ̂悤ȃ[eBeBp΁A
  xȏ̐̃[UVXȅȂƂ̓pX[hj
  Ƃł܂B([U͎ŊẽpX[h߂̂Ƃ܂B)

  /etc/passwd t@Cɂ͑̃VXevOg[U ID O
  [vID ̂悤ȏ񂪏Ă܂B]āÃt@C͐E
  ANZXłȂ΂Ȃ܂BႦ΁A /etc/passwd t@CN
  ǂ߂Ȃ悤ɂĂ܂Aċ͂߂ɂȂł傤B

  Shadow Suite ̓pX[hʂ̏ꏊɈڂƂł̖܂(
   /etc/shadow)B̃t@C͒Nǂ߂Ȃ悤ɐݒ肳܂Broot
   /etc/shadow t@Cǂݏł܂B̃vO
  (xlock Ȃ) /etc/shadow ύX͂łȂĂłApX[
  h̊mF͍sKv܂B̂悤ȃvO root  SUID 
  Ashadow O[vɑKv܂BpX[hmF邽߂
   root  SUID ́Ashadow  SGID ǂlƌ
  B

  pX[h /etc/shadow Ɉړ邱ƂɂāANbJ[G
  R[hꂽpX[hɃANZXĎUɗp邱Ƃh܂B

  āAShadow Suite ͈ȉ̂悤ȓĂ܂:

  o  OC̃ftHgݒ肷RtBO[Vt@C
     (/etc/login.defs)

  o  [UAJEgO[vǉACA폜邽߂̃[eB
     eB
  o  ÂpX[h̃`FbNݒ

  o  AJEg̊ݒƃbLO

  o  {pX[h (16̃pX[h) [܂]

  o  [ŨpX[h𐧌䂵₷

  o  _CAAbvEpX[h

  o  2F؃vO [܂]

  Shadow Suit CXg[邱ƂŃVXẽZLeB邱
  Ƃł܂ALinux VXẽZLeB苭邽߂ɂ́A
  ɂׂƂ͐܂BZLeB̕@ƃZLeB
  Ɋ֌Wbɂĉ Linux Security HOWTO V[Ŷ
  ł邱Ƃł傤B

  m̃ZLeBz[ɂĂ̌xȂǁA Linux ̃ZLeBɂ
  Ă̍ŐV̏𓾂邽߂ɂLinux Security z[y[W
  <http://bach.cis.temple.edu/linux/linux-security/> QƂĉB

  2.1.  shadow pX[hgȂقǂꍇ

  Shadow SuiteCXg[邱ƂȂ炸ǂƂł͂Ȃ
  VXe\܂B

  o  VXeɃ[UAJEgȂꍇB

  o  Rs[^ LAN ɌqĂāA[UpX[h NIS
     (Network Information Services) oRŃlbg[N̑̃}V
     ĂꍇB(͖{͈̔͂OĂ_ƁA܂ZL
     eB͖]߂Ȃ̂Ő܂)

  o  VXe NFS (Network File System) NIS Ȃǂpă[UF؂
     邽߂Ƀ^[~iT[oɂėpꍇ

  o  [UF؂͂邪Ashadow pX[hɑΉĂ炸A\[XR[h
     \tgEFAgȂ΂ȂȂꍇ

  2.2.  /etc/passwd t@C̃tH[}bg

  shadow ĂȂ /etc/passwd t@C͈ȉ̂悤ȃtH[}bg
  ȂĂ܂:

       username:passwd:UID:GID:full_name:directory:shell

  ŁA

     username
        [ŨOCl[

     passwd
        GR[hꂽpX[h

     UID
        [U ID (l)

     GID
        ftHg̃O[v ID (l)

     full_name
        [U̖{Bۂɂ͂̃tB[h GECOS (General Electric
        Comprehensive Operating System) tB[hƌĂ΂A[U̖{
        ȊȌێł܂BShadow Suite ̃R}hуIC
        }jAł̓RgtB[hƂċLqĂ܂B

     directory
        [Ũz[fBNg

     shell
        [ŨOCVF(΃pXLq)

  ႦΎ̂悤ɂȂ܂:

       username:Npge08pfz4wuk:503:100:Full Name:/home/username:/bin/sh

  ŁA2tB[h Np  salt ŁAge08pfz4wuk ̓GR[hꂽ
  pX[hłBpX[hłAsalt/pX[h̑gݍ킹 kbe-
  MVnZM0oL7I ̂悤ɂȂꍇ܂B̃pX[hɊւăG
  R[h꓾\ 4096ʂłB(̗ŗp 'password' Ƃ
  pX[h͔j₷_ɂĔɈpX[hłB)

  Shadow suite CXg[ƁA/etc/passwd t@C͈ȉ̂悤
  ɂȂ܂:

       username:x:503:100:FullName:/home/username:/bin/sh

  ̏ꍇ2Ԗڂ̃tB[h 'x' ͒Pɏꏊ𖄂߂Ă邾łBG
  R[hꂽpX[h͊܂܂ȂȂ܂A /etc/passwd t@C
  tH[}bĝ͕ς܂B]āA /etc/passwd t@Cǂނ
  ǃpX[hF؂͍sȂvO͈ȑO̒ʂɓ삵܂B

  pX[h shadow t@C(ʏ /etc/shadow) Ɉڂ܂B

  2.3.  shadow t@C̃tH[}bg

  /etc/shadowt@Cɂ͈ȉ̂悤ȏ񂪋LqĂ܂:

       username:passwd:last:may:must:warn:expire:disable:reserved

  e͈ȉ̂悤ȈӖ܂:

     username
        [U

     passwd
        GR[hꂽpX[h

     last
        1970N11ApX[hŌɍXVꂽ܂ł̓

     may
        OɃpX[hύXꂽƎv邩

     must
        pX[hύXȂ΂ȂȂ

     warn
        pX[h̊؂̉OɃ[UɌx邩

     expire
        pX[h؂̉ɃAJEg𖕏邩

     disable
        1970N11AAJEgꂽ܂ł̓

     reserved
        \tB[h

  قǂƓł /etc/shadow ͂̂悤ɂȂ܂:

       username:Npge08pfz4wuk:9479:0:10000::::

  2.4.  crypt(3) ̊Tv

  crypt(3) ̃IC}jA:

  "crypt̓pX[ḧÍ֐łB Data Encryption Standard
  (DES) ̃ASYɁAɃL[̃n[hEFAɂ邱
  ƂɈӐ}ω̂ɊÂĂB

  L[̓[U̓͂pX[hłB [GR[hꂽ͂
  NULLłB]

  salt  [a-zA-Z0-9./] ̒2I񂾕łB̕
  ASY̒4096ʂ̈قȂ錋ʂKɑIяo߂ɗp
  B

  L[̊ẻ7rbgoƂ 56rbg̃L[B
  56rbg̃L[͒萔(ʏ͑S0̕܂)JԂÍ
  邽߂ɗpB߂l͈ÍꂽpX[hւ̃|C^ł
  ÃpX[h13 ASCII ł(ŏ2salt̂
  ̂ł)B߂l̃|C^ẅ͌ĂяoƂɏ㏑ÓI
  ȃf[^łB

  x:L[Ԃ 256(=7.2e16)̒l邱ƂłB̃L[
  ͑ʂ̕vZ@pΑST邱Ƃ\łB܂Acrack(1)
  ̂悤ȃ\tgEFA͐lԂpX[hɗpȒPꂪL[Ԃ
  ԂɍiČsB]āApX[h̑Ił͂ӂꂽP
  ▼O̎gpׂ͔łBpX[h߂ۂɂ͔j₷p
  X[h̃`FbNs passwd(1) vO𗘗pƗǂ낤B

  DES ASŶɂ͕Ȃ̂ŁAcrypt(3)̃C^tF[X̓pX
  [hF؂̑Ɏgׂł͂ȂBcrypt(3)̃C^tF[XÍ̂
  ̂ɊւvWFNgɗpĂ͂ȂȂB̂悤ȏꍇɂ́AÍ
  ɂďĂǂ{ƍLp邱Ƃł DES Cu
  肷ׂłB"

  قƂǂ Shadow Suites pbP[Wɂ̓pX[h16ɔ{
  R[h܂܂Ă܂BDES̐Ƃ͂𐄏Ă܂Bp
  X[h̒{łAŏɍGR[hāAɉEG
  R[hĂ邾łBcrypt̓̂߂łAn߂
  {pX[hgĂȂꍇƔׂĂAƎȃpX[h
  Ă܂܂B܂A[U16 ̃pX[hoĂ炤
  Ƃ͍łƂR܂B

  cryptɑ̂ŁASŒpX[hT|[g( MD5 A
  SY)AcryptƂ̌݊ێĂ悤ȔF؃ASY
  J悤ƂĂvWFNg܂B

  Aǎ҂ÍɂĂ̗ǂ{TĂȂAM҂͈ȉ̖{
  EĂ܂:

          "Applied Cryptography: Protocols, Algorithms, and Source Code in C"
          by Bruce Schneier <schneier@chinet.com>
          ISBN: 0-471-59756-2

  3.  Shadow Suite ̓

  3.1.  Linux p Shadow Suite ̗j

  ZLeB̖肪̂ŁA̐߂ŏqׂÂpbP[WgĂ
  ܂B

  IWi Shadow Suite  John F. Haugh IIɂč쐬܂
  B

  Linux VXeŗpĂo[W͂܂:

  o  shadow-3.3.1 ̓IWiłB

  o  shadow-3.3.1-2  Florian La Roche <flla@stud.uni-sb.de> ɂ
     ꂽ Linux p̃pb`ŁAƎ̊gĂ܂B

  o  shadow-mk Linux p̃pbP[WłB

  shadow-mkpbP[W John F. Haugh II zzĂ shadow-3.3.1
  pbP[W shadow-3.3.1-2 ւ̃pb`A Mohan Kokal
  <magnus@texas.net> ɂĂȂꂽCXg[ȒPɂ邽߂̏C
  AJoseph R.M. Zbiciak ɂ /bin/login  -f, -h ̃IvV
  ɂẴZLeBz[ǂ߂ login1.c (login.secure)
  ɑ΂pb`yт̑̕ύX̂łB

  shadow.mkpbP[W ȑO͐Ă܂A loginvÕZ
  LeB̖肪̂Ŏgׂł͂Ȃł傤B

  o[W 3.3.1, 3.3.1-2  Shadow  shadow-mk łloginvO
  ZLeB̖肪܂Blogin ̃oO̓OC̒
  `FbNȂƂ̂łBɂobt@I[o[t[ăv
  Oُ퓮삵Ă܂܂BVXeɃAJEgĂl
  Ԃ́ÃoOƋLCug root ̌ɓ邱Ƃ
  Ƃ\܂B͂ɂďڂb͂
  Be Linux VXe͑ǁAShadow Suites
  CXg[ Linux VXe⏉o[W ELF ŃpbP[W
  VXeShadow SuitesCXg[ĂȂ̂͊댯ɂ炳
  łB

  ̘bȂ Linux ̃ZLeBɂĂ̏𓾂邽߂
  ́A Linux Security z[y[W (LCuloginvO ̐
  㐫) <http://bach.cis.temple.edu/linux/linux-security/Linux-Security-
  FAQ/Linux-telnetd.html> Ƃ悢ł傤B

  3.2.  Shadow Suite ̓

  ݐB Shadow Suite ͂܂o[WłAŐV̂
  ͍Ăł͈SłA댯 loginvO܂ł܂
  B

  pbP[W͈ȉ̖Ot̋KgĂ܂:

       shadow-YYMMDD.tar.gz

  ́AShadow Suite  YYNMMDD Jłł邱ƂӖ܂B

  ̃o[W͌݃eXgłA₪ăo[W 3.3.3 ɂȂ
  傤BMarek Michalkiewicz <marekm@i17linuxb.ists.pwr.wroc.pl> 
  ɂăeiXĂA shadow-current.tar.gz
  <ftp://i17linuxb.ists.pwr.wroc.pl/pub/linux/shadow/shadow-
  current.tar.gz> \łB

  ܂Aȉ̃~[TCg܂:

  o  ftp://ftp.icm.edu.pl/pub/Linux/shadow/shadow-current.tar.gz

  o  ftp://iguana.hut.fi/pub/linux/shadow/shadow-current.tar.gz

  o  ftp://ftp.cin.net/usr/ggallag/shadow/shadow-current.tar.gz

  o  ftp://ftp.netural.com/pub/linux/shadow/shadow-current.tar.gz

  ݗpłŐVł𗘗p܂傤B

  shadow-960129Âo[Ŵ̂͐qׂ悤 loginvO
  ɖ肪̂ŎgĂ͂܂B

  ̕ Shadow Suite Ə́ÃpbP[WɂċLqĂ
  ̂Ƃ܂B܂AȂgpbP[Wł̂Ɖ肵
  B

  Ql̂߂ɁAshadow-960129 ɊÂăCXg[̎菇쐬܂
  B

  Ȃshadow-mkgĂȂ΁Aׂčč\zẴo[
  WɃAbvO[hׂł傤B

  3.3.  Shadow Suite ɂ͉܂܂Ă邩

  Shadow Suite͈ȉ̃R}hu܂:

  su, login, passwd, newgrp, chfn, chsh, and id

  ܂ApbP[Wɂ͈ȉ̐VvO܂܂Ă܂:

  chage, newusers, dpasswd, gpasswd, useradd, userdel, usermod,
  groupadd, groupdel, groupmod, groups, pwck, grpck, lastlog, pwconv,
  and pwunconv

  āApX[hɃANZXKvvO邽߂̃Cu
   libshadow.a ܂܂Ă܂B

  āAvÕIC}jA܂܂Ă܂B

  /etc/login.defs ƂăCXg[Alogin vO̐ݒt@C
  ܂܂Ă܂B

  4.  vÕRpC

  4.1.  A[JCu̓WJ

  pbP[W肵̍ŏ̍Ƃ͂WJ邱ƂłBpbP[W
   tar (Tape ARchive) ł܂Ƃ߂ gzip ňkĂ̂ŁA܂pb
  P[W /usr/src ɈړĂ玟̂悤ɓ͂ĉ:

       tar -xzvf shadow-current.tar.gz

  ̑ŃpbP[W /usr/src/shadow-YYMMDD ƂfBNgɓWJ
  ܂B

  4.2.  config.h ɂݒ

  ܂ŏɍsȂƂMakefileconfig.h2㏑Rs[邱Ƃ
  :
       cd /usr/src/shadow-YYMMDD
       cp Makefile.linux Makefile
       cp config.h.linux config.h

  ܂ config.h t@CĂB̃t@Cɂ͐ݒIvV
  `Ă܂BAȂĂpbP[WpĂ
  ꍇɂ́A܂O[vshadowT|[g܂ɂ܂傤B

  Wł̓O[ṽpX[h͗LɂȂĂ܂B𖳌ɂ邽
  ɂconfig.hҏWA#define SHADOWGRP  #undef SHADOWGRP ɕύX
  BƂ肠͂𖳌ɂĂAƂŖ{ɃO[ṽpX[h
  O[v̊Ǘ҂KvƂȂ Shadow Suite ăRpC
  ł傤BLȂ܂܂ɂĂ̂Ȃ΁A/etc/gshadow t@C
  Ȃ΂Ȃ܂B

  {pX[hLɂ邱Ƃ͑OɏqׂR̂߁A܂B

  #undef AUTOSHADOW ̐ݒ͐΂ɕύXĂ͂܂B

  AUTOSHADOW IvV shadow 𗝉łȂvO@\悤
  ɂ邽߂ɐ݌vꂽ̂łB͗ǂƂ̂悤Ɏv܂A
  Ɠ܂B̃IvVLɂAroot ŃvOs
  ƁA getpwnam() ֐Ăяoꂽꍇɂ͕ύXꂽGg[
  /etc/passwd t@Cɏ߂Ă܂܂B (͂shadow ꂽp
  X[hȂȂĂ܂) chfn  chsh ɊYvO
  Bgetpwnam()ĂяoOɐ^UIDƎUID܂ؑւ邱Ƃŉ
  Ƃ@͎g܂B chfn  chsh  root œ삷邩
  B

  libc ɂ͓Ӗ SHADOW_COMPAT IvV܂A
   libc ۂɂĂ͂܂܂Bgׂł͂܂I

  /etc/passwdt@CɃGR[hꂽpX[h悤Ȃ
  ΖłB

  4.6.27 ȑÕo[WlibcgĂȂA config.hMakefile
  ꂼύXKv܂B config.h ͈ȉ̕:

       #define HAVE_BASENAME

  ̂悤ɕύXĂ:

       #undef HAVE_BASENAME

  Makefile ɂĂlł:

  SOBJS = smain.o env.o entry.o susetup.o shell.o \
          sub.o mail.o motd.o sulog.o age.o tz.o hushed.o

  SSRCS = smain.c env.c entry.c setup.c shell.c \
          pwent.c sub.c mail.c motd.c sulog.c shadow.c age.c pwpack.c rad64.c \
          tz.c hushed.c

       SOBJS = smain.o env.o entry.o susetup.o shell.o \
               sub.o mail.o motd.o sulog.o age.o tz.o hushed.o basename.o

       SSRCS = smain.c env.c entry.c setup.c shell.c \
               pwent.c sub.c mail.c motd.c sulog.c shadow.c age.c pwpack.c rad64.c \
               tz.c hushed.c basename.c

  libc 4.6.27 ȍ~ł͂̕ύXbasename.cɑ΂čsĂ܂B

  4.3.  ̃vÕobNAbv̍쐬

  Shadow Suite uĂ܂vO炩ߊmFĂA
  obNAbvĂ̂͗ǂlłBSlackware 3.0 pbP[Wł
  ȉ̃t@CY܂:

  o  /bin/su

  o  /bin/login

  o  /usr/bin/passwd

  o  /usr/bin/newgrp

  o  /usr/bin/chfn

  o  /usr/bin/chsh

  o  /usr/bin/id

  ŃpbP[Wɂ Makefile save Ƃ^[Qbg܂AR
  gAEgĂ܂BpbP[WقȂ΃vO̒uꏊ
  Ȃ邩łB

  /etc/passwdt@C̃obNAbvĂقǂł
  BpasswdR}hƓfBNgɒuď㏑Ă܂Ȃ悤
  ɁAʂ̖Oɂ܂傤B

  4.4.  Make ̎s

  CXg[Ƃ̂قƂǂrootƂčsKv܂B

  pbP[W̎st@CRpC邽߂ make sĉ:

  make all

  rcsid defined but not used ƂEH[jOo邩܂񂪁A
  č\܂B͍҂o[WǗc[gĂ邽߂
  N̂łB

  5.  CXg[

  5.1.  VXejɔẴu[gfBXN쐬

  ň̎ԂɔāAu[gfBXNĂ܂傤BVXeC
  Xg[̃u[gfBXNƃ[gfBXNΏ\łB
  ɂ́Au[gfBXN̍쐬ɂĂ̐Ă Bootdisk-
  HOWTO <http://sunsite.unc.edu/mdw/HOWTO/Bootdisk-HOWTO.html> QƂ
  ĉB

  5.2.  dIC}jA̍폜

  uÂ}jA͂ǂɈڂĂׂłBobNAbv
  Ȃ Shadow Suite CXg[ꍇłAÂ}jA
  ܂Ȃł傤BÂ}jA͂炭kĂ̂ŁAV
  }jA͂܂㏑ȂłB

  man -aW  locate R}hgĈړ(폜)ׂ}jÄʒu
  ׂ邱Ƃł܂BʓIɂ make install ss
  O̕Â}jȀꏊ̂eՂłB

  Slackware 3.0 pbP[W̏ꍇɂ͍폜ׂ}jA͈ȉ̏ꏊɂ
  ܂:

  o  /usr/man/man1/chfn.1.gz

  o  /usr/man/man1/chsh.1.gz

  o  /usr/man/man1/id.1.gz

  o  /usr/man/man1/login.1.gz

  o  /usr/man/man1/passwd.1.gz

  o  /usr/man/man1/su.1.gz

  o  /usr/man/man5/passwd.5.gz

  /var/man/cat[1-9] ɂÕIC}jA邩mȂ
  ̂ŁA΍폜Kv܂B

  5.3.  make install ̎s

  ȉ̃R}hs܂傤:(rootɂȂĂsĉ)

       make install

  ŁAVvOyђuvOCXg[
  At@C̃p[~bVC܂B܂AIC}jA
  CXg[܂B

  Shadow Suite ̃CN[ht@C ꏊ (/usr/include/shadow)
  ɃCXg[ꂽǂmFĉB

  ŃpbP[WgĂꍇɂ́Alogin.defs蓮 /etcփRs[
  āAroot ǂݏłȂ悤ɂȂ΂Ȃ܂B

       cp login.defs /etc
       chmod 700 /etc/login.defs

  ̃t@CloginvO̐ݒt@CłB̃t@C͂Ȃ
  ̃VXeɍ킹ĕύXĂB̃t@Cł́Aǂ tty 
  root ̃OCȂǃZLeBɊւݒ(pX[h̊
  Ȃ)ł܂B

  5.4.  pwconv ̎s

  ̃Xebv pwconv s邱ƂłBroot ōsȂ
  ΂Ȃ܂B܂A/etc fBNgֈړĂsĉ:

       cd /etc
       /usr/sbin/pwconv

  pwconv  /etc/passwd ̊etB[hoāA /etc/npasswd 
  /etc/nshadow 2̃t@C܂B

  pwunconv ƂR}hAKvȂ /etc/passwd 
  /etc/shadow 畁ʂ /etc/passwd 𐶐邱Ƃł܂B

  5.5.  npasswd  nshadow ̃l[

  pwconv sƂ /etc/npasswd  /etc/nshadow ꂽ͂
  B̃t@Cꂼ /etc/passwd  /etc/shadow ɏ㏑
  B㏑̑Oɂ͌ /etc/passwd ̃obNAbvA
  obNAbv root ȊÕ[U͓ǂ߂Ȃ悤ɂĂ܂傤Bob
  NAbv root ̃z[fBNgɍƗǂł傤:

       cd /etc
       cp passwd ~passwd
       chmod 600 ~passwd
       mv npasswd passwd
       mv nshadow shadow

  ɁAt@C̃I[iƃp[~bVǂmF܂
  B X-Window System gĂȂ΁Axlock  xdm  shadow t@C
  ǂ߂悤ɂȂĂȂ΂Ȃ܂(݂łKv͂
  ܂)B

  ɂ2̕@܂B́Axlock root  SUID @
  B(xdm ͂ɂ root Ƃē삷̂Ŋ֌W܂B) 
   shadow t@C̏L҂rootɁAO[vshadowɂ@
  B̂悤ȐݒɂOɂ́A/etc/group t@CāA shadow O
  [v邩ǂ܂mFĂBshadow O[vɑ
  [U͈lĂ͂܂B

       chown root.root passwd
       chown root.shadow shadow
       chmod 0644 passwd
       chmod 0640 shadow

  łȂ̃VXẽpX[h shadow ܂BŁAV
  z[JăOCł邩ǂmFĂ݂܂傤B

  AĂ݂܂傤I

  ܂Ȃꍇ́AǂŊԈႦĂ܂Bshadow Ă
  Ԃɖ߂߂ɂ͈ȉ̂悤Ȏ葱sĉ:

       cd /etc
       cp ~passwd passwd
       chmod 644 passwd

  ŏɃobNAbṽt@Cꏊɖ߂܂傤B

  6.  AbvO[h邩pb`𓖂ĂKvvO

  Shadow Suite ɂ̓pX[hɃANZXvOقƂǂ̑֕i
  ܂ł܂AقƂǂ̃VXeł͑ɂ̃vOKv
  ƂȂ܂B

  Debian pbP[Wł(łȂꍇł\܂)Aȉ̏ꏊ
  VXe̍č\zɕKvȃvO Debian pbP[Ŵ̃\[X
  邱Ƃł܂B ftp://ftp.debian.org/debian/stable/source/

  ̐߂̎cadduser, wu_ftpd, ftpd, pop3d, xlock, xdm and sudo 
  Shadow Suite T|[gł悤ɂ邽ߍsAbvO[hɂ
  ܂B

  ̃vO shadow T|[gł悤ɂ@ ``CvO
  Shadow Suite ɑΉ@'' ̏͂QƂĉB(ۂ shadow
  t@CɃANZX邽߂ɂ root  SUID 邩 shadow  SGID 
  Kv܂B)

  6.1.  Slackware adduser program

  Slackware pbP[W(炭̃pbP[Wɂ)ɂ /sbin/adduser 
  ΘbIɐV[UǉvO܂܂Ă܂B̃v
  O shadow Ήł ftp://sunsite.unc.edu/pub/Linux/
  system/Admin/accounts/adduser.shadow-1.4.tar.gz ł܂B

  M҂ slackware adduseȓShadow SuiteɊ܂܂ĂvO
  (useradd, usermod, userdel)gƂ߂܂Bg͐VɊo
  Ȃ΂Ȃ܂񂪁Aꂾ̉l͂܂Bׂ䂪ł
  A (adduserł͍sȂ) /etc/passwd  /etc/shadow̃bLO
  Ă邩łB

  ڂ ``Shadow Suite gĂ݂'' ̏͂ĂB

  ł adduser gȂ΁Aȉ̂悤Ȏ菇ŃCXg[
  :

       tar -xzvf adduser.shadow-1.4.tar.gz
       cd adduser
       make clean
       make adduser
       chmod 700 adduser
       cp adduser /sbin

  6.2.  wu_ftpd T[o

  啔 Linux VXeł wu_ftpd T[ogĂ܂BAȂ
  ̎gĂpbP[W Shadow SuiteCXg[ĂȂ
  Awu_ftpd  shadow T|[g悤ɂ͂ȂĂȂł
  Bwu_ftpd  inetd/tcpd root̃vZXƂċN܂BA
  ȂÂ wu_ftpd f[𑖂点ĂȂAo[WグĂ
  BÂo[W root̃AJEgF߂Ă܂oOĂ
  邱ƂŒmĂ邩łB(ڂ Linux security z[y[W
  <http://bach.cis.temple.edu/linux/linux-security/Linux-Security-
  FAQ/Linux-wu.ftpd-2.4-Update.html>) QƂĉB )

  KAshadow Lɂ邽߂ɂ̓\[XR[h肵čăRpC
  邾łB

  ELF VXełȂꍇɂ́Awu_ftpT[o Sunsite  wu-
  ftp-2.4-fixed.tar.gz
  <ftp://sunsite.unc.edu/pub/Linux/system/Network/file-transfer/wu-
  ftpd-2.4-fixed.tar.gz> ̖OŒuĂ̂pł܂B

  t@C肵Ãt@C /usr/src ɒuĂAȉ̂悤
  ȑsĂ:

  cd /usr/src
  tar -xzvf wu-ftpd-2.4-fixed.tar.gz
  cd wu-ftpd-2.4-fixed
  cp ./src/config/config.lnx.shadow ./src/config/config.lnx

   ./src/makefiles/Makefile.lnx t@C̈ȉ̕:

       LIBES    = -lbsd -support

  ̂悤ɕύX܂:

       LIBES    = -lbsd -support -lshadow

  āAst@CXNvg̎syуCXg[s܂:

       cd /usr/src/wu-ftpd-2.4-fixed
       /usr/src/wu-ftp-2.4.fixed/build lnx
       cp /usr/sbin/wu.ftpd /usr/sbin/wu.ftpd.old
       cp ./bin/ftpd /usr/sbin/wu.ftpd

  ́ALinux p shadow ̐ݒt@CgăT[õRpCyуC
  Xg[s܂B

  M҂ Slackware 2.3 VXeł͎st@CXNvgs
  OɈȉ̑sKv܂:

       cd /usr/include/netinet
       ln -s in_systm.h in_system.h
       cd -

  ELF VXeł̓RpC܂ȂƂ񍐂Ă܂A
  ̃[X̃łg΂܂悤łB́Awu-
  ftp-2.4.2-beta-10.tar.gz <ftp://tscnet.com/pub/linux/network/ftp/wu-
  ftpd-2.4.2-beta-10.tar.gz> Ƃēł܂B

  t@C肵A /usr/src ɒuāAȉ̑sĂ
  :

  cd /usr/src
  tar -xzvf wu-ftpd-2.4.2-beta-9.tar.gz
  cd wu-ftpd-beta-9
  cd ./src/config

   config.lnx t@C̈ȉ̕

       #undef SHADOW.PASSWORD

  ̂悤ɕύX܂B

       #define SHADOW.PASSWORD

  ꂩA

       cd ../Makefiles

  sAJgfBNgύXĂ Makefile.lnx t@C

       LIBES = -lsupport -lbsd # -lshadow

  ̂̕悤ɕύX܂B

       LIBES = -lsupport -lbsd -lshadow

  Ďst@CƃCXg[s܂:

       cd ..
       build lnx
       cp /usr/sbin/wu.ftpd /usr/sbin/wu.ftpd.old
       cp ./bin/ftpd /usr/sbin/wu.ftpd

  /etc/inetd.conf t@C wu_ftpd {̂̒uꏊĂ邩ǂ
  mF̂YȂ悤ɂ܂傤BpbP[WɂĂ̓T[o
  f[̒uꏊႢAwu_ftpd ʂ̖OɂȂĂ̂Ƃ
  񍐂܂B
  : Slackware 3.1 ł shadow pX[hsꍇAwu-ftpd ̃R
  pCɎsꍇ܂BL̂悤ȃG[oꍇɂ
  src/makefiles/Makefile.lnx  CFLAGS  "-DDIRENT_ILLEGAL_ACCESS" 
  Ă݂ĂB (͍̏΁Ld@傳蒸܂B)

  ______________________________________________________________________
  gcc -O2 -fomit-frame-pointer -I.. -I../support -I/usr/include/bsd -L../suppors
   -c glob.c -o glob.o
  glob.c: In function `matchdir':
  glob.c:284: dereferencing pointer to incomplete type
  make: *** [glob.o] Error 1
  ______________________________________________________________________

  6.3.  W ftpd

  W ftpd T[ogĂꍇɂ wu_ftpd T[oɃAbvO[h
  邱Ƃ߂܂BqׂoO΁ASƂĂ邩
  łB

  ǂĂŴ̂gꍇANIS T|[gKvꍇ
  ɂ Sunsite  ftpd-shadow-nis.tgz
  <ftp://sunsite.unc.edu/pub/Linux/system/Network/file-transfer/ftpd-
  shadow-nis.tgz> 肵ĉB

  6.4.  pop3d (Post Office Protocol 3)

  APOP3(the third Post Office Protocol) T|[gKv
  ɂ pop3d ăRpCKv܂B pop3d  inet/tcpd 
  rootŎs܂B

  Sunsite 2̈قȂo[Ŵ̂ł܂:
  pop3d-1.00.4.linux.shadow.tar.gz
  <ftp://sunsite.unc.edu/pub/Linux/system/Mail/pop/pop3d-1.00.4.linux.shadow.tar.gz>
   pop3d+shadow+elf.tar.gz
  <ftp://sunsite.unc.edu/pub/Linux/system/Mail/pop/pop3d+shadow+elf.tar.gz>
  łB

  ǂ̏ꍇȂCXg[łł傤B

  6.5.  xlock

  Shadow Suite CXg[AX Window VXe xlock AbvO
  [hȂ܂܂Ŏsꍇɂ́A CNTL-ALT-Fx ŕʂ̃R\[ɐ
  ւăOC xlock ̃vZXE(邢 CNTL-ALT-BS  X T[
  oE)ȊOɂǂ悤ȂԂɂȂĂ܂܂BKȂƂɁA
  xlock AbvO[ĥ͂ƂĂȒPłB

  AXFree86 ̃o[W 3.x.x 𗘗pĂꍇɂ́A xlockmore
  (lock @\ɉăXN[Z[o@\)gĂƎv܂B
  ̃pbP[W͍ăRpC邱Ƃ shadow T|[gł܂BÂ
  xlock gĂꍇɂ xlockmore ɃAbvO[h邱Ƃ߂
  B

  xlockmore-3.5.tgz ͈ȉ̏ꏊœł܂:
  <ftp://sunsite.unc.edu/pub/Linux/X11/xutils/screensavers/xlockmore-3.7.tgz>

  CXg[͊{Iɂ͈ȉ̂悤ȑōs܂:

  xlockmore-3.5.tgz 肵A/usr/src œWJ܂:

       tar -xzvf xlockmore-3.7.tgz

  /usr/X11R6/lib/X11/config/linux.cf ҏWA

       #define HasShadowPasswd    NO

       ̍s

       #define HasShadowPasswd    YES

  ̂悤ɕύX܂B

  āAst@C쐬܂:

       cd /usr/src/xlockmore
       xmkmf
       make depend
       make

  t@CړAI[iƃp[~bVݒ肵܂:

       cp xlock /usr/X11R6/bin/
       cp XLock /var/X11R6/lib/app-defaults/
       chown root.shadow /usr/X11R6/bin/xlock
       chmod 2755 /usr/X11R6/bin/xlock
       chown root.shadow /etc/shadow
       chmod 640 /etc/shadow

  ŁA܂ xlock ł͂łB

  6.6.  xdm

  xdm X Window ̃OCʂ\vOłB run
  level ɈڍsƂxdmsVXe܂B
  (/etc/inittabQ)
  Shadow SuitẽCXg[sȂƁAxdmXVȂ΂Ȃ܂B
  xdm̃AbvO[h͊ȒPȂ̂Ŗ肠܂B

  xdm.tar.gz ͈ȉURLœł܂:
  <ftp://sunsite.unc.edu/pub/Linux/X11/xutils/xdm.tar.gz>

  xdm.tar.gz t@C肵āA/usr/srcɒuĂȉ̂悤ɂēW
  J܂:

       tar -xzvf xdm.tar.gz

  /usr/X11R6/lib/X11/config/linux.cf 

       #define HasShadowPasswd    NO

       ̕

       #define HasShadowPasswd    YES

  ̂悤ɕύX܂B

  st@C܂:

       cd /usr/src/xdm
       xmkmf
       make depend
       make

  t@CCXg[܂:

       cp xdm /usr/X11R6/bin/

  xdm  root œ삷̂Ńt@C̃p[~bVςKv͂
  ܂B

  6.7.  sudo

  sudovO̓VXeǗ҂ʏrootKvƂvO
  [UɎs邽߂ɗp܂BǗ҂root̃AJEgւ̃ANZX
  𐧌܂܂ŁA[UɃfBXÑ}Eg̑Ƃɕ
  ȃvOłB

  sudo ͎sꂽɃ[ŨpX[hF؂ŝŁApX[ht@
  Cǂ߂Ȃ΂Ȃ܂Bsudo ͍ŏroot SUID ē삷
  ̂ŁA/etc/shadow ւ̃ANZXɂĂ͖肠܂B

  Shadow Suit Ή sudo ͈ȉURLœł܂:
  <ftp://sunsite.unc.edu/pub/Linux/system/Admin/sudo-1.2-shadow.tgz>

  x: sudoCXg[ۂ /etc/sudoerst@C͕Ŵ̂ƒu
  Ă܂܂BłAW̏ԂύXꍇɂ̓ob
  NAbvĂKv܂B(Makefile ύXĕW̃t@C
  /etcɃRs[镔̏폜Ƃ@܂B)

  ̃pbP[W͊ shadow Ή̐ݒ肪ȂĂ̂ŁApbP[W
  ăRpC邾ŗpł܂(\[X /usr/src ɓWJĉ
  ):

       cd /usr/src
       tar -xzvf sudo-1.2-shadow.tgz
       cd sudo-1.2-shadow
       make all
       make install

  6.8.  imapd (E-Mail [pine pbP[W])

  imapd  pop3d ̂悤ȃ[T[ołB imapd  pine E-mail pb
  P[WɕtĂ܂BpbP[WɕthLgɂ Linux V
  Xeɑ΂Wݒ shadow T|[gĂƏĂ܂B
  A͐ȂLqłBɁÃpbP[Wł͎st@C
  XNvg Makefile ̑gKvŁARpClibshadow.a
  邱Ƃ̂łB킯ŁA͂܂ imapd  shadow
  T|[g悤ɂ͂łĂ܂B

  l܂AM҂̂ƂɃ[Œm点ĂB
  ̍ڂɉƎv܂B

  6.9.  pppd (PPP vgRT[o)

  pppd T[o͔F؂̕𕡐pł悤ɐݒł܂B Password
  Authentication Protocol (PAP)  Cryptographic Handshake
  Authentication Protocol (CHAP)łBpppd T[o͕ʃpX[h
   /etc/ppp/chap-secrets  /etc/ppp/pap-secrets (邢͗)瓾
  ܂Bpppd ɕW̓Ăꍇɂ pppd ăCXg[
  Kv͂܂B

  pppd loginp[^g悤ɂ邱Ƃł܂(R}hC
  Aݒt@CŎw肷邩 options t@CŎw)Blogin Iv
  Vw肳 pppd  PAP  /etc/passwd t@C̃[Ul[
  ƃpX[hg܂BpX[h shadow ƂA͓
  삵ȂȂ܂B pppd-1.2.1d ł shadow T|[g邽߂ɂ̓v
  OύXȂ΂Ȃ܂B

  ̏͂ł̗ pppd-1.2.1d(o[WÂ pppd) shadow T|[g
  Ƃ̂łB

  pppd-2.2.0 ł͊ shadow ΉsĂ܂B

  7.  Shadow Suite gĂ݂

  ̏͂ł̓VXeShadow SuiteCXg[ɒmĂׂ
  Ǝv邱Ƃ܂Bڂ͊eR}h̃IC}
  jAQƂĂB

  7.1.  [U̒ǉAύXA폜

  Shadow Suite ɂ̓[UǉAύXA폜邽߂̃vO܂܂
  Ă܂BadduservOĂ邩܂B

  7.1.1.  useradd

  useraddR}h̓VXeɃ[Uǉ邽߂ɗp܂BW̐ݒ
  ςƂɂ̃R}hs܂B

  ŏɍsȂׂƂ͕WݒmFĂȂ̃VXeɍ킹ĕύX
  邱Ƃł:

       useradd -D

  ______________________________________________________________________
  GROUP=1
  HOME=/home
  INACTIVE=0
  EXPIRE=0
  SHELL=
  SKEL=/etc/skel
  ______________________________________________________________________

  Wݒ͂炭CɓȂł傤A[UƂɊe[
  Uɑ΂đSĂ̍ڂw肷AW̐ݒςĂ܂
  ܂傤B

  M҂̃VXeł͈ȉ̂悤ȐݒɕςĂ܂:

  o  W̃O[v ID  100 

  o  pX[h̊ 60 

  o  pX[h̊؂ɂAJEg̃bN͍sȂȂ

  o  W̃VF/bin/bash 

     ̂悤ȕύXsȂɂ͎̃R}hs܂:
       useradd -D -g100 -e60 -f0 -s/bin/bash

  ̏Ԃ useradd -D sƈȉ̌ʂ𓾂܂:

  ______________________________________________________________________
  GROUP=100
  HOME=/home
  INACTIVE=0
  EXPIRE=60
  SHELL=/bin/bash
  SKEL=/etc/skel
  ______________________________________________________________________

  m肽΁A̕Wݒ/etc/default/useradd t@CŊm
  Fł܂B

  Ń[U̒ǉ useradd g悤ɂȂ܂BႦ΁AW
  ݒgă[U fred ǉ邽߂ɂ͈ȉ̂悤ȑsȂ
  :

       useradd -m -c "Fred Flintstone" fred

  ̃R}h/etc/passwd t@CɈȉ̂悤ȃGg[
  :

       fred:*:505:100:Fred Flintstone:/home/fred:/bin/bash

  ܂A/etc/shadowt@CɈȉ̃Gg[܂:

       fred:!:0:0:60:0:0:0:0

  -mIvVĂ̂ŁA[Ufred ̃z[fBNg
  A/etc/skelfBNg̓eRs[܂B

  UID ͎w肵ĂȂĂKɌ߂Ă܂B

  fred̃AJEgł܂AAJEg̃bNȂ
  fred̓OC邱Ƃ͂ł܂BbN̉̓pX[hς
  ƂɂčsȂ܂B

       passwd fred

  ______________________________________________________________________
  Changing password for fred
  Enter the new password (minimum of 5 characters)
  Please use a combination of upper and lower case letters and numbers.
  New Password: *******
  Re-enter new password: *******
  ______________________________________________________________________

   /etc/shadow͈ȉ̂悤ȓeɂȂ܂:

       fred:J0C.WDR1amIt6:9559:0:60:0:0:0:0

  āAfred̓VXeɃOCł悤ɂȂ܂B̃vO
  Ȃ useradd g_/etc/passwd /etc/shadow̕ύXsɍs
  邱ƂłB܂AȂ[Uo^̂Ɠɑ̃[U
  pX[hύXƂĂAƂs܂B

   /etc/passwd  /etc/shadow ҏŴ͂߂āApӂꂽR}
  h𗘗pׂłBȂ /etc/passwd ҏWĂԂɁA
  [UpX[hύXƂƁÃ[ŨpX[hύX͂
  t@CZ[uɎĂ܂܂B

  ȉɎ̂useraddpasswdgȒPȑΘbI[UǉXNvg
  łB

  ______________________________________________________________________
  #!/bin/bash
  #
  # /sbin/newuser - A script to add users to the system using the Shadow
  #                 Suite's useradd and passwd commands.
  #
  # Written my Mike Jackson <mhjack@tscnet.com> as an example for the Linux
  # Shadow Password Howto.  Permission to use and modify is expressly granted.
  #
  # This could be modified to show the defaults and allow modification similar
  # to the Slackware Adduser program.  It could also be modified to disallow
  # stupid entries.  (i.e. better error checking).
  #
  ##
  #  Defaults for the useradd command
  ##
  GROUP=100        # Default Group
  HOME=/home       # Home directory location (/home/username)
  SKEL=/etc/skel   # Skeleton Directory
  INACTIVE=0       # Days after password expires to disable account (0=never)
  EXPIRE=60        # Days that a passwords lasts
  SHELL=/bin/bash  # Default Shell (full path)
  ##
  #  Defaults for the passwd command
  ##
  PASSMIN=0        # Days between password changes
  PASSWARN=14      # Days before password expires that a warning is given
  ##
  #  Ensure that root is running the script.
  ##
  WHOAMI=`/usr/bin/whoami`
  if [ $WHOAMI != "root" ]; then
          echo "You must be root to add news users!"
          exit 1
  fi
  ##
  #  Ask for username and fullname.
  ##
  echo ""
  echo -n "Username: "
  read USERNAME
  echo -n "Full name: "
  read FULLNAME
  #
  echo "Adding user: $USERNAME."
  #
  # Note that the "" around $FULLNAME is required because this field is
  # almost always going to contain at least on space, and without the "'s
  # the useradd command would think that you we moving on to the next
  # parameter when it reached the SPACE character.
  #
  /usr/sbin/useradd -c"$FULLNAME" -d$HOME/$USERNAME -e$EXPIRE \
          -f$INACTIVE -g$GROUP -m -k$SKEL -s$SHELL $USERNAME
  ##
  #  Set password defaults
  ##
  /bin/passwd -n $PASSMIN -w $PASSWARN $USERNAME >/dev/null 2>&1
  ##
  #  Let the passwd command actually ask for password (twice)
  ##
  /bin/passwd $USERNAME
  ##
  #  Show what was done.
  ##
  echo ""
  echo "Entry from /etc/passwd:"
  echo -n "   "
  grep "$USERNAME:" /etc/passwd
  echo "Entry from /etc/shadow:"
  echo -n "   "
  grep "$USERNAME:" /etc/shadow
  echo "Summary output of the passwd command:"
  echo -n "   "
  passwd -S $USERNAME
  echo ""
  ______________________________________________________________________

  [U̒ǉɃXNvg𗘗p邱Ƃ͒/etc/passwd /etc/shadow
  ҏWASlackware  adduservO𗘗p]܂
  B̃XNvgȂ̃VXeɍ킹ĕύXĎgĂB

  useraddɂĂ̂ڂ̓IC}jAQƂĂ
  B

  7.1.2.  usermod

  usermodvO̓[UɂĂ̏ύX邽߂̂̂łBIv
  VuseraddƂقƂǓłB

  fred̃VFς悤ƎvAȉ̂悤ȑ܂:

       usermod -s /bin/tcsh fred

  ɂāA/etc/passwdfred̃Gg[͎̂悤ɕύX܂:

       fred:*:505:100:Fred Flintstone:/home/fred:/bin/tcsh

  ɁAfred̃AJEg̊ 1997N915ɐݒ肵Ă݂܂傤:

       usermod -e 09/15/97 fred

  /etc/shadowfred̃Gg[͎̂悤ɕύX܂:

       fred:J0C.WDR1amIt6:9559:0:60:0:0:10119:0

  usermodɂĂ̂ڂ̓IC}jAQƂĂ
  B

  7.1.3.  userdel

  userdel͖O̒ʂA[ŨAJEg𖕏܂Bg͒P

       userdel -r username

  Ɠ͂邾łB -rIvVƃ[Ũz[fBNg
  (z[fBNĝ̂܂߂)܂BقȂt@CVXe
  ɂt@C͎ƂŏȂ΂Ȃ܂B

  AJEĝł͂ȂAPɃbN邾̏ꍇɂ passwdR}
  hg܂B

  7.2.  passwd R}hƃpX[h̊ݒ

  passwdR}h͕ʂ̃pX[hύX̋@\Ă܂Bɉ
  āA[UrootŎsꍇɂ́Aȉ̂Ƃł܂B

  o  AJEg̃bNyт̉ (-l  -u)

  o  pX[h̍ŒZLԂ̐ݒ (-x)

  o  pX[hύX܂ł̍ŒZ̐ݒ(-n)

  o  ̐؂pX[hɑ΂ĉOx邩̐ݒ (-w)

  o  pX[h̊؂ꂩAJEg̃bN܂ł̓̐ݒ is
     locked (-i)

  o  AJEg𐴏ĕ\(-S)

  ƂāAĂу[UfredĂ݂܂傤B

       passwd -S fred
       fred P 03/04/96 0 60 0 0

  ́Afred̃pX[h͗Lł邱ƁAO̕ύX1996N3 4
  ƁAłύX\ł邱ƁA60Ɋ؂ɂȂ邱
  ƁAfred ɂ͌x͂ȂȂƁApX[h؂ɂȂĂAJ
  Eg͖ƂȂȂƂӖĂ܂B

  ́ApX[h؂ɂȂĂfredOCƐVpX
  [hvvvgoĂƂƂłB

  Afred̃pX[h؂ɂȂ14OɌxoA؂14
  ɂ̓AJEg~ƂȂ悤ɂ邽߂ɂ͎̂悤Ȗ߂^
  B

       passwd -w14 -i14 fred

  ̂ƂAfred͎̏̂悤ɂȂ܂B

       fred P 03/04/96 0 60 14 14

  ڍׂɂĂpasswd̃IC}jAQƂĂB

  7.3.  login.defs t@C

  /etc/logint@CloginvOShadow SuiteŜ̐ݒt@C
  B

  /etc/login t@C̓vvg\A[UpX[hύX
  ɕW̃pX[h͂ǂȂ邩܂ł̕LݒĂ܂B

  /etc/login.defs ɏڂRg܂Aӂׂ_
  ܂B

  o  MO̗ʂ肷tO(on 邢 off ɂł)
     

  o  ̐ݒt@Cւ̃|C^܂

  o  pX[h aging ȂǂɂĂ̕W̐ݒ܂

  ̂Ƃdvȃt@Cł邱Ƃ킩Ǝv܂BłA
  t@Ĉ݂̂邱ƂƐݒɂȂĂ邩ǂK
  mFĂB

  7.4.  O[ṽpX[h

  /etc/groupst@C͓̃O[ṽoɂȂ邽߂̃pX[h
  ނƂ܂B̋@\̓RpC /usr/src/shadow-
  YYMMDD/config.h t@CŒ萔SHADOWGRP `ĂΗLɂȂ
  ܂B

  ̒萔`ăRpCsȂȂ΁A/etc/gshadowt@C
  AO[ṽpX[hyуO[vǗ҂ɂĂ̏ێȂ
  ΂Ȃ܂B

  /etc/shadow t@Cɂ pwconvƌĂ΂vOg
  A/etc/gshadowɑ΂Ă͂ɑ̂͂܂BA
  ̃t@C͓ɕҏWKv͂Ȃ̂Ŗɂ͂Ȃ܂B

  ŏ /etc/gshadow t@C邽߂ɂ͈ȉ̑sȂ܂B

       touch /etc/gshadow
       chown root.root /etc/gshadow
       chmod 700 /etc/gshadow

  VO[vƎI/etc/groupy /etc/gshadowt@Cɒ
  ܂B[U̒ǉ폜AO[ṽpX[h̕ύXȂǂ̏C
  sȂꂽꍇɂ /etc/gshadowt@CύX܂B

  Shadow Suite Ɋ܂܂O[vύX邽߂̃vOƂgroups,
  groupadd, groupmod, groupdel܂B

  /etc/group t@C̃tH[}bĝ͎悤ɂȂĂ܂B

       groupname:!:GID:member,member,...

  etB[h̓ê͎悤ɂȂĂ܂:

     groupname
        O[v

     !  ʏ̓pX[hێtB[hł邪A Shadow Suite ł
        pX[h/etc/gshadow t@CɊi[

     GID
        O[vID(l)

     member
        O[ṽõXg

  /etc/gshadow t@C̃tH[}bĝ͎悤ɂȂ܂B

       groupname:password:admin,admin,...:member,member,...

  etB[h̓e͈ȉ̂悤ɂȂĂ܂:

     groupname
        O[v̖O

     password
        GR[hꂽpX[h

     admin
        O[v̊Ǘ҂̃Xg

     member
        O[ṽõXg

  gpasswdR}h̓O[vɑ΂ĊǗ҂⃆[U̒ǉyэ폜sȂ
  ɂg܂BrootO[v̊Ǘ҃XgɓĂ郆[U̓O
  [ṽo̒ǉ폜sȂƂł܂B

  O[ṽpX[h root O[v̊Ǘ҃XgɓĂ郆[U
  passwdR}hgp邱ƂŕύXł܂B

  ݂̂ƂAgpasswdR}h̃IC}jA͂܂񂪁Ap
  [^Ȃgpasswds邱ƂŃIvVꗗmF邱Ƃ
  ܂Bt@C̃tH[}bgƈӖ𗝉Ă΃R}hǂ̂悤
  ɓ삷̂c邱Ƃ͊ȒPłB

  7.5.  ѐ`FbNvO

  7.5.1.  pwck

  vOpwck/etc/passwd/etc/shadow ̓eɈѐ邩ǂ
  𒲂ׂ邽߂̂̂łB̃vO͂ꂼ̃[UɂĈȉ
  ̍ڂ𒲂ׂ܂:

  o  tB[h̐

  o  Õ[UȂ

  o  [UIDAO[vID

  o  primary O[v

  o  z[fBNg

  o  OCVF

  ܂ApX[h̃AJEgΌx܂B

  Shadow SuiteCXg[ApwcksƂ̂͗ǂl
  BI(ƂΖAT)Ɏŝł傤B-rIvV
  g΁AcrongĒIɎsAʂ[ŕ񍐂邱Ƃ
  ł܂B

  7.5.2.  grpck

  grpck /etc/group  /etc/gshadow ̈ѐmFvOłB
  ̃vO͈ȉ̃`FbNsȂ܂:

  o  tB[h̐

  o  O[v̏dȂ

  o  o[ƊǗ҂̃Xg

  pwckR}hlɁA-r IvVgĎIɌʕ񍐂邱
  ł܂B

  7.6.  _CAAbvEpX[h

  _CAAbvEpX[h̓_CAC̃ANZXĂVXe
  ́Aʏ̃pX[hF؂Ƃ͕ʂ̖hqłB[J邢̓lbg
  [NoRŐڑł郆[U͑邯ǃ_CACŐڑł
  [U͐ꍇɂ́A_CAAbvEpX[hɗ܂B
  _CAAbvEpX[hLɂɂ́A/etc/login.defsҏWA
  DIALUPS_CHECK_ENAB  yes ɂ܂B

  _CAAbvɂĂ̐ݒ2̃t@Cōs܂B
  /etc/dialupsŁAtty ̐ݒLq܂B(ɑ΂ĈsAf
  oCX̍ŏ"/dev/"菜̂Lq܂B) tty 
  ΁A_CAAbv̐ڑɑ΂`FbNs܂B

  ̃t@C /etc/d_passwd łB̃t@Cɂ͓K؂ȃVF
  ̃pXƒǉ̃pX[hLq܂B

  A/etc/dialupsɏĂ烆[UOCA
  /etc/d_passwd ɂ̃[ŨOCVFĂȂ΁A
  pX[h͂邱ƂŃANZX𓾂邱Ƃł܂B

  _CAAbvEpX[h͉ɓ̃^Cv(PPPUUCPȂ)̐ڑ
  ꍇɂLɗpł܂B[Ũ^Cv̐ڑ(Ⴆ΃
  XgɍڂĂVFg)sꍇɂ͂̉̃pX[hm
  ĂKv܂B

  _CAAbvEpX[hgOɂ́AOq̐ݒt@C쐬K
  v܂B

  R}h dpasswd g /etc/d_passwdt@C̃VFɑ΂pX
  [hݒ肷邱Ƃł܂Bڂ̓IC}jAQƂ
  B

  8.  CvO Shadow Suite ɑΉ@

  vO shadow T|[ĝ͎ۂɂ͂ƂĂȒPłB
  /etc/shadow t@CɃANZX邽߂ɃvOrootŎs
  Aroot SUID ĎsȂ΂ȂȂƂłB

  ͏dȖłBSUID vO鎞ɂ͔ɐTdɃv
  OKv܂BႦ΁AVFɃGXP[vłvO
  vOroot SUID ĂĂrootƂĎsĂ͂Ȃ܂B

  pX[h̃`FbN͂邪AȊOɂrootƂē삷KvȂ
  悤ȏꍇ shadow T|[gvOɒǉ鎞 shadow O[v
   SGID ƈSłBxlock vO͂̂悤ȗ̓T^
  B

  ȉŎ pppd-1.2.1d ͊root SUID Ă̂ŁAshadow T
  |[g邱ƂŁAvOZLeBIɂƎɂȂ邱Ƃ
  ͂₠܂B

  8.1.  wb_t@C

  wb_t@C /usr/include/shadow fBNgɂׂ
  B/usr/include/shadow.h KvłA
  /usr/include/shadow/shadow.h ւ̃V{bNNɂȂ܂B

  vO shadow T|[g邽߂ɂ͎̃wb_t@CCN
  [hKv܂:

  #include <shadow/shadow.h>
  #include <shadow/pwauth.h>

  shadow p̃R[hRpCŗpł悤ɃRpC߂p
  ̂͗ǂlłB(ȉ̗łĂ܂B)

  8.2.  libshadow.a Cu

  Shadow Suite CXg[鎞ɂ libshadow.a 쐬A/usr/lib
  ɃCXg[܂B

  vO shadow T|[g邽߂ɂ́AJ libshadow.a 
  N悤ɎwKv܂B

  ͈ȉ̂悤ɍs܂:

       gcc program.c -o program -lshadow

  Aȉ̗ł킩悤ɑK͂ȃvOł͑ Makefile g
  ܂Aʂ LIBS ϐύX܂B

  8.3.  Shadow \

  libshadow.a Cu spwd ƌĂ΂\̂ /etc/shadow t@C
  oi[܂B wb_t@C
  /usr/include/shadow/shadow.h ɂ spwd ̒`ł:

  ______________________________________________________________________
  struct spwd
  {
    char *sp_namp;                /* login name */
    char *sp_pwdp;                /* encrypted password */
    sptime sp_lstchg;             /* date of last change */
    sptime sp_min;                /* minimum number of days between changes */
    sptime sp_max;                /* maximum number of days between changes */
    sptime sp_warn;               /* number of days of warning before password
                                     expires */
    sptime sp_inact;              /* number of days after password expires
                                     until the account becomes unusable. */
    sptime sp_expire;             /* days since 1/1/70 until account expires
  */
    unsigned long sp_flag;        /* reserved for future use */
  };
  ______________________________________________________________________

  Shadow Suite ł sp_pwdp ɒPȂGR[hꂽpX[hł
  AȊȌ邱Ƃł܂BႦ΁ApX[htB[
  hȉ̂悤ȍs܂łꍇł:

       username:Npge08pfz4wuk;@/sbin/extra:9479:0:10000::::

  ŁApX[hɉ/sbin/extra vOȂF؂ɗp
  ƂwĂ܂BĂяoꂽvÓA[UƂȂĂяo
  ꂽXCb`n܂Bڂ𓾂邽߂ɂ
  /usr/include/shadow/pwauth.h ƃ\[XR[hɊ܂܂ pwauth.c ǂ
  łB

  ꂪӖƂ́A2F؂ɒӂ邱ƂƁAۂ̔F؂s
  ͊֐ pwauth pׂƂƂłBȉ̗ł͂s
  Ă܂B

  ݑ݂ĂvÔقƂǂsĂȂ߁A Shadow
  Suite̍҂͏̃o[Wł͂̋@\𖳂dlύX邱
  Ă܂B

  8.4.  Shadow T|[ĝ߂̊֐

  shadow.h t@Cɂ libshadow.a Cu܂ł֐̊֐v
  g^CvĂ܂:

  ______________________________________________________________________
  extern void setspent __P ((void));
  extern void endspent __P ((void));
  extern struct spwd *sgetspent __P ((__const char *__string));
  extern struct spwd *fgetspent __P ((FILE *__fp));
  extern struct spwd *getspent __P ((void));
  extern struct spwd *getspnam __P ((__const char *__name));
  extern int putspent __P ((__const struct spwd *__sp, FILE *__fp));
  ______________________________________________________________________

  ꂩŗp֐ getspnam (^ꂽOɑΉ spwd \
  ̂^)łB

  8.5.  

  ̓ftHg shadow T|[gĂȂvO shadow Ή
  łB

  ̗ł Point-to-Point vgRT[o(pppd-1.2.1d) pĂ
  B̃vO PAP  CHAP t@CłȂ /etc/passwd t@C
  瓾[UƃpX[hp PAP F؂s[hĂ
  B pppd-2.2.0  shadow T|[gsĂ̂ŁApppd-2.2.0
  ɑ΂ė̃R[hǉKv͂܂B

  pppd ̂̋@\͂܂gȂ̂łAShadow Suite CXg[
  ƃpX[h /etc/passwd ɕێȂȂ邽߂ɁA̋@\͑S
  gȂȂĂ܂܂B

  pppd-1.2.1d ̃[UF؂̃̕R[h
  /usr/src/pppd-1.2.1d/pppd/auth.c t@Cɂ܂B

  ȉ̃R[h̓R[h̑ #include ߂OɉKv
  B߂ #include ͂ł܂( shadow T|[g
  ŃRpC鎞CN[h܂)B
  ______________________________________________________________________
  #ifdef HAS_SHADOW
  #include <shadow.h>
  #include <shadow/pwauth.h>
  #endif
  ______________________________________________________________________

  ͎̕ۂ̃R[hɑ΂ύX_łBauth.c t@CɍXɕύX
  ܂B

  ύXO auth.c:

  ______________________________________________________________________
  /*
   * login - Check the user name and password against the system
   * password database, and login the user if OK.
   *
   * returns:
   *      UPAP_AUTHNAK: Login failed.
   *      UPAP_AUTHACK: Login succeeded.
   * In either case, msg points to an appropriate message.
   */
  static int
  login(user, passwd, msg, msglen)
      char *user;
      char *passwd;
      char **msg;
      int *msglen;
  {
      struct passwd *pw;
      char *epasswd;
      char *tty;

      if ((pw = getpwnam(user)) == NULL) {
          return (UPAP_AUTHNAK);
      }
       /*
       * XXX If no passwd, let them login without one.
       */
      if (pw->pw_passwd == '\0') {
          return (UPAP_AUTHACK);
      }

      epasswd = crypt(passwd, pw->pw_passwd);
      if (strcmp(epasswd, pw->pw_passwd)) {
          return (UPAP_AUTHNAK);
      }

      syslog(LOG_INFO, "user %s logged in", user);

      /*
       * Write a wtmp entry for this user.
       */
      tty = strrchr(devname, '/');
      if (tty == NULL)
          tty = devname;
      else
          tty++;
      logwtmp(tty, user, "");             /* Add wtmp login entry */
      logged_in = TRUE;

      return (UPAP_AUTHACK);
  }
  ______________________________________________________________________

  [ŨpX[h pw->pw_passwd ɑĂ̂ŁAōsK
  v̂͊֐ getspnam ǉ邱ƂłB̊֐̓pX[h
  spwd->sp_pwdp ɑ܂B

  ɁAۂ̔F؂s߂Ɋ֐ pwauth ܂B̊֐ shadow
  t@C2F؂悤ɐݒ肳Ăꍇɂ́AI2F؂
  s܂B

  shadow T|[g悤ɕύXauth.c:

  ______________________________________________________________________
  /*
   * login - Check the user name and password against the system
   * password database, and login the user if OK.
   *
   * This function has been modified to support the Linux Shadow Password
   * Suite if USE_SHADOW is defined.
   *
   * returns:
   *      UPAP_AUTHNAK: Login failed.
   *      UPAP_AUTHACK: Login succeeded.
   * In either case, msg points to an appropriate message.
   */
  static int
  login(user, passwd, msg, msglen)
      char *user;
      char *passwd;
      char **msg;
      int *msglen;
  {
      struct passwd *pw;
      char *epasswd;
      char *tty;

  #ifdef USE_SHADOW
      struct spwd *spwd;
      struct spwd *getspnam();
  #endif

      if ((pw = getpwnam(user)) == NULL) {
          return (UPAP_AUTHNAK);
      }

  #ifdef USE_SHADOW
          spwd = getspnam(user);
          if (spwd)
                  pw->pw_passwd = spwd->sp-pwdp;
  #endif

       /*
       * XXX If no passwd, let NOT them login without one.
       */
      if (pw->pw_passwd == '\0') {
          return (UPAP_AUTHNAK);
      }
  #ifdef HAS_SHADOW
      if ((pw->pw_passwd && pw->pw_passwd[0] == '@'
           && pw_auth (pw->pw_passwd+1, pw->pw_name, PW_LOGIN, NULL))
          || !valid (passwd, pw)) {
          return (UPAP_AUTHNAK);
      }
  #else
      epasswd = crypt(passwd, pw->pw_passwd);
      if (strcmp(epasswd, pw->pw_passwd)) {
          return (UPAP_AUTHNAK);
      }
  #endif

      syslog(LOG_INFO, "user %s logged in", user);

      /*
       * Write a wtmp entry for this user.
       */
      tty = strrchr(devname, '/');
      if (tty == NULL)
          tty = devname;
      else
          tty++;
      logwtmp(tty, user, "");             /* Add wtmp login entry */
      logged_in = TRUE;

      return (UPAP_AUTHACK);
  }
  ______________________________________________________________________

  Ӑ[ׂ΁AɂύX_邱Ƃ킩܂BIWĩo[
  Wł/etc/passwdt@CɃpX[hȂꍇɂ̓ANZX
  ܂B(UPAP_AUTHACK ߂lɂB)͂܂ǂȂƂłB
  ʂ̃OCł PPP vZXւ̃ANZXɈ̃AJEg
  pAꂩ /etc/passwd t@C̃[U /etc/shadowt@C
  ̃pX[h𗘗pāA͂ꂽ[UƃpX[hɑ΂ PAP F
  ؂słB

  Ão[W[U(Ⴆ ppp)̃VFƂđ点
  ƁA[U ppp ŋpX[hɂ PAP ݒ肵ĂN PPP ڑ
  邱ƂłȂȂ܂B

  pX[h̎ɂ UPAP_AUTHNAK łȂ UPAP_AUTHACK߂lƂ
  悤ɂ邱ƂłCł܂B

  ʔƂɁApppd-2.2.0 ɂ肪܂B

  ɁAȉ2_ɂ Makefile CKv܂: USE_SHADOW
  `邱ƂƁAlibshadow.a N悤ɂ邱ƂłB

  Makefile ҏWāA̍sĂ:

       LIBS = -lshadow

  ꂩA̍s:

       COMPILE_FLAGS = -I.. -D_linux_=1 -DGIDSET_TYPE=gid_t

  ȉ̂悤ɕύXĂ:

       COMPILE_FLAGS = -I.. -D_linux_=1 -DGIDSET_TYPE=gid_t -DUSE_SHADOW

  ŌɁARpCyуCXg[s܂傤B

  9.  悭鎿(Frequently Asked Questions).

  Q: /etc/securettys t@Cg rootOCł tty 𐧌䂵
  悤ƂĂ̂łA܂܂B

  A: /etc/securettys  Shadow SuiteCXg[ꂽɂ͑SӖ
  ܂Brootpł tty Lqݒt@C
  /etc/login.defsɂȂ܂B̃t@Cő̃t@Cw肷邱
  ܂B

  Q: Shadow SuiteCXg[̂łAOCłȂȂĂ
  ܂܂B̂ł傤H

  A: 炭Shadow SuitẽvO̓CXg[ǁApwconv
  sĂȂA/etc/npasswd /etc/passwdɁA/etc/nshadow
  /etc/shadowɂꂼRs[̂Y邩̂ł
  Blogin.defs /etcɃRs[ĂȂ̂܂B

  Q:xlock ̏͂ /etc/shadowt@C̏LO[v shadowɂƂ
  ܂Â悤ȃO[v͂܂Bǂǂ̂ł傤H

  A:O[vǉ܂傤BP/etc/groupt@CҏWāAshadow
  O[vɂĂ̋Lq邾łBO[vIDƏdȂ悤
  ɂ_ƁAnogroup̃Gg[Oɒǉ_ɂ͒ӂĂ
  BP xlock root  SUID Ƃ@܂B

  Q: Linux  Shadow Suite ɂẴ[OXg͂܂H

  A: ܂BÃ͎o[W LinuxShadow Suite ̊J
  ƃeXĝ߂̂̂łB shadow-list-request@neptune.cin.netɃT
  uWFNg subscribeł郁[𑗂邱ƂŃ[OXgɎQ
  ܂B̃[OXg Linuxshadow-YYMMSSɂĂ̋c_s
  ꏊłBJɉ肽 Shadow Suite CXg[̂ŐV
  [XɂĂ̏𓾂ꍇɂ͎QƗǂł傤B

  Q:Shadow SuiteCXg[܂A userdelR}hs
  "userdel: cannot open shadow group file"ƂG[o܂B
  ̂ł傤H

  A: Shadow Suite SHADOWGRPIvVLɂăRpC
  ɁA/etc/gshadowt@CȂ̂ł傤Bconfig.hCčăRpC
  邩A/etc/group t@C܂傤Bshadow O[v̐̏
  mF܂傤B

  Q: Shadow SuiteCXg[܂A /etc/passwdɈÍꂽp
  X[hĂ܂܂BǂĂłH

  A:炭config.ht@CAUTOSHADOWIvVLɂăRpC
  AȂ̎gĂlibc SAHDOW_COMPATIvVLɂ
  RpCĂ邩łBǂ炪mFĊYăRp
  C܂傤B

  10.  Copyright Message(쌠\)

  The Linux Shadow Password HOWTO is Copyright (c) 1996 Michael H.
  Jackson.

  Permission is granted to make and distribute verbatim copies of this
  document provided the copyright notice and this permission notice are
  preserved on all copies.

  Permission is granted to copy and distribute modified versions of this
  document under the conditions for verbatim copies above, provided a
  notice clearly stating that the document is a modified version is also
  included in the modified document.

  Permission is granted to copy and distribute translations of this
  document into another language, under the conditions specified above
  for modified versions.

  Permission is granted to convert this document into another media
  under the conditions specified above for modified versions provided
  the requirement to acknowledge the source document is fulfilled by
  inclusion of an obvious reference to the source document in the new
  media. Where there is any doubt as to what defines 'obvious' the
  copyright owner reserves the right to decide.

  : ȉ̘a͂܂ŎQlłB쌠ɂĂ͌̕\ɏ]
  B

  The Linux Shadow Password HOWTO  Michael H. Jackson ̒앨łB
  (Copyright (c) 1996 Michael H. Jackson)

  쌠\yт̋\SẴRs[ɎcƂɁA̕
  ςɕʋyєzz邱Ƃ\łB

  L̏ςȂƋyѕςĂ邱ƖL邱Ƃ
  ɁA̕ς̂𕡎ʋyєzz邱Ƃ\łB

  q̉ςꂽɑ΂ƓŁA̕𑼂̌ɖ|
  ̂𕡎ʋyєzz邱Ƃ\łB

  q̉ςꂽɑ΂ɉAVfBAɌ̕ւ
  ȎQƂ܂܂邱ƂŌ̕ł邱Ƃ咣vʂ
  ƂɁA̕𑼂̃fBAŔzz邱Ƃ\łBu
  Ɂv̒`͂肵Ȃꍇɂ͒쌠҂肷錠ۗĂ
  ̂Ƃ܂B

  11.  ̑ / ӎ

   auth.c ɑ΂ẴR[h pppd-1.2.1d  ppp-2.1.0e p
  ܂B̃\tgEFA Australian National University y
  Carnegie Mellon University ̒앨łB (Copyright (c) 1993 and The
  Australian National University and Copyright (c) 1989 Carnegie Mellon
  University)

  Thanks to Marek Michalkiewicz <marekm@i17linuxb.ists.pwr.wroc.pl> for
  writing and maintaining the Shadow Suite for Linux, and for his review
  and comments on this document.

  Shadow Suite̍/Ǘ҂łA܂A̕ăRg
   Marek Michalkiewicz  <marekm@i17linuxb.ists.pwr.wroc.pl> Ɋӂ
  ܂B

  ̔̕]yуeXgsĉ Ron Tidd <rtidd@tscnet.com>
  Ɋӂ܂B

  M҂ɃtB[hobN𑗂Ả̕ǂɋ͂ĂFlɊ
  ӂ܂B

  RgĂ΂ǂM҂Ƀ[Œm点ĂB

  Michael H. Jackson <mhjack@tscnet.com>

  12.  ҂

  |̔zz͌ɏ]̂Ƃ܂B܂|̓eɂĂ͖҂
  ؂̐ӔCĂ܂̂ŁAF̐ӔCŗpĂB

  Ȃǂ̎wEɑ΂Rg҂Ă܂BCyɃ[
  B

  P <fujiwara@linux.or.jp>

