Contents of /tags/mkinitrd-6_1_10/busybox/loginutils/Config.in
Parent Directory | Revision Log
Revision 922 -
(show annotations)
(download)
Wed Oct 28 09:51:31 2009 UTC (14 years, 11 months ago) by niro
File size: 8281 byte(s)
Wed Oct 28 09:51:31 2009 UTC (14 years, 11 months ago) by niro
File size: 8281 byte(s)
tagged 'mkinitrd-6_1_10'
1 | # |
2 | # For a description of the syntax of this configuration file, |
3 | # see scripts/kbuild/config-language.txt. |
4 | # |
5 | |
6 | menu "Login/Password Management Utilities" |
7 | |
8 | config FEATURE_SHADOWPASSWDS |
9 | bool "Support for shadow passwords" |
10 | default n |
11 | help |
12 | Build support for shadow password in /etc/shadow. This file is only |
13 | readable by root and thus the encrypted passwords are no longer |
14 | publicly readable. |
15 | |
16 | config USE_BB_PWD_GRP |
17 | bool "Use internal password and group functions rather than system functions" |
18 | default n |
19 | help |
20 | If you leave this disabled, busybox will use the system's password |
21 | and group functions. And if you are using the GNU C library |
22 | (glibc), you will then need to install the /etc/nsswitch.conf |
23 | configuration file and the required /lib/libnss_* libraries in |
24 | order for the password and group functions to work. This generally |
25 | makes your embedded system quite a bit larger. |
26 | |
27 | Enabling this option will cause busybox to directly access the |
28 | system's /etc/password, /etc/group files (and your system will be |
29 | smaller, and I will get fewer emails asking about how glibc NSS |
30 | works). When this option is enabled, you will not be able to use |
31 | PAM to access remote LDAP password servers and whatnot. And if you |
32 | want hostname resolution to work with glibc, you still need the |
33 | /lib/libnss_* libraries. |
34 | |
35 | If you need to use glibc's nsswitch.conf mechanism |
36 | (e.g. if user/group database is NOT stored in /etc/passwd etc), |
37 | you must NOT use this option. |
38 | |
39 | If you enable this option, it will add about 1.5k. |
40 | |
41 | config USE_BB_SHADOW |
42 | bool "Use internal shadow password functions" |
43 | default y |
44 | depends on USE_BB_PWD_GRP && FEATURE_SHADOWPASSWDS |
45 | help |
46 | If you leave this disabled, busybox will use the system's shadow |
47 | password handling functions. And if you are using the GNU C library |
48 | (glibc), you will then need to install the /etc/nsswitch.conf |
49 | configuration file and the required /lib/libnss_* libraries in |
50 | order for the shadow password functions to work. This generally |
51 | makes your embedded system quite a bit larger. |
52 | |
53 | Enabling this option will cause busybox to directly access the |
54 | system's /etc/shadow file when handling shadow passwords. This |
55 | makes your system smaller (and I will get fewer emails asking about |
56 | how glibc NSS works). When this option is enabled, you will not be |
57 | able to use PAM to access shadow passwords from remote LDAP |
58 | password servers and whatnot. |
59 | |
60 | config USE_BB_CRYPT |
61 | bool "Use internal DES and MD5 crypt functions" |
62 | default y |
63 | help |
64 | Busybox has internal DES and MD5 crypt functions. |
65 | They produce results which are identical to corresponding |
66 | standard C library functions. |
67 | |
68 | If you leave this disabled, busybox will use the system's |
69 | crypt functions. Most C libraries use large (~70k) |
70 | static buffers there, and also combine them with more general |
71 | DES encryption/decryption. |
72 | |
73 | For busybox, having large static buffers is undesirable, |
74 | especially on NOMMU machines. Busybox also doesn't need |
75 | DES encryption/decryption and can do with smaller code. |
76 | |
77 | If you enable this option, it will add about 4.8k of code |
78 | if you are building dynamically linked executable. |
79 | In static build, it makes code _smaller_ by about 1.2k, |
80 | and likely many kilobytes less of bss. |
81 | |
82 | config ADDGROUP |
83 | bool "addgroup" |
84 | default n |
85 | help |
86 | Utility for creating a new group account. |
87 | |
88 | config FEATURE_ADDUSER_TO_GROUP |
89 | bool "Support for adding users to groups" |
90 | default n |
91 | depends on ADDGROUP |
92 | help |
93 | If called with two non-option arguments, |
94 | addgroup will add an existing user to an |
95 | existing group. |
96 | |
97 | config DELGROUP |
98 | bool "delgroup" |
99 | default n |
100 | help |
101 | Utility for deleting a group account. |
102 | |
103 | config FEATURE_DEL_USER_FROM_GROUP |
104 | bool "Support for removing users from groups" |
105 | default n |
106 | depends on DELGROUP |
107 | help |
108 | If called with two non-option arguments, deluser |
109 | or delgroup will remove an user from a specified group. |
110 | |
111 | config FEATURE_CHECK_NAMES |
112 | bool "Enable sanity check on user/group names in adduser and addgroup" |
113 | default n |
114 | depends on ADDUSER || ADDGROUP |
115 | help |
116 | Enable sanity check on user and group names in adduser and addgroup. |
117 | To avoid problems, the user or group name should consist only of |
118 | letters, digits, underscores, periods, at signs and dashes, |
119 | and not start with a dash (as defined by IEEE Std 1003.1-2001). |
120 | For compatibility with Samba machine accounts "$" is also supported |
121 | at the end of the user or group name. |
122 | |
123 | config ADDUSER |
124 | bool "adduser" |
125 | default n |
126 | help |
127 | Utility for creating a new user account. |
128 | |
129 | config FEATURE_ADDUSER_LONG_OPTIONS |
130 | bool "Enable long options" |
131 | default n |
132 | depends on ADDUSER && GETOPT_LONG |
133 | help |
134 | Support long options for the adduser applet. |
135 | |
136 | config DELUSER |
137 | bool "deluser" |
138 | default n |
139 | help |
140 | Utility for deleting a user account. |
141 | |
142 | config GETTY |
143 | bool "getty" |
144 | default n |
145 | select FEATURE_SYSLOG |
146 | help |
147 | getty lets you log in on a tty, it is normally invoked by init. |
148 | |
149 | config FEATURE_UTMP |
150 | bool "Support utmp file" |
151 | depends on GETTY || LOGIN || SU || WHO |
152 | default n |
153 | help |
154 | The file /var/run/utmp is used to track who is currently logged in. |
155 | |
156 | config FEATURE_WTMP |
157 | bool "Support wtmp file" |
158 | depends on GETTY || LOGIN || SU || LAST |
159 | default n |
160 | select FEATURE_UTMP |
161 | help |
162 | The file /var/run/wtmp is used to track when user's have logged into |
163 | and logged out of the system. |
164 | |
165 | config LOGIN |
166 | bool "login" |
167 | default n |
168 | select FEATURE_SUID |
169 | select FEATURE_SYSLOG |
170 | help |
171 | login is used when signing onto a system. |
172 | |
173 | Note that Busybox binary must be setuid root for this applet to |
174 | work properly. |
175 | |
176 | config PAM |
177 | bool "Support for PAM (Pluggable Authentication Modules)" |
178 | default n |
179 | depends on LOGIN |
180 | help |
181 | Use PAM in login(1) instead of direct access to password database. |
182 | |
183 | config LOGIN_SCRIPTS |
184 | bool "Support for login scripts" |
185 | depends on LOGIN |
186 | default n |
187 | help |
188 | Enable this if you want login to execute $LOGIN_PRE_SUID_SCRIPT |
189 | just prior to switching from root to logged-in user. |
190 | |
191 | config FEATURE_NOLOGIN |
192 | bool "Support for /etc/nologin" |
193 | default y |
194 | depends on LOGIN |
195 | help |
196 | The file /etc/nologin is used by (some versions of) login(1). |
197 | If it exists, non-root logins are prohibited. |
198 | |
199 | config FEATURE_SECURETTY |
200 | bool "Support for /etc/securetty" |
201 | default y |
202 | depends on LOGIN |
203 | help |
204 | The file /etc/securetty is used by (some versions of) login(1). |
205 | The file contains the device names of tty lines (one per line, |
206 | without leading /dev/) on which root is allowed to login. |
207 | |
208 | config PASSWD |
209 | bool "passwd" |
210 | default n |
211 | select FEATURE_SUID |
212 | select FEATURE_SYSLOG |
213 | help |
214 | passwd changes passwords for user and group accounts. A normal user |
215 | may only change the password for his/her own account, the super user |
216 | may change the password for any account. The administrator of a group |
217 | may change the password for the group. |
218 | |
219 | Note that Busybox binary must be setuid root for this applet to |
220 | work properly. |
221 | |
222 | config FEATURE_PASSWD_WEAK_CHECK |
223 | bool "Check new passwords for weakness" |
224 | default y |
225 | depends on PASSWD |
226 | help |
227 | With this option passwd will refuse new passwords which are "weak". |
228 | |
229 | config CRYPTPW |
230 | bool "cryptpw" |
231 | default n |
232 | help |
233 | Applet for crypting a string. |
234 | |
235 | config CHPASSWD |
236 | bool "chpasswd" |
237 | default n |
238 | help |
239 | chpasswd reads a file of user name and password pairs from |
240 | standard input and uses this information to update a group of |
241 | existing users. |
242 | |
243 | config SU |
244 | bool "su" |
245 | default n |
246 | select FEATURE_SUID |
247 | select FEATURE_SYSLOG |
248 | help |
249 | su is used to become another user during a login session. |
250 | Invoked without a username, su defaults to becoming the super user. |
251 | |
252 | Note that Busybox binary must be setuid root for this applet to |
253 | work properly. |
254 | |
255 | config FEATURE_SU_SYSLOG |
256 | bool "Enable su to write to syslog" |
257 | default y |
258 | depends on SU |
259 | |
260 | config FEATURE_SU_CHECKS_SHELLS |
261 | bool "Enable su to check user's shell to be listed in /etc/shells" |
262 | depends on SU |
263 | default y |
264 | |
265 | config SULOGIN |
266 | bool "sulogin" |
267 | default n |
268 | select FEATURE_SYSLOG |
269 | help |
270 | sulogin is invoked when the system goes into single user |
271 | mode (this is done through an entry in inittab). |
272 | |
273 | config VLOCK |
274 | bool "vlock" |
275 | default n |
276 | select FEATURE_SUID |
277 | help |
278 | Build the "vlock" applet which allows you to lock (virtual) terminals. |
279 | |
280 | Note that Busybox binary must be setuid root for this applet to |
281 | work properly. |
282 | |
283 | endmenu |