Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
FS#67393 - [shadow][pambase] Stop overriding the specified ENCRYPT_METHOD in /etc/login.defs
Attached to Project:
Arch Linux
Opened by loqs (loqs) - Saturday, 25 July 2020, 17:25 GMT
Last edited by David Runge (dvzrv) - Friday, 22 September 2023, 20:34 GMT
Opened by loqs (loqs) - Saturday, 25 July 2020, 17:25 GMT
Last edited by David Runge (dvzrv) - Friday, 22 September 2023, 20:34 GMT
|
DetailsDescription:
The method is currently overridden in all its uses meaning the actual value specified in /etc/login.defs has no effect. This could cause confusion. Also synchronizing a setting in multiple locations can introduce errors. It is used in at least: * /etc/pam.d/chpasswd * /etc/pam.d/newusers * /etc/pam.d/passwd * /etc/pam.d/system-auth PKGBUILD.diff.shadow removed all uses of sha512. Changed dropped module pam_cracklib.so to pam_pwquality.so, man page lists parameters as being the same but I have not checked this. PKGBUILD.diff.pambase removed use of sha512. Additional info: * shadow 4.8.1-3 * pambase 20190105.1-2 |
This task depends upon
Closed by David Runge (dvzrv)
Friday, 22 September 2023, 20:34 GMT
Reason for closing: Fixed
Additional comments about closing: Fixed with pambase 20230918, shadow 4.14.0-3
Friday, 22 September 2023, 20:34 GMT
Reason for closing: Fixed
Additional comments about closing: Fixed with pambase 20230918, shadow 4.14.0-3
pam_unix(8) supports more algorithms, like yescrypt.
https://github.com/linux-pam/linux-pam/pull/84
Should this be closed as Won't Fix?
You could also standardize the use of nullok. You could also consider changing physlock and kbd to using upstreams pam configs that use system-auth rather directly using pam_unix.
Edit:
man 5 crypt notes 5000 rounds is too low for modern hardware for sha512/sha256 but does not provide a recommended number of rounds.
Does the libxcrypt project have a recommendation for the number of rounds that currently could be used? That could then be set in upstream shadows login.defs.
Or patch shadow with yescrypt support [1] and add the option there?
[1] https://github.com/shadow-maint/shadow/commit/5cd04d03f94622c12220d4a6352824af081b8531
I wonder why that is and how they configure PAM instead.
https://www.mankier.com/5/crypt#Available_Hashing_Methods
https://www.mankier.com/8/pam_unix#Options
Without pam ENCRYPT_METHOD supported values des md5 sha256 sha512 bcrypt yescrypt, SHA_CRYPT_MIN_ROUNDS SHA_CRYPT_MAX_ROUNDS BCRYPT_MIN_ROUNDS BCRYPT_MAX_ROUNDS YESCRYPT_COST_FACTOR [4] may be used.
des md5 sha256 sha512 bcrypt yescrypt intersection with des md5 bigcrypt sha256 sha512 blowfish gost_yescrypt yescrypt is des md5 sha256 sha512 yescrypt eliminating des and md5 leaves sha256 sha612 yescrypt.
scrypt bcrypt sha1crypt SunMD5 bsdicrypt NT are supported by libxcrypt [5] but not by pam_unix [2].
[6] Changes the ENCRYPT_METHOD documentation in login.defs to list the methods supported by pam_unix and removes the per method rounds settings.
[7] and [8] Adds a ROUNDS option to login.defs and changes pam_unix's undocumented support for SHA_CRYPT_MAX_ROUNDS to support it mirroring the rounds option pam_unix already supports.
#SHA_CRYPT_MAX_ROUNDS 5000
pam_unix min 1000 max 9999999 default 5000
#YESCRYPT_COST_FACTOR 5
pam_unix min 3 max 11 default 5
How does Fedora avoid a different number of rounds and or encryption method being used between tools that use pam such login when a password change is forced due to it being expired compared to passwd which Fedora builds without pam?
[1] https://github.com/linux-pam/linux-pam/blob/v1.5.2/modules/pam_unix/support.c#L85
[2] https://github.com/linux-pam/linux-pam/blob/v1.5.2/modules/pam_unix/support.h#L109
[3] https://github.com/linux-pam/linux-pam/blob/v1.5.2/modules/pam_unix/support.c#L103
[4] https://man.archlinux.org/man/login.defs.5
[5] https://man.archlinux.org/man/crypt.5
[6] shadow-encrypt-methods-supported-by-pam-unix.patch
[7] shadow-rounds.patch
[8] pam-rounds.patch
@loqs: What is your opinion on https://bugs.archlinux.org/task/69715#comment222158 (as this is closely related to the PAM files for shadow).
Do you want to contact upstream on the issue of supporting different cost factors? This issue could be marked implemented as SHA512 is no longer forced.
Judging from the source code, the cost factor is supported via "rounds": https://github.com/linux-pam/linux-pam/blob/77bd338125cde583ecdfb9fd69619bcd2baf15c2/modules/pam_unix/support.c#L188-L195
However, I guess it would be good to also support reading of `YESCRYPT_COST_FACTOR` from /etc/login.defs for that purpose!
Please give it a thorough test and report back with any problems!