Shadow/CrackLib - A compromise?

Randy McMurchy LFS-User at
Sun Aug 7 18:50:59 PDT 2005

Hi all,

Well, I must say I thoroughly enjoyed the debate about adding CrackLib
to LFS. There was a bunch of ideas thrown around. It seemed healthy for
the list.

Anyway, some of the folks who provided arguments why CrackLib should
not be added had very good ideas about LFS, goals, etc.

I tend to agree with those that said they didn't like the idea that
CrackLib be forced into the build. Hey, if you don't want it, don't
install it! There is merit in those words.

However, to me, it is negligent on our part to completely omit a
mention of CrackLib in LFS. That said, how about this for a compromise:

In the Shadow instructions, a little note at the beginning of the
package instructions saying that if you would like the system
configured to support strong passwords, install CrackLib and add
--with-libcrack to the configure script.

It could probably be done in one sentence, two max, with a link to
the BLFS CrackLib instructions. This informs folks that there is a
mechanism available by installing one simple package to enforce
strong passwords, and keeps the BLFS guys from having to modify the
BLFS Shadow instructions to include a way to re-install Shadow
without PAM and still have CrackLib available.

What say the group?


rmlscsi: [GNU ld version 20041220] [gcc (GCC) 3.4.3]
[GNU C Library stable release version 2.3.4] [Linux 2.6.10 i686]
20:40:00 up 127 days, 20:13, 5 users, load average: 0.00, 0.03, 0.17

More information about the lfs-dev mailing list