diff options
| author | Ryan C. England <rcengland@gmail.com> | 2019-08-18 21:49:35 -0400 |
|---|---|---|
| committer | Dan McDonald <danmcd@joyent.com> | 2019-08-20 10:37:14 -0400 |
| commit | a9370e9f996b7ce61bb1a9612a0625161a922320 (patch) | |
| tree | 1ad71ec4224fe0ea91704e8c1295f110606d083e | |
| parent | f67950b21e185934ccabe311516f4dcbdb00ef79 (diff) | |
| download | illumos-joyent-a9370e9f996b7ce61bb1a9612a0625161a922320.tar.gz | |
9096 passwords (policy.conf) should default to sha512
Reviewed by: Peter Tribble <peter.tribble@gmail.com>
Reviewed by: Andy Fiddaman <omnios@citrus-it.co.uk>
Reviewed by: Toomas Soome <tsoome@me.com>
Approved by: Dan McDonald <danmcd@joyent.com>
| -rw-r--r-- | usr/src/lib/libsecdb/policy.conf | 6 | ||||
| -rw-r--r-- | usr/src/man/man4/policy.conf.4 | 18 |
2 files changed, 12 insertions, 12 deletions
diff --git a/usr/src/lib/libsecdb/policy.conf b/usr/src/lib/libsecdb/policy.conf index db9b8cb1f5..60fea9f5f3 100644 --- a/usr/src/lib/libsecdb/policy.conf +++ b/usr/src/lib/libsecdb/policy.conf @@ -44,11 +44,11 @@ CRYPT_ALGORITHMS_ALLOW=1,2a,md5,5,6 # #CRYPT_ALGORITHMS_DEPRECATE=__unix__ -# The OpenSolaris default is a SHA256 based algorithm. To revert to -# the policy present in Solaris releases set CRYPT_DEFAULT=__unix__, +# The illumos default is a SHA512 based algorithm. To revert to +# the policy present in former Solaris releases set CRYPT_DEFAULT=__unix__, # which is not listed in crypt.conf(4) since it is internal to libc. # -CRYPT_DEFAULT=5 +CRYPT_DEFAULT=6 # # These settings determine the default privileges users have. If not set, # the default privileges are taken from the inherited set. diff --git a/usr/src/man/man4/policy.conf.4 b/usr/src/man/man4/policy.conf.4 index 65b6d04494..4c933fbfc4 100644 --- a/usr/src/man/man4/policy.conf.4 +++ b/usr/src/man/man4/policy.conf.4 @@ -13,7 +13,7 @@ policy.conf \- configuration file for security policy .fi .SH DESCRIPTION -.sp + .LP The \fBpolicy.conf\fR file provides the security policy configuration for user-level attributes. Each entry consists of a key/value pair in the form: @@ -132,10 +132,10 @@ another algorithm, such as \fBCRYPT_DEFAULT=1\fR for BSD and Linux MD5. .ad .sp .6 .RS 4n -Specify the default algorithm for new passwords. The Solaris default is the -traditional UNIX algorithm. This is not listed in \fBcrypt.conf\fR(4) since it -is internal to \fBlibc\fR. The reserved name \fB__unix__\fR is used to refer to -it. +Specify the default algorithm for new passwords. The Solaris default was once +the traditional UNIX algorithm. This is not listed in \fBcrypt.conf\fR(4) since +it is internal to \fBlibc\fR. The reserved name \fB__unix__\fR is used to refer +to it. .RE .sp @@ -186,7 +186,7 @@ specifications are unaffected by any future addition of privileges that might occur. .SH FILES -.sp + .ne 2 .na \fB\fB/etc/user_attr\fR\fR @@ -223,7 +223,7 @@ Defines policy for the system. .RE .SH ATTRIBUTES -.sp + .LP See \fBattributes\fR(5) for descriptions of the following attributes: .sp @@ -239,13 +239,13 @@ Interface Stability Committed .TE .SH SEE ALSO -.sp + .LP \fBlogin\fR(1), \fBpfexec\fR(1), \fBchkauthattr\fR(3SECDB), \fBgetexecuser\fR(3SECDB), \fBauth_attr\fR(4), \fBcrypt.conf\fR(4), \fBprof_attr\fR(4), \fBuser_attr\fR(4), \fBattributes\fR(5), \fBprivileges\fR(5) .SH NOTES -.sp + .LP The \fIconsole user\fR is defined as the owner of \fB/dev/console\fR. |