Hello, This is a little bit related to this thread, and may help to find which variables need to be set in login.defs.
Here is the (I hope complete list) of variables used by the shadow utilities (I hope it is not in dead code), sorted by package/utility and by variable. I did not find any differences with or without the patch 404 (so this list should be maintained after the re-PAMification). I've made this list by checking which getdef_* calls were linked in the utilities, and then by (quickly) checking wether these getdef_ were really used. (So it may not be exact). Kind Regards, -- Nekral
login: * faillog * lastlog * newgrp SYSLOG_SG_ENAB, SYSLOG_SG_ENAB, GETPASS_ASTERISKS (getpass) * login ERASECHAR, KILLCHAR, LOGIN_TIMEOUT, FAIL_DELAY, LOGIN_RETRIES, LOG_UNKFAIL_ENAB, FAILLOG_ENAB, FAILLOG_ENAB, FAILLOG_ENAB, FTMP_FILE, FAILLOG_ENAB, TTYTYPE_FILE, LOG_OK_LOGINS, FAKE_SHELL, TTYGROUP (chown_tty), TTYPERM (chown_tty), CONSOLE (console), FTMP_FILE (), HUSHLOGIN_FILE (hushed), CONSOLE_GROUPS (setup_uid_gid), DEFAULT_HOME (setup_env), ENV_SUPATH (), ENV_PATH (), TTYTYPE_FILE () * su SYSLOG_SU_ENAB, SU_NAME, ENV_SUPATH, ENV_PATH, SYSLOG_SU_ENAB, CONSOLE_GROUPS (setup_uid_gid), DEFAULT_HOME (setup_env), ENV_SUPATH, ENV_PATH, SULOG_FILE (sulog) passwd: * chage * chfn CHFN_RESTRICT * chpasswd * chsh * cppw * expiry CONSOLE_GROUPS (libmisc/setugid.c:setup_uid_gid used in libmisc/age.c:expire) * gpasswd GETPASS_ASTERISKS (getpass) * groupadd GID_MIN, GID_MAX * groupdel * groupmod * grpck * grpconv * grpunconv * newusers PASS_MIN_DAYS, PASS_MAX_DAYS, PASS_WARN_AGE, UMASK * passwd * pwck * pwconv PASS_MIN_DAYS, PASS_MAX_DAYS, PASS_WARN_AGE * pwunconv * useradd PASS_MIN_DAYS, PASS_MAX_DAYS, PASS_WARN_AGE, UID_MIN, UID_MAX, UMASK, CREATE_HOME (not for Debian) * userdel USERGROUPS_ENAB, USERDEL_CMD, MAIL_DIR, MAIL_FILE * usermod MAIL_DIR, MAIL_FILE * vipw SYSLOG_SG_ENAB: newgrp GETPASS_ASTERISKS: newgrp, gpasswd ERASECHAR: login KILLCHAR: login LOGIN_TIMEOUT: login FAIL_DELAY: login LOGIN_RETRIES: login LOG_UNKFAIL_ENAB: login FAILLOG_ENAB: login FTMP_FILE: login TTYTYPE_FILE: login LOG_OK_LOGINS: login FAKE_SHELL: login TTYGROUP: login TTYPERM: login CONSOLE: login HUSHLOGIN_FILE: login CONSOLE_GROUPS: login, su, expiry DEFAULT_HOME: login, su ENV_SUPATH: login, su ENV_PATH: login, su SYSLOG_SU_ENAB: su SU_NAME: su SULOG_FILE: su CHFN_RESTRICT: chfn GID_MIN: groupadd GID_MAX: groupadd PASS_MIN_DAYS: newusers, pwconv, useradd PASS_MAX_DAYS: newusers, pwconv, useradd PASS_WARN_AGE: newusers, pwconv, useradd UMASK: newusers, useradd UID_MIN: useradd UID_MAX: useradd CREATE_HOME: useradd (not for Debian) USERGROUPS_ENAB: userdel USERDEL_CMD: userdel MAIL_DIR: userdel, usermod MAIL_FILE: userdel, usermod variables used in both passwd and login packages: GETPASS_ASTERISKS (maybe newgrp should be PAMified?), CONSOLE_GROUPS (maybe expiry should be PAMified?)
