Copyright (c) 2001, Sun Microsystems, Inc. All Rights Reserved.
The contents of this file are subject to the terms of the Common Development and Distribution License (the "License"). You may not use this file except in compliance with the License.
You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing. See the License for the specific language governing permissions and limitations under the License.
When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE. If applicable, add the following below this CDDL HEADER, with the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]
/etc/security/crypt.conf
There must be at least one entry in crypt.conf with the same name as is stored in the crypt_algorithm_magic symbol of the module. The documentation provided with the module should list this name.
The module_path field specifies the path name to a shared library object that implements crypt_genhash_impl(), crypt_gensalt_impl(), and crypt_algorithm_magic. If the path name is not absolute, it is assumed to be relative to /usr/lib/security/$ISA. If the path name contains the $ISA token, the token is replaced by an implementation-defined directory name that defines the path relative to the calling program's instruction set architecture.
The params field is used to pass module-specific options to the shared objects. See crypt_genhash_impl(3C) and crypt_gensalt_impl(3C). It is the responsibility of the module to parse and interpret the options. The params field can be used by the modules to turn on debugging or to pass any module-specific parameters that control the output of the hashing algorithm.
The default configuration preserves previous Solaris behavior while adding compatibility for md5crypt-generated passwords as provided on some BSD and Linux systems.
# # crypt.conf # 1 /usr/lib/security/$ISA/crypt_bsdmd5.so
Example 2 Use md5crypt to demonstrate compatibility with BSD- and Linux-based systems.
The following example lists 4 algorithms and demonstrates how compatibility with BSD- and Linux-based systems using md5crypt is made available, using the algorithm names 1 and 2.
# # crypt.conf # md5 /usr/lib/security/$ISA/crypt_md5.so rot13 /usr/lib/security/$ISA/crypt_rot13.so # For *BSD/Linux compatibility # 1 is md5, 2 is Blowfish 1 /usr/lib/security/$ISA/crypt_bsdmd5.so 2 /usr/lib/security/$ISA/crypt_bsdbf.so
| ATTRIBUTE TYPE ATTRIBUTE VALUE |
| Interface Stability Evolving |