menu "Login/Password Management Utilities"
+config CONFIG_FEATURE_SHADOWPASSWDS
+ bool "Support for shadow passwords"
+ default n
+ help
+ Build support for shadow password in /etc/shadow. This file is only
+ readable by root and thus the encrypted passwords are no longer
+ publicly readable.
+
+config CONFIG_USE_BB_SHADOW
+ bool " Use busybox shadow password functions"
+ default y
+ depends on CONFIG_USE_BB_PWD_GRP && CONFIG_FEATURE_SHADOWPASSWDS
+ help
+ If you leave this disabled, busybox will use the system's shadow
+ password handling functions. And if you are using the GNU C library
+ (glibc), you will then need to install the /etc/nsswitch.conf
+ configuration file and the required /lib/libnss_* libraries in
+ order for the shadow password functions to work. This generally
+ makes your embedded system quite a bit larger.
+
+ Enabling this option will cause busybox to directly access the
+ system's /etc/shadow file when handling shadow passwords. This
+ makes your system smaller and I will get fewer emails asking about
+ how glibc NSS works). When this option is enabled, you will not be
+ able to use PAM to access shadow passwords from remote LDAP
+ password servers and whatnot.
+
config CONFIG_USE_BB_PWD_GRP
bool "Use internal password and group functions rather than system functions"
default n
If you enable this option, it will add about 1.5k to busybox.
-
config CONFIG_ADDGROUP
bool "addgroup"
default n
bool "getty"
default n
help
- Getty lets you log in on a tty, it is normally invoked by init.
+ getty lets you log in on a tty, it is normally invoked by init.
+
+config CONFIG_FEATURE_UTMP
+ bool "Support utmp file"
+ depends on CONFIG_GETTY || CONFIG_LOGIN || CONFIG_SU || CONFIG_WHO
+ default n
+ help
+ The file /var/run/utmp is used to track who is currently logged in.
+
+config CONFIG_FEATURE_WTMP
+ bool "Support wtmp file"
+ depends on CONFIG_GETTY || CONFIG_LOGIN || CONFIG_SU || CONFIG_LAST
+ default n
+ select CONFIG_FEATURE_UTMP
+ help
+ The file /var/run/wtmp is used to track when user's have logged into
+ and logged out of the system.
config CONFIG_LOGIN
bool "login"
default n
+ select CONFIG_FEATURE_SUID
help
- Login is used when signing onto a system.
+ login is used when signing onto a system.
+
+ Note that Busybox binary must be setuid root for this applet to
+ work properly.
config CONFIG_FEATURE_SECURETTY
- bool " Support for /etc/securetty"
+ bool "Support for /etc/securetty"
default y
depends on CONFIG_LOGIN
help
- The file /etc/securetty is used by (some versions of) login(1). The
- file contains the device names of tty lines (one per line, without
- leading /dev/) on which root is allowed to login.
+ The file /etc/securetty is used by (some versions of) login(1).
+ The file contains the device names of tty lines (one per line,
+ without leading /dev/) on which root is allowed to login.
config CONFIG_PASSWD
bool "passwd"
default n
+ select CONFIG_FEATURE_SUID
help
- Passwd changes passwords for user and group accounts. A normal user
- may only change the password for his/her own account, the super user
- may change the password for any account. The administrator of a group
+ passwd changes passwords for user and group accounts. A normal user
+ may only change the password for his/her own account, the super user
+ may change the password for any account. The administrator of a group
may change the password for the group.
+ Note that Busybox binary must be setuid root for this applet to
+ work properly.
+
config CONFIG_SU
bool "su"
default n
+ select CONFIG_FEATURE_SUID
+ help
+ su is used to become another user during a login session.
+ Invoked without a username, su defaults to becoming the super user.
+
+ Note that Busybox binary must be setuid root for this applet to
+ work properly.
+
+config CONFIG_SU_SYSLOG
+ bool "Support for syslog in su"
+ default y
+ depends on CONFIG_SU
help
- su is used to become another user during a login session. Invoked with-
- out a username, su defaults to becoming the super user.
+ Enables support for syslog in su.
config CONFIG_SULOGIN
bool "sulogin"
default n
help
- Sulogin is invoked when the system goes into single user
+ sulogin is invoked when the system goes into single user
mode (this is done through an entry in inittab).
config CONFIG_VLOCK
bool "vlock"
default n
+ select CONFIG_FEATURE_SUID
help
- Build the "vlock" applet, that allows you to lock (virtual) terminals.
-
-comment "Common options for adduser, deluser, login, su"
- depends on CONFIG_ADDUSER || CONFIG_DELUSER || CONFIG_LOGIN || CONFIG_SU
-
-config CONFIG_FEATURE_SHADOWPASSWDS
- bool "Support for shadow passwords"
- default n
- depends on CONFIG_ADDUSER || CONFIG_DELUSER || CONFIG_LOGIN || CONFIG_SU
- help
- Build support for shadow password in /etc/shadow. This file is only
- only readable by root and thus the encrypted passwords are no longer
- publicly readable.
-
-config CONFIG_USE_BB_SHADOW
- bool " Use busybox shadow password functions"
- default n
- depends on CONFIG_USE_BB_PWD_GRP && CONFIG_FEATURE_SHADOWPASSWDS
- help
- If you leave this disabled, busybox will use the system's shadow
- password handling functions. And if you are using the GNU C library
- (glibc), you will then need to install the /etc/nsswitch.conf
- configuration file and the required /lib/libnss_* libraries in
- order for the shadow password functions to work. This generally
- makes your embedded system quite a bit larger.
+ Build the "vlock" applet which allows you to lock (virtual) terminals.
- Enabling this option will cause busybox to directly access the
- system's /etc/shadow file when handling shadow passwords. This
- makes your system smaller and I will get fewer emails asking about
- how glibc NSS works). When this option is enabled, you will not be
- able to use PAM to access shadow passwords from remote LDAP
- password servers and whatnot.
+ Note that Busybox binary must be setuid root for this applet to
+ work properly.
endmenu