Linux From Scratch (w/Pacman) - Version r12.3-6-wip

Chapter 8. Installing Basic System Software

8.33. CrackLib-2.10.3

8.33.1. Introduction to CrackLib

The CrackLib package contains a library used to enforce strong passwords by comparing user selected passwords to words in chosen word lists.

Approximate build time: less than 0.1 SBU
Required disk space: 5.0 MB

8.33.2. Installation of CrackLib

Create the PKGBUILD for the Cracklib package with the following commands: 

mkdir /sources/cracklib
cd /sources/cracklib
cat > PKGBUILD << "REALEOF"
# Maintainer: Linux From Scratch <lfs-dev@lists.linuxfromscratch.org>

pkgname="cracklib"
pkgver="2.10.3"
pkgrel="1"
pkgdesc="The CrackLib package contains a library used to enforce strong passwords by comparing user selected passwords to words in chosen word lists." 
arch=('x86'
      'x86_64')
url="http://www.gnu.org/software/cracklib"
license=('GPLv3')
depends=('glibc'
         'linux-pam')
makedepends=('bash'
             'binutils'
             'coreutils'
             'gcc'
             'glibc'
             'grep'
             'linux-pam'
             'shadow'
             'sed')
source=("https://github.com/cracklib/cracklib/releases/download/v2.10.3/cracklib-2.10.3.tar.xz"
        "https://github.com/cracklib/cracklib/releases/download/v2.10.3/cracklib-words-2.10.3.xz")
md5sums=('e8ea2b86de774fc09fdd0f2829680b19'
         'f27804022dbf2682a7f7c353317f9a53')
install="cracklib.install"
backup=("usr/share/dict/cracklib-extra-words")
options=('emptydirs')

prepare(){
  cd "${pkgname}-${pkgver}"
  # Remove a meaningless warning
  sed -i '/skipping/d' util/packer.c
  # Fix build with newer Python
  sed -i '15209 s/.*/am_cv_python_version=3.13/' configure
}

build(){
  cd "${pkgname}-${pkgver}"
  PYTHON=python3 CPPFLAGS=-I/usr/include/python3.10 \
  ./configure --prefix=/usr    \
              --disable-static \
              --with-default-dict=/usr/lib/cracklib/pw_dict
  make
}

package(){
  cd "${pkgname}-${pkgver}"
  make DESTDIR="${pkgdir}" install
  install -v -m644 -D "${srcdir}/cracklib}-words-${pkgver}.bz2" \
                      "${pkgdir}/usr/share/dict/cracklib-words.bz2"
  bzip2 -d -v "${pkgdir}/usr/share/dict/cracklib-words.bz2"
  ln -v -sf cracklib-words "${pkgdir}/usr/share/dict/words"
  echo "linuxfromscratch" >> "${pkgdir}/usr/share/dict/cracklib-extra-words"
  install -v -m755 -d "${pkgdir}/usr/lib/cracklib"
}
REALEOF

We have also listed an install file in the above PKGBUILD that will install the default dictionary and create our combined wordlists: 

cat > cracklib.install << "REALEOF"
post_install(){
  echo $(hostname) >>  /usr/share/dict/cracklib-extra-words
  create-cracklib-dict /usr/share/dict/cracklib-words \
                       /usr/share/dict/cracklib-extra-words
}

post_upgrade(){
  post_install
}
REALEOF

Prepare the build directory for the pacman user and build the package: 

chown -R root:pacman .
chmod 2775 .
chmod 664 PKGBUILD
su pacman -c 'makepkg -L --nodeps'

Add the newly created package to the central package repository: 

repo-add /srv/pacman/repos/LFS/LFS.db.tar.xz \
         /srv/pacman/repos/LFS/cracklib-2.10.3-1-$(uname -m).pkg.tar.xz

Update the local cache and install the Cracklib package: 

pacman -Syu
pacman -S cracklib --overwrite \* -dd --noconfirm

Finally, copy the source files into the source repository and clean up the build directory: 

mkdir /srv/pacman/source/LFS/cracklib
cp PKGBUILD /srv/pacman/source/LFS/cracklib
cp cracklib.install /srv/pacman/source/LFS/cracklib
cd /sources
rm -rf cracklib

8.33.3. Command Explanations

sed -i '/skipping/d' util/packer.c: Remove a meaningless warning.

PYTHON=python3: This forces the installation of python bindings for Python 3, even if Python 2 is installed.

CPPFLAGS=-I/usr/include/python3.13: This works around an issue caused by incorrect usage of Python 3 headers.

--with-default-dict=/lib/cracklib/pw_dict: This parameter forces the installation of the CrackLib dictionary to the /lib hierarchy.

install -v -m644 -D ...: This command creates the /usr/share/dict directory (if it doesn't already exist) and installs the compressed word list there.

ln -v -s cracklib-words /usr/share/dict/words: The word list is linked to /usr/share/dict/words as historically, words is the primary word list in the /usr/share/dict directory. Omit this command if you already have a /usr/share/dict/words file installed on your system.

echo $(hostname) >>...: The value of hostname is echoed to a file called cracklib-extra-words. This extra file is intended to be a site specific list which includes easy to guess passwords such as company or department names, user names, product names, computer names, domain names, etc.

create-cracklib-dict ...: This command creates the CrackLib dictionary from the word lists. Modify the command to add any additional word lists you have installed.

8.33.4. Contents

Installed Programs: cracklib-check, cracklib-format, cracklib-packer, cracklib-unpacker and create-cracklib-dict
Installed Libraries: libcrack.so and the _cracklib.so (Python module)
Installed Directories: /lib/cracklib, /usr/share/dict and /usr/share/cracklib

Short Descriptions

cracklib-check

is used to determine if a password is strong

cracklib-format

is used to format text files (lowercases all words, removes control characters and sorts the lists)

cracklib-packer

creates a database with words read from standard input

cracklib-unpacker

displays on standard output the database specified

create-cracklib-dict

is used to create the CrackLib dictionary from the given word list(s)

libcrack.so

provides a fast dictionary lookup method for strong password enforcement