aboutsummaryrefslogtreecommitdiff
path: root/base/bin/config
diff options
context:
space:
mode:
Diffstat (limited to 'base/bin/config')
-rw-r--r--base/bin/config/Makefile109
-rw-r--r--base/bin/config/README1
-rw-r--r--base/bin/config/common.mk11
-rw-r--r--base/bin/config/default/useradd8
-rw-r--r--base/bin/config/login.defs261
-rw-r--r--base/bin/config/os-release7
-rw-r--r--base/bin/config/pam.d/Makefile17
-rw-r--r--base/bin/config/pam.d/chage6
-rw-r--r--base/bin/config/pam.d/chfn6
-rw-r--r--base/bin/config/pam.d/chgpasswd4
-rw-r--r--base/bin/config/pam.d/chpasswd6
-rw-r--r--base/bin/config/pam.d/chsh6
-rw-r--r--base/bin/config/pam.d/groupadd6
-rw-r--r--base/bin/config/pam.d/groupdel6
-rw-r--r--base/bin/config/pam.d/groupmems4
-rw-r--r--base/bin/config/pam.d/groupmod6
-rw-r--r--base/bin/config/pam.d/login7
-rw-r--r--base/bin/config/pam.d/newusers6
-rw-r--r--base/bin/config/pam.d/other5
-rw-r--r--base/bin/config/pam.d/passwd4
-rw-r--r--base/bin/config/pam.d/shadow6
-rw-r--r--base/bin/config/pam.d/su9
-rw-r--r--base/bin/config/pam.d/su-l9
-rw-r--r--base/bin/config/pam.d/system-auth17
-rw-r--r--base/bin/config/pam.d/system-local-login6
-rw-r--r--base/bin/config/pam.d/system-login19
-rw-r--r--base/bin/config/pam.d/system-remote-login6
-rw-r--r--base/bin/config/pam.d/system-services11
-rw-r--r--base/bin/config/pam.d/useradd6
-rw-r--r--base/bin/config/pam.d/userdel6
-rw-r--r--base/bin/config/pam.d/usermod6
-rw-r--r--base/bin/config/security/limits.d/90-nproc.conf6
-rw-r--r--base/bin/config/system.pc8
33 files changed, 601 insertions, 0 deletions
diff --git a/base/bin/config/Makefile b/base/bin/config/Makefile
new file mode 100644
index 0000000..e070d6a
--- /dev/null
+++ b/base/bin/config/Makefile
@@ -0,0 +1,109 @@
+include common.mk
+
+all:
+
+install-filesystem:
+ $(INSTALLDIR) $(DESTDIR)/boot
+ $(INSTALLDIR) $(DESTDIR)/dev
+ $(INSTALLDIR) $(DESTDIR)$(SYSCONFDIR)
+ $(INSTALLDIR) $(DESTDIR)/home
+ $(INSTALLDIR) $(DESTDIR)/mnt
+ $(INSTALLDIR) $(DESTDIR)/opt
+ $(INSTALLDIR) $(DESTDIR)/proc
+ $(INSTALLDIR) $(DESTDIR)/root
+ $(INSTALLDIR) $(DESTDIR)/run
+ $(INSTALLDIR) $(DESTDIR)/srv
+ $(INSTALLDIR) $(DESTDIR)/sys
+ $(INSTALLDIR) $(DESTDIR)/tmp
+ $(INSTALLDIR) $(DESTDIR)/usr
+ $(INSTALLDIR) $(DESTDIR)/usr/bin
+ $(INSTALLDIR) $(DESTDIR)/usr/include
+ $(INSTALLDIR) $(DESTDIR)/usr/lib
+ $(INSTALLDIR) $(DESTDIR)/usr/local
+ $(INSTALLDIR) $(DESTDIR)/usr/local/bin
+ $(INSTALLDIR) $(DESTDIR)/usr/local/etc
+ $(INSTALLDIR) $(DESTDIR)/usr/local/include
+ $(INSTALLDIR) $(DESTDIR)/usr/local/lib
+ $(INSTALLDIR) $(DESTDIR)/usr/local/sbin
+ $(INSTALLDIR) $(DESTDIR)/usr/local/share
+ $(INSTALLDIR) $(DESTDIR)/usr/local/share/doc
+ $(INSTALLDIR) $(DESTDIR)/usr/local/share/info
+ $(INSTALLDIR) $(DESTDIR)/usr/local/share/man
+ $(INSTALLDIR) $(DESTDIR)/usr/local/share/man/man1
+ $(INSTALLDIR) $(DESTDIR)/usr/local/share/man/man2
+ $(INSTALLDIR) $(DESTDIR)/usr/local/share/man/man3
+ $(INSTALLDIR) $(DESTDIR)/usr/local/share/man/man4
+ $(INSTALLDIR) $(DESTDIR)/usr/local/share/man/man5
+ $(INSTALLDIR) $(DESTDIR)/usr/local/share/man/man6
+ $(INSTALLDIR) $(DESTDIR)/usr/local/share/man/man7
+ $(INSTALLDIR) $(DESTDIR)/usr/local/share/man/man8
+ $(INSTALLDIR) $(DESTDIR)/usr/local/share/man/man9
+ $(INSTALLDIR) $(DESTDIR)/usr/local/share/man/mann
+ $(INSTALLDIR) $(DESTDIR)/usr/local/src
+ $(INSTALLDIR) $(DESTDIR)/usr/sbin
+ $(INSTALLDIR) $(DESTDIR)$(DATAROOTDIR)
+ $(INSTALLDIR) $(DESTDIR)$(DATAROOTDIR)/doc
+ $(INSTALLDIR) $(DESTDIR)$(DATAROOTDIR)/info
+ $(INSTALLDIR) $(DESTDIR)$(DATAROOTDIR)/man
+ $(INSTALLDIR) $(DESTDIR)$(DATAROOTDIR)/man/man1
+ $(INSTALLDIR) $(DESTDIR)$(DATAROOTDIR)/man/man2
+ $(INSTALLDIR) $(DESTDIR)$(DATAROOTDIR)/man/man3
+ $(INSTALLDIR) $(DESTDIR)$(DATAROOTDIR)/man/man4
+ $(INSTALLDIR) $(DESTDIR)$(DATAROOTDIR)/man/man5
+ $(INSTALLDIR) $(DESTDIR)$(DATAROOTDIR)/man/man6
+ $(INSTALLDIR) $(DESTDIR)$(DATAROOTDIR)/man/man7
+ $(INSTALLDIR) $(DESTDIR)$(DATAROOTDIR)/man/man8
+ $(INSTALLDIR) $(DESTDIR)$(DATAROOTDIR)/man/man9
+ $(INSTALLDIR) $(DESTDIR)$(DATAROOTDIR)/man/mann
+ $(INSTALLDIR) $(DESTDIR)/usr/src
+ $(INSTALLDIR) $(DESTDIR)$(LOCALSTATEDIR)
+ $(INSTALLDIR) $(DESTDIR)$(LOCALSTATEDIR)/empty
+ $(INSTALLDIR) $(DESTDIR)$(LOCALSTATEDIR)/cache
+ $(INSTALLDIR) $(DESTDIR)$(LOCALSTATEDIR)/cache/man
+ $(INSTALLDIR) $(DESTDIR)$(LOCALSTATEDIR)/cache/man/cat1
+ $(INSTALLDIR) $(DESTDIR)$(LOCALSTATEDIR)/cache/man/cat2
+ $(INSTALLDIR) $(DESTDIR)$(LOCALSTATEDIR)/cache/man/cat3
+ $(INSTALLDIR) $(DESTDIR)$(LOCALSTATEDIR)/cache/man/cat4
+ $(INSTALLDIR) $(DESTDIR)$(LOCALSTATEDIR)/cache/man/cat5
+ $(INSTALLDIR) $(DESTDIR)$(LOCALSTATEDIR)/cache/man/cat6
+ $(INSTALLDIR) $(DESTDIR)$(LOCALSTATEDIR)/cache/man/cat7
+ $(INSTALLDIR) $(DESTDIR)$(LOCALSTATEDIR)/cache/man/cat8
+ $(INSTALLDIR) $(DESTDIR)$(LOCALSTATEDIR)/cache/man/cat9
+ $(INSTALLDIR) $(DESTDIR)$(LOCALSTATEDIR)/cache/man/catn
+ $(INSTALLDIR) $(DESTDIR)$(LOCALSTATEDIR)/crash
+ $(INSTALLDIR) $(DESTDIR)$(LOCALSTATEDIR)/lib
+ $(INSTALLDIR) $(DESTDIR)$(LOCALSTATEDIR)/log
+ $(INSTALLDIR) $(DESTDIR)$(LOCALSTATEDIR)/spool
+ $(INSTALLDIR) $(DESTDIR)$(LOCALSTATEDIR)/spool/mail
+ $(INSTALLDIR) $(DESTDIR)$(LOCALSTATEDIR)/tmp
+ $(LINK) /usr/bin $(DESTDIR)/bin
+ $(LINK) /usr/sbin $(DESTDIR)/sbin
+ $(LINK) /usr/lib $(DESTDIR)/lib
+
+install-osrelease:
+ $(INSTALLDIR) $(DESTDIR)$(SYSCONFDIR)
+ $(INSTALLDAT) os-release $(DESTDIR)$(SYSCONFDIR)
+
+install-pkgconfig:
+ $(INSTALLDIR) $(DESTDIR)$(PKGCONFIGDIR)
+ $(INSTALLDAT) system.pc $(DESTDIR)$(PKGCONFIGDIR)
+
+install-logindefs:
+ $(INSTALLDIR) $(DESTDIR)$(SYSCONFDIR)
+ $(INSTALLDAT) login.defs $(DESTDIR)$(SYSCONFDIR)/login.defs$(EXT)
+
+install-useradd:
+ $(INSTALLDIR) $(DESTDIR)$(SYSCONFDIR)/default
+ $(INSTALLDAT) default/useradd $(DESTDIR)$(SYSCONFDIR)/default/useradd$(EXT)
+
+install-limits-policy:
+ $(INSTALLDIR) $(DESTDIR)$(SYSCONFDIR)/security/limits.d
+ $(INSTALLDAT) security/limits.d/90-nproc.conf $(DESTDIR)$(SYSCONFDIR)/security/limits.d
+
+install-pam-package: install-limits-policy
+ $(MAKE) -C pam.d install-pam-policy-base
+
+install-bin-package: install-logindefs install-useradd
+ $(MAKE) -C pam.d install-pam-policy-util
+
+.PHONY: install-filesystem install-osrelease install-pkgconfig install-logindefs install-useradd install-limits-policy install-pam-package install-bin-package
diff --git a/base/bin/config/README b/base/bin/config/README
new file mode 100644
index 0000000..f2c454e
--- /dev/null
+++ b/base/bin/config/README
@@ -0,0 +1 @@
+Attempt at forking Slackware because SysVinit sucks.
diff --git a/base/bin/config/common.mk b/base/bin/config/common.mk
new file mode 100644
index 0000000..04302c0
--- /dev/null
+++ b/base/bin/config/common.mk
@@ -0,0 +1,11 @@
+INSTALL = /usr/bin/install
+INSTALLDIR = $(INSTALL) -m 0755 -d
+INSTALLDAT = $(INSTALL) -m 0644
+
+LINK = /usr/bin/ln -sf
+
+SYSCONFDIR = /etc
+DATAROOTDIR = /usr/share
+LOCALSTATEDIR = /var
+PKGCONFIGDIR = $(DATAROOTDIR)/pkgconfig
+PAMPOLICYDIR = $(SYSCONFDIR)/pam.d
diff --git a/base/bin/config/default/useradd b/base/bin/config/default/useradd
new file mode 100644
index 0000000..f3205e4
--- /dev/null
+++ b/base/bin/config/default/useradd
@@ -0,0 +1,8 @@
+# useradd defaults file
+GROUP=100
+HOME=/home
+INACTIVE=-1
+EXPIRE=
+SHELL=/bin/bash
+SKEL=/etc/skel
+CREATE_MAIL_SPOOL=yes
diff --git a/base/bin/config/login.defs b/base/bin/config/login.defs
new file mode 100644
index 0000000..b929796
--- /dev/null
+++ b/base/bin/config/login.defs
@@ -0,0 +1,261 @@
+#
+# /etc/login.defs - settings for user account and group utilities.
+#
+
+#
+# Delay in seconds before being allowed another attempt after a login failure
+# Note: When PAM is used, some modules may enfore a minimal delay (e.g.
+# pam_unix enforces a 2s delay)
+#
+# This setting affects 'su' and 'login' from util-linux.
+#
+FAIL_DELAY 3
+
+#
+# Enable display of unknown usernames when login failures are recorded.
+#
+# This setting affects 'login' from util-linux.
+#
+LOG_UNKFAIL_ENAB no
+
+#
+# Enable "syslog" logging of 'sg' activity.
+#
+# This setting affects 'sg' from shadow.
+#
+SYSLOG_SG_ENAB yes
+
+#
+# If defined, ":" delimited list of "message of the day" files to
+# be displayed upon login. This is better handled by pam_motd.so so the
+# declaration here is empty to suppress display by tools which read
+# their settings from this file.
+#
+# This setting affects 'login' from util-linux.
+#
+MOTD_FILE
+#MOTD_FILE /etc/motd:/usr/lib/news/news-motd
+
+#
+# *REQUIRED*
+# Directory where mailboxes reside, _or_ name of file, relative to the
+# home directory. If you _do_ define both, MAIL_DIR takes precedence.
+#
+# This setting affects 'useradd', 'userdel' and 'usermod' from shadow.
+#
+MAIL_DIR /var/spool/mail
+#MAIL_FILE .mail
+#QMAIL_DIR Maildir
+
+#
+# If defined, file which inhibits all the usual chatter during the login
+# sequence. If a full pathname, then hushed mode will be enabled if the
+# user's name or shell are found in the file. If not a full pathname, then
+# hushed mode will be enabled if the file exists in the user's home directory.
+#
+# This setting affects 'login' from util-linux.
+#
+HUSHLOGIN_FILE .hushlogin
+#HUSHLOGIN_FILE /etc/hushlogins
+
+#
+# *REQUIRED* The default PATH settings, for superuser and normal users.
+#
+# (they are minimal, add the rest in the shell startup files)
+#
+# These settings affects 'login', 'su' and 'runuser' from util-linux.
+#
+ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/sbin:/usr/sbin:/bin:/usr/bin
+ENV_PATH PATH=/usr/local/bin:/bin:/usr/bin
+#ENV_ROOTPATH PATH=/usr/local/sbin:/usr/local/bin:/sbin:/usr/sbin:/bin:/usr/bin
+
+#
+# If set to yes and --login and --preserve-environment were not specified
+# su initializes PATH.
+#
+# This setting affects 'su' and 'runuser' from util-linux.
+#
+#ALWAYS_SET_PATH no
+
+#
+# Terminal permissions
+#
+# TTYGROUP Login tty will be assigned this group ownership.
+# TTYPERM Login tty will be set to this permission.
+#
+# If you have a "write" program which is "setgid" to a special group
+# which owns the terminals, define TTYGROUP to the group number and
+# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign
+# TTYPERM to either 622 or 600.
+#
+# These settings affects 'login' from util-linux.
+#
+TTYGROUP tty
+TTYPERM 0620
+
+#
+# This is the umask used to set the mode of new user directories.
+#
+# 022 is the default value, but 027, or even 077, could be considered
+# better for privacy. There is no One True Answer here: each sysadmin
+# must make up her mind.
+#
+# This setting affects 'newusers' and 'useradd' from shadow.
+#
+UMASK 022
+
+#
+# Password aging controls:
+#
+# PASS_MAX_DAYS Maximum number of days a password may be used.
+# PASS_MIN_DAYS Minimum number of days allowed between password changes.
+# PASS_MIN_LEN Minimum acceptable password length.
+# PASS_WARN_AGE Number of days warning given before a password expires.
+#
+# These settings affects 'chpasswd', 'newusers', 'pwck', 'pwconv', 'pwunconv',
+# 'useradd' and 'usermod' from shadow.
+#
+PASS_MAX_DAYS 99999
+PASS_MIN_DAYS 0
+PASS_WARN_AGE 7
+#
+# This setting affects 'passwd' from shadow.
+#
+PASS_MIN_LEN 5
+
+#
+# Min/max values for automatic uid selection in useradd from shadow
+#
+UID_MIN 1000
+UID_MAX 60000
+# System accounts
+SYS_UID_MIN 101
+SYS_UID_MAX 999
+
+#
+# Min/max values for automatic gid selection in groupadd for shadow
+#
+GID_MIN 1000
+GID_MAX 60000
+# System accounts
+SYS_GID_MIN 101
+SYS_GID_MAX 999
+
+#
+# Max number of login retries if password is bad
+#
+# This setting affects 'login' from util-linux.
+#
+LOGIN_RETRIES 5
+
+#
+# Max time in seconds for login
+#
+# This setting affects 'login' from util-linux.
+#
+LOGIN_TIMEOUT 60
+
+#
+# Maximum number of attempts to change password if rejected (too easy)
+#
+# This setting affects 'passwd' from shadow.
+#
+PASS_CHANGE_TRIES 5
+
+#
+# Warn about weak passwords (but still allow them) if you are root.
+#
+# This setting affects 'passwd' from shadow.
+#
+PASS_ALWAYS_WARN yes
+
+#
+# Number of significant characters in the password for crypt().
+# Default is 8, don't change unless your crypt() is better.
+# Ignored if MD5_CRYPT_ENAB set to "yes".
+#
+# This setting affects 'passwd' from shadow.
+#
+#PASS_MAX_LEN 8
+
+#
+# Only works if compiled with ENCRYPTMETHOD_SELECT defined:
+# If set to MD5 , MD5-based algorithm will be used for encrypting password
+# If set to SHA256, SHA256-based algorithm will be used for encrypting password
+# If set to SHA512, SHA512-based algorithm will be used for encrypting password
+# If set to DES, DES-based algorithm will be used for encrypting password (default)
+# Overrides the MD5_CRYPT_ENAB option
+#
+# Note: If you use PAM, it is recommended to use a value consistent with
+# the PAM modules configuration.
+#
+# This setting affects 'passwd' from shadow.
+#
+ENCRYPT_METHOD SHA512
+
+#
+# Only works if ENCRYPT_METHOD is set to SHA256 or SHA512.
+#
+# Define the number of SHA rounds.
+# With a lot of rounds, it is more difficult to brute forcing the password.
+# But note also that it more CPU resources will be needed to authenticate
+# users.
+#
+# If not specified, the libc will choose the default number of rounds (5000).
+# The values must be inside the 1000-999999999 range.
+# If only one of the MIN or MAX values is set, then this value will be used.
+# If MIN > MAX, the highest value will be used.
+#
+# This setting affects 'passwd' from shadow.
+#
+# SHA_CRYPT_MIN_ROUNDS 5000
+# SHA_CRYPT_MAX_ROUNDS 5000
+
+#
+# Should login be allowed if we can't cd to the home directory?
+# Default in no.
+#
+# This setting affects 'login' from util-linux.
+#
+DEFAULT_HOME yes
+
+#
+# If defined, this command is run when removing a user.
+# It should remove any at/cron/print jobs etc. owned by
+# the user to be removed (passed as the first argument).
+#
+# This setting affects 'userdel' from shadow.
+#
+#USERDEL_CMD /usr/sbin/userdel_local
+
+#
+# Enable setting of the umask group bits to be the same as owner bits
+# (examples: 022 -> 002, 077 -> 007) for non-root users, if the uid is
+# the same as gid, and username is the same as the primary group name.
+#
+# This also enables userdel to remove user groups if no members exist.
+#
+# This setting affects 'useradd' and 'userdel' from shadow.
+#
+USERGROUPS_ENAB yes
+
+#
+# If set to a non-nul number, the shadow utilities will make sure that
+# groups never have more than this number of users on one line.
+# This permit to support split groups (groups split into multiple lines,
+# with the same group ID, to avoid limitation of the line length in the
+# group file).
+#
+# 0 is the default value and disables this feature.
+#
+#MAX_MEMBERS_PER_GROUP 0
+
+#
+# If useradd should create home directories for users by default (non
+# system users only)
+# This option is overridden with the -M or -m flags on the useradd command
+# line.
+#
+# This setting affects 'useradd' from shadow.
+#
+#CREATE_HOME yes
diff --git a/base/bin/config/os-release b/base/bin/config/os-release
new file mode 100644
index 0000000..b79b454
--- /dev/null
+++ b/base/bin/config/os-release
@@ -0,0 +1,7 @@
+NAME="Tightware"
+VERSION"1"
+ID=tightware
+VERSION_ID=1
+PRETTY_NAME="Tightware GNU/Linux 1.0"
+ANSI_COLOR="1;32"
+
diff --git a/base/bin/config/pam.d/Makefile b/base/bin/config/pam.d/Makefile
new file mode 100644
index 0000000..74076ab
--- /dev/null
+++ b/base/bin/config/pam.d/Makefile
@@ -0,0 +1,17 @@
+include ../common.mk
+
+FILES_BASE = other system-auth system-local-login system-login system-remote-login system-services
+FILES_UTIL = chage chfn chgpasswd chpasswd chsh groupadd groupdel groupmems groupmod login newusers passwd shadow su su-l useradd userdel usermod
+
+# $(INSTALLDAT) $(FILES_BASE) $(DESTDIR)$(PAMPOLICYDIR)
+
+install-pam-policy-dir:
+ $(INSTALLDIR) $(DESTDIR)$(PAMPOLICYDIR)
+
+install-pam-policy-base: install-pam-policy-dir
+ for file in $(FILES_BASE); do $(INSTALLDAT) $$file $(DESTDIR)$(PAMPOLICYDIR)/$$file$(EXT); done
+
+install-pam-policy-util: install-pam-policy-dir
+ for file in $(FILES_UTIL); do $(INSTALLDAT) $$file $(DESTDIR)$(PAMPOLICYDIR)/$$file$(EXT); done
+
+.PHONY: install-pam-policy-dir install-pam-policy-base install-pam-policy-util
diff --git a/base/bin/config/pam.d/chage b/base/bin/config/pam.d/chage
new file mode 100644
index 0000000..a7bf8a4
--- /dev/null
+++ b/base/bin/config/pam.d/chage
@@ -0,0 +1,6 @@
+#%PAM-1.0
+auth sufficient pam_rootok.so
+auth required pam_unix.so
+account required pam_unix.so
+session required pam_unix.so
+password required pam_permit.so
diff --git a/base/bin/config/pam.d/chfn b/base/bin/config/pam.d/chfn
new file mode 100644
index 0000000..a7bf8a4
--- /dev/null
+++ b/base/bin/config/pam.d/chfn
@@ -0,0 +1,6 @@
+#%PAM-1.0
+auth sufficient pam_rootok.so
+auth required pam_unix.so
+account required pam_unix.so
+session required pam_unix.so
+password required pam_permit.so
diff --git a/base/bin/config/pam.d/chgpasswd b/base/bin/config/pam.d/chgpasswd
new file mode 100644
index 0000000..8f49f5c
--- /dev/null
+++ b/base/bin/config/pam.d/chgpasswd
@@ -0,0 +1,4 @@
+#%PAM-1.0
+auth sufficient pam_rootok.so
+account required pam_permit.so
+password include system-auth
diff --git a/base/bin/config/pam.d/chpasswd b/base/bin/config/pam.d/chpasswd
new file mode 100644
index 0000000..5d44798
--- /dev/null
+++ b/base/bin/config/pam.d/chpasswd
@@ -0,0 +1,6 @@
+#%PAM-1.0
+auth sufficient pam_rootok.so
+auth required pam_unix.so
+account required pam_unix.so
+session required pam_unix.so
+password required pam_unix.so sha512 shadow
diff --git a/base/bin/config/pam.d/chsh b/base/bin/config/pam.d/chsh
new file mode 100644
index 0000000..a7bf8a4
--- /dev/null
+++ b/base/bin/config/pam.d/chsh
@@ -0,0 +1,6 @@
+#%PAM-1.0
+auth sufficient pam_rootok.so
+auth required pam_unix.so
+account required pam_unix.so
+session required pam_unix.so
+password required pam_permit.so
diff --git a/base/bin/config/pam.d/groupadd b/base/bin/config/pam.d/groupadd
new file mode 100644
index 0000000..a7bf8a4
--- /dev/null
+++ b/base/bin/config/pam.d/groupadd
@@ -0,0 +1,6 @@
+#%PAM-1.0
+auth sufficient pam_rootok.so
+auth required pam_unix.so
+account required pam_unix.so
+session required pam_unix.so
+password required pam_permit.so
diff --git a/base/bin/config/pam.d/groupdel b/base/bin/config/pam.d/groupdel
new file mode 100644
index 0000000..a7bf8a4
--- /dev/null
+++ b/base/bin/config/pam.d/groupdel
@@ -0,0 +1,6 @@
+#%PAM-1.0
+auth sufficient pam_rootok.so
+auth required pam_unix.so
+account required pam_unix.so
+session required pam_unix.so
+password required pam_permit.so
diff --git a/base/bin/config/pam.d/groupmems b/base/bin/config/pam.d/groupmems
new file mode 100644
index 0000000..8f49f5c
--- /dev/null
+++ b/base/bin/config/pam.d/groupmems
@@ -0,0 +1,4 @@
+#%PAM-1.0
+auth sufficient pam_rootok.so
+account required pam_permit.so
+password include system-auth
diff --git a/base/bin/config/pam.d/groupmod b/base/bin/config/pam.d/groupmod
new file mode 100644
index 0000000..a7bf8a4
--- /dev/null
+++ b/base/bin/config/pam.d/groupmod
@@ -0,0 +1,6 @@
+#%PAM-1.0
+auth sufficient pam_rootok.so
+auth required pam_unix.so
+account required pam_unix.so
+session required pam_unix.so
+password required pam_permit.so
diff --git a/base/bin/config/pam.d/login b/base/bin/config/pam.d/login
new file mode 100644
index 0000000..1960d94
--- /dev/null
+++ b/base/bin/config/pam.d/login
@@ -0,0 +1,7 @@
+#%PAM-1.0
+
+auth required pam_securetty.so
+auth requisite pam_nologin.so
+auth include system-local-login
+account include system-local-login
+session include system-local-login
diff --git a/base/bin/config/pam.d/newusers b/base/bin/config/pam.d/newusers
new file mode 100644
index 0000000..5d44798
--- /dev/null
+++ b/base/bin/config/pam.d/newusers
@@ -0,0 +1,6 @@
+#%PAM-1.0
+auth sufficient pam_rootok.so
+auth required pam_unix.so
+account required pam_unix.so
+session required pam_unix.so
+password required pam_unix.so sha512 shadow
diff --git a/base/bin/config/pam.d/other b/base/bin/config/pam.d/other
new file mode 100644
index 0000000..08498b4
--- /dev/null
+++ b/base/bin/config/pam.d/other
@@ -0,0 +1,5 @@
+#%PAM-1.0
+auth required pam_unix.so
+account required pam_unix.so
+password required pam_unix.so
+session required pam_unix.so
diff --git a/base/bin/config/pam.d/passwd b/base/bin/config/pam.d/passwd
new file mode 100644
index 0000000..ab56da4
--- /dev/null
+++ b/base/bin/config/pam.d/passwd
@@ -0,0 +1,4 @@
+#%PAM-1.0
+#password required pam_cracklib.so difok=2 minlen=8 dcredit=2 ocredit=2 retry=3
+#password required pam_unix.so sha512 shadow use_authtok
+password required pam_unix.so sha512 shadow nullok
diff --git a/base/bin/config/pam.d/shadow b/base/bin/config/pam.d/shadow
new file mode 100644
index 0000000..a7bf8a4
--- /dev/null
+++ b/base/bin/config/pam.d/shadow
@@ -0,0 +1,6 @@
+#%PAM-1.0
+auth sufficient pam_rootok.so
+auth required pam_unix.so
+account required pam_unix.so
+session required pam_unix.so
+password required pam_permit.so
diff --git a/base/bin/config/pam.d/su b/base/bin/config/pam.d/su
new file mode 100644
index 0000000..cf15f40
--- /dev/null
+++ b/base/bin/config/pam.d/su
@@ -0,0 +1,9 @@
+#%PAM-1.0
+auth sufficient pam_rootok.so
+# Uncomment the following line to implicitly trust users in the "wheel" group.
+#auth sufficient pam_wheel.so trust use_uid
+# Uncomment the following line to require a user to be in the "wheel" group.
+#auth required pam_wheel.so use_uid
+auth required pam_unix.so
+account required pam_unix.so
+session required pam_unix.so
diff --git a/base/bin/config/pam.d/su-l b/base/bin/config/pam.d/su-l
new file mode 100644
index 0000000..cf15f40
--- /dev/null
+++ b/base/bin/config/pam.d/su-l
@@ -0,0 +1,9 @@
+#%PAM-1.0
+auth sufficient pam_rootok.so
+# Uncomment the following line to implicitly trust users in the "wheel" group.
+#auth sufficient pam_wheel.so trust use_uid
+# Uncomment the following line to require a user to be in the "wheel" group.
+#auth required pam_wheel.so use_uid
+auth required pam_unix.so
+account required pam_unix.so
+session required pam_unix.so
diff --git a/base/bin/config/pam.d/system-auth b/base/bin/config/pam.d/system-auth
new file mode 100644
index 0000000..b28a7e9
--- /dev/null
+++ b/base/bin/config/pam.d/system-auth
@@ -0,0 +1,17 @@
+#%PAM-1.0
+
+auth required pam_env.so
+auth required pam_unix.so try_first_pass nullok
+auth optional pam_permit.so
+
+account required pam_unix.so
+account optional pam_permit.so
+account required pam_time.so
+
+password required pam_unix.so try_first_pass nullok sha512 shadow
+password optional pam_permit.so
+
+session required pam_limits.so
+session required pam_env.so
+session required pam_unix.so
+session optional pam_permit.so
diff --git a/base/bin/config/pam.d/system-local-login b/base/bin/config/pam.d/system-local-login
new file mode 100644
index 0000000..347b815
--- /dev/null
+++ b/base/bin/config/pam.d/system-local-login
@@ -0,0 +1,6 @@
+#%PAM-1.0
+
+auth include system-login
+account include system-login
+password include system-login
+session include system-login
diff --git a/base/bin/config/pam.d/system-login b/base/bin/config/pam.d/system-login
new file mode 100644
index 0000000..394419b
--- /dev/null
+++ b/base/bin/config/pam.d/system-login
@@ -0,0 +1,19 @@
+#%PAM-1.0
+
+auth required pam_tally2.so onerr=succeed file=/var/log/faillog
+auth required pam_shells.so
+auth requisite pam_nologin.so
+auth include system-auth
+
+account required pam_access.so
+account required pam_nologin.so
+account include system-auth
+
+password include system-auth
+
+session optional pam_loginuid.so
+session required pam_env.so
+session include system-auth
+session optional pam_motd.so motd=/etc/motd
+session optional pam_mail.so dir=/var/spool/mail standard quiet
+-session optional pam_systemd.so
diff --git a/base/bin/config/pam.d/system-remote-login b/base/bin/config/pam.d/system-remote-login
new file mode 100644
index 0000000..347b815
--- /dev/null
+++ b/base/bin/config/pam.d/system-remote-login
@@ -0,0 +1,6 @@
+#%PAM-1.0
+
+auth include system-login
+account include system-login
+password include system-login
+session include system-login
diff --git a/base/bin/config/pam.d/system-services b/base/bin/config/pam.d/system-services
new file mode 100644
index 0000000..311c0d6
--- /dev/null
+++ b/base/bin/config/pam.d/system-services
@@ -0,0 +1,11 @@
+#%PAM-1.0
+
+auth sufficient pam_permit.so
+
+account include system-auth
+
+session optional pam_loginuid.so
+session required pam_limits.so
+session required pam_env.so
+session required pam_unix.so
+session optional pam_permit.so
diff --git a/base/bin/config/pam.d/useradd b/base/bin/config/pam.d/useradd
new file mode 100644
index 0000000..a7bf8a4
--- /dev/null
+++ b/base/bin/config/pam.d/useradd
@@ -0,0 +1,6 @@
+#%PAM-1.0
+auth sufficient pam_rootok.so
+auth required pam_unix.so
+account required pam_unix.so
+session required pam_unix.so
+password required pam_permit.so
diff --git a/base/bin/config/pam.d/userdel b/base/bin/config/pam.d/userdel
new file mode 100644
index 0000000..a7bf8a4
--- /dev/null
+++ b/base/bin/config/pam.d/userdel
@@ -0,0 +1,6 @@
+#%PAM-1.0
+auth sufficient pam_rootok.so
+auth required pam_unix.so
+account required pam_unix.so
+session required pam_unix.so
+password required pam_permit.so
diff --git a/base/bin/config/pam.d/usermod b/base/bin/config/pam.d/usermod
new file mode 100644
index 0000000..a7bf8a4
--- /dev/null
+++ b/base/bin/config/pam.d/usermod
@@ -0,0 +1,6 @@
+#%PAM-1.0
+auth sufficient pam_rootok.so
+auth required pam_unix.so
+account required pam_unix.so
+session required pam_unix.so
+password required pam_permit.so
diff --git a/base/bin/config/security/limits.d/90-nproc.conf b/base/bin/config/security/limits.d/90-nproc.conf
new file mode 100644
index 0000000..104dffd
--- /dev/null
+++ b/base/bin/config/security/limits.d/90-nproc.conf
@@ -0,0 +1,6 @@
+# Default limit for number of user's processes to prevent
+# accidental fork bombs.
+# See rhbz #432903 for reasoning.
+
+* soft nproc 1024
+root soft nproc unlimited
diff --git a/base/bin/config/system.pc b/base/bin/config/system.pc
new file mode 100644
index 0000000..94d3272
--- /dev/null
+++ b/base/bin/config/system.pc
@@ -0,0 +1,8 @@
+prefix=/usr
+exec_prefix=${prefix}
+libdir=${exec_prefix}/lib
+includedir=${prefix}/include
+
+Name=Tightware GNU/Linux
+Description=Operating System
+Version: 1.0