static char const CRACKLIB_DICTPATH = ...;
extern char const *
FascistCheck(char const passwd, char const dictpath);
DESCRIPTIONcracklib is a library containing the FascistCheck C function which may be used in a "passwd" like program. The idea is simple: try to prevent users from choosing passwords that could be guessed by "crack" by filtering them out, at source. cracklib is an offshoot of the the version 5 of the "crack" software and contains a considerable number of ideas nicked from the new software.
The first formal argument password is the potential password. The second formal argument dictpath is the full path name + filename prefix of the cracklib dictionary database. FascistCheck returns the NULL pointer for a good password, or a pointer to a diagnostic string if it is a weak password.
The database is in a binary format generated by the utilities crack_mkdict(8) and crack_packer(8). On a Debian system the database is located in the directory defined by the static constant CRACKLIB_DICTPATH and is set to /var/cache/cracklib/cracklib_dict. None of the subroutines in the cracklib libraries have this location hard-coded into their implementations. It is generated daily with the program /etc/cron.daily/cracklib.
- cracklib dictionary database files used by utilities.
- cracklib daily cron program to rebuild the cracklib dictionary database.
- cracklib configuration file used by the cracklib daily cron program to rebuild the cracklib dictionary database.
- cracklib shell script to create initial list of words for dictionary database.
- Example cc(1) source files that show how FascistCheck is used.