Bug 1919026
| Summary: | libpwquality rpm requires cracklib-dicts to function but RPM missing requirement | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 8 | Reporter: | James Hartsock <hartsjc> |
| Component: | libpwquality | Assignee: | Dmitry Belyavskiy <dbelyavs> |
| Status: | CLOSED ERRATA | QA Contact: | Ondrej Moriš <omoris> |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | 8.3 | CC: | asosedki, dbelyavs, omoris |
| Target Milestone: | rc | Keywords: | Triaged |
| Target Release: | 8.0 | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | libpwquality-1.4.4-3.el8 | Doc Type: | Bug Fix |
| Doc Text: |
cracklib package is needed for libpwquality to work but package was not requiring it
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2021-05-18 14:49:43 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (libpwquality bug fix and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2021:1605 |
Description of problem: libpwquaily rpm requires cracklib-dict to function but RPM missing requirement Version-Release number of selected component (if applicable): # rpm -qa | egrep 'libpwquality|cracklib' libpwquality-1.4.0-9.el8.x86_64 cracklib-2.9.6-15.el8.x86_64 How reproducible: 100% Steps to Reproduce: 1. Minimal OS install via kickstart 2. Create User 3. Have user attempt to change password Actual results: [hartsjc@localhost ~]$ passwd Changing password for user hartsjc. Current password: New password: /usr/share/cracklib/pw_dict.pwd.gz: No such file or directory BAD PASSWORD: The password fails the dictionary check - error loading dictionary passwd: Authentication token manipulation error Expected results: User should be able to change password Additional info: 1. Issue is still present with RHEL 8.4 libpwquality-1.4.4-1.el8 2. dnf will pick up the cracklib-dict as a weak dependency. # dnf reinstall libpwquality ======================================================================================================================== Package Architecture Version Repository Size ======================================================================================================================== Reinstalling: libpwquality x86_64 1.4.0-9.el8 rhel-8-for-x86_64-baseos-rpms 103 k Installing weak dependencies: cracklib-dicts x86_64 2.9.6-15.el8 rhel-8-for-x86_64-baseos-rpms 4.0 M ======================================================================================================================== 3. But dependency is NOT picked up at RPM level, and thus repository, satellite, and anaconda fail to enforce/require the cracklib-dict dependency. # rpm --test -U ./libpwquality-1.4.4-1.el8.x86_64.rpm ; echo $? 0 # rpm -U ./libpwquality-1.4.4-1.el8.x86_64.rpm ; echo $? 0 4. So while the cracklib-dict RPM dependecy isn't set, the RPM states it as requirement in info # rpm -q --info libpwquality | sed -n '/^Description/,/^BoGuS$/p' Description : This is a library for password quality checks and generation of random passwords that pass the checks. This library uses the cracklib and cracklib dictionaries <----- says needs cracklib-dict in text to perform some of the checks. # rpm -q --requires libpwquality | grep -i crack libcrack.so.2()(64bit) <----------------------- Actual required need # rpm -q --provides cracklib | grep libcrack.so libcrack.so.2()(64bit) <----------------------- Meets required need