Bug 554419

Summary: Local password policies should inherit settings from the global policy
Product: [Retired] 389 Reporter: Nathan Kinder <nkinder>
Component: Security - Password PolicyAssignee: Rich Megginson <rmeggins>
Status: CLOSED DUPLICATE QA Contact: Chandrasekar Kannan <ckannan>
Severity: medium Docs Contact:
Priority: low    
Version: 1.2.1CC: benl, jgalipea
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2010-01-19 17:34:10 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Nathan Kinder 2010-01-11 16:54:35 UTC 
The fact that local password policies do not inherit settings from the global policy has caused quite a bit of confusion.   Ideally, a password policy setting not defined at the local policy level would cause the global value for that setting to be used.  This allows one to create a local password policy to simply override a few attributes from the global policy instead of having to duplicate much of the global policy to get the same result.

This feature should be relatively easy to implement by changing the new_passwdPolicy() function to duplicate the global policy struct before filling in the local settings.  This function currently just uses calloc() to create an empty struct prior to loading the local policy values.