Red Hat Bugzilla – Bug 1174634
pwdChecker library requires version in pwdCheckModule attribute
Last modified: 2015-11-19 03:52:41 EST
Description of problem: pwdChecker library requires version in pwdCheckModule attribute. attribute is defined in password policy as pwdCheckModule: check_password.so Now 'check_password.so' isn't enought and password modification fails because library isn't found. In server log I see: Dec 16 02:34:46 rhel7.example.com slapd[32730]: check_password_quality: lt_dlopen failed: (check_password.so) file not found. Dec 16 02:34:46 rhel7.example.com slapd[32730]: send_ldap_result: conn=1005 op=1 p=3 Dec 16 02:34:46 rhel7.example.com slapd[32730]: send_ldap_result: err=19 matched="" text="Password fails quality checking policy" [test]ls /usr/lib64/openldap/check* /usr/lib64/openldap/check_password.so.1.1 Now I have to add 'check_password.so.1.1' as a value but this may be a problem in the future when version is changed. Version-Release number of selected component (if applicable): openldap-2.4.39-3.el7 How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info:
Easy solution is add symlink to check_password.so
Fix in Fedora: http://pkgs.fedoraproject.org/cgit/openldap.git/commit/?id=0625d0e5014f6ddcf02e6d6ffed7fa2ba57fd024
The correct link to the correct commit: http://pkgs.fedoraproject.org/cgit/openldap.git/commit/?id=4840f8de8ecf8ff5903dc8c6cd6e5e2a88a5ffd2
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHSA-2015-2131.html