Bug 64692 - No ability to set permanent password quality policy
Summary: No ability to set permanent password quality policy
Status: CLOSED RAWHIDE
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: authconfig   
(Show other bugs)
Version: 9
Hardware: i386
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Tomas Mraz
QA Contact: Aaron Brown
URL:
Whiteboard:
Keywords: FutureFeature
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2002-05-09 18:44 UTC by Chris Ricker
Modified: 2007-04-18 16:42 UTC (History)
0 users

Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2004-10-21 14:15:57 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

Description Chris Ricker 2002-05-09 18:44:32 UTC
pam_cracklib can be used to set system policies regarding password strength in
various ways (complexity of password, dis-similarity of password to old passwds,
etc.).

Unfortunately, pam_cracklib is used only in system-auth, which is generated by
authconfig.  As an admin, I can set up system policies in system-auth, but the
next time authconfig is run those modifications will be lost.

Moving pam_cracklib to a non-autogenerated configuration file will allow
administrators to actually configure system policies....

I notice that there's a similar bug requesting that some policy information be
added to authconfig.  That might be another solution, but it would probably wind
up being less flexible (that request only wanted passwd length stuff, for
example, added).

Comment 1 Chris Ricker 2003-02-20 05:23:42 UTC
Any chance of (ab)using the /etc/libuser.conf file to do this sort of thing?

Comment 2 Tomas Mraz 2004-10-21 14:15:57 UTC
This works well with current authconfig package. It preserves all
options of pam_cracklib.so when rewriting system-auth file.



Note You need to log in before you can comment on or make changes to this bug.