Created attachment 510736 [details]
universal diff  - fixes the README

Description of problem:
The file "/etc/pam.d/system-auth" contains a line for pam_cracklib:

'password  requisite  pam_cracklib.so try_first_pass retry=3 type='


The last part of the line with 'type=' is not properly documented.
Take a look at pam_cracklib(8), you will NOT find that documented.

You will see something called 'authtok_type=XXX', which is the same as 'type=XXX'.

Tested this!
Both 'type=HURR_DURR' and 'authtok_type=HURR_DURR' cause the passwd program to output the "HURR_DURR" string.


[freaknasty@bluesky ~]$ passwd
Changing password for user freaknasty.
New HURR-DURR password:


It's utterly trivial, but one is documented, and the other is not. Considering this *IS* pam.d, and mistakes can be fatal, I humbly request this be documented.


Research indicates that RHEL 5.6 pam_cracklib(8) manual still documents the 'type=XXX' old-school style. Somewhere along the line the manual page changed.


Version-Release number of selected component (if applicable): rhel6.1


How reproducible: always


Steps to Reproduce:
1. man 8 pam_cracklib
2. vi /etc/pam.d/system-auth
3. 
  
Actual results: depreciated and un-documented features are working. People wondering WTF is 'type='.


Expected results: both are documented, or the depreciated 'type=' is made to not work? 


Additional info:

Let's just update the docs, so people can keep using old pam.d configs.

Attaching a universal diff with my really bad documentation update to the README file. A PRO technical writer should look at this. If however this is found to be acceptable, I'd be happy to make an update to the man page too. Just let me know, I'll attach patches to this BZ.