Red Hat Bugzilla – Bug 852391
No way to disable some password checks when using pam_cracklib module
Last modified: 2014-11-11 03:13:25 EST
Description of problem:
There is no way to disable following password checks for non-root user :
Changing password for user test.
Changing password for test.
(current) UNIX password:
BAD PASSWORD: is rotated
BAD PASSWORD: it is too simplistic/systematic
BAD PASSWORD: is a palindrome
Version-Release number of selected component (if applicable):
How reproducible: Always
Steps to Reproduce:
1. Create a test user on Linux.
2. Login as test and try to change its password.
3. Tried following passwords which result in an error :
BAD PASSWORD: is rotated << Old password : Newpassw0rd , New password : dNewpassw0r
BAD PASSWORD: it is too simplistic/systematic << abcd123
BAD PASSWORD: is a palindrome << deesawaseed
Contents of system-auth file are :
password requisite pam_cracklib.so try_first_pass retry=3 minlen=6 dcredit=0 lcredit=0 ocredit=0 ucredit=0 maxrepeat=0 difok=0
password required pam_pwhistory.so enforce_for_root remember=3 use_authtok
password sufficient pam_unix.so md5 shadow try_first_pass use_authtok
password required pam_deny.so
There is no way available to disable the above password checks.
Please use the regular support channels to request this enhancement. Otherwise the request cannot be properly prioritized.
See http://www.redhat.com/support/ for details.
This request was evaluated by Red Hat Product Management for
inclusion in the current release of Red Hat Enterprise Linux.
Since we are unable to provide this feature at this time,
it has been proposed for the next release of
Red Hat Enterprise Linux.
This request was not resolved in time for the current release.
Red Hat invites you to ask your support representative to
propose this request, if still desired, for consideration in
the next release of Red Hat Enterprise Linux.
This is not desired any more.