Red Hat Bugzilla – Bug 981230
pam_cracklib enforces root password strength if password has expired
Last modified: 2017-09-22 09:16:38 EDT
Description of problem:
enforce_for_root=off has no effect, if the root password has expired (using: chage -d0 root)
Version-Release number of selected component (if applicable):
Ensure enforce_for_root=off wich is default.
Steps to Reproduce:
1. login as root
2. chage -d0 root
4. login again and try to set a weak password
Password strength will be enforced
Password strength will not be enforced for user root if enforce_for_root is off.
This request was not resolved in time for the current release.
Red Hat invites you to ask your support representative to
propose this request, if still desired, for consideration in
the next release of Red Hat Enterprise Linux.
Red Hat Enterprise Linux 6 transitioned to the Production 3 Phase on May 10, 2017. During the Production 3 Phase, Critical impact Security Advisories (RHSAs) and selected Urgent Priority Bug Fix Advisories (RHBAs) may be released as they become available.
The official life cycle policy can be reviewed here:
This issue does not appear to meet the inclusion criteria for the Production Phase 3 and will be marked as CLOSED/WONTFIX. If this remains a critical requirement, please re-open the BZ and request a re-evaluation of the issue, citing a clear business justification.