Prev: snmp package
Next: Bluetooth Dongle Not Initalizing
From: wong_powah on 19 Sep 2007 17:06
My computer behaves as follows when a short password is entered:
# passwd testing
Changing password for user testing.
New UNIX password:
BAD PASSWORD: it is WAY too short
Retype new UNIX password:
No password supplied
No password supplied
No password supplied
passwd: Authentication token manipulation error
You have new mail in /var/spool/mail/root

My desired behavior is that passwd reprompts three times as follows:
# passwd testing
Changing password for user testing
New UNIX password:
BAD PASSWORD: it's WAY too short
New UNIX password:
BAD PASSWORD: it's WAY too short
New UNIX password:
BAD PASSWORD: it's WAY too short
passwd: Authentication token manipulation error

Which file should I change?

My current pam.d/system-auth is:
# cat pam.d/system-auth
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth required pam_env.so
auth sufficient pam_unix.so likeauth nullok
auth required pam_deny.so

account required pam_unix.so

password required pam_cracklib.so retry=3
password sufficient pam_unix.so use_authtok nullok md5 shadow
password required pam_deny.so

session optional pam_keyinit.so revoke
session required pam_limits.so
session [success=1 default=ignore] pam_succeed_if.so service in
crond quiet use_uid
session required pam_unix.so

From: ynotssor on 19 Sep 2007 18:45
In news:1190235977.314746.266220(a)k79g2000hse.googlegroups.com,
wong_powah(a)yahoo.ca <wong_powah(a)yahoo.ca> wrote:

> My computer behaves as follows when a short password is entered:

Your question has already been answered the last time you posed it -- if you
won't bother reading the replies, then please don't ask.

From: wong_powah on 20 Sep 2007 10:06
On Sep 19, 6:45 pm, "ynotssor" <ynots...(a)example.org> wrote:
> Innews:1190235977.314746.266220(a)k79g2000hse.googlegroups.com,
>
> wong_po...(a)yahoo.ca <wong_po...(a)yahoo.ca> wrote:
> > My computer behaves as follows when a short password is entered:
>
> Your question has already been answered the last time you posed it -- if you
> won't bother reading the replies, then please don't ask.

I had already read the replies, but still think that a solution is
possible because out of the five linux (RH 7.2, FC3, FC6) computers I
had, one RH 7.2 computer had my desired behavior.
I assumed that /etc/pam.d/system-auth is the file to change (is that
true?), so I modified the system-auth file on a FC6 computer to look
the same as the working RH 7.2 computer, reboot the FC6 computer.
However, the FC6 computer still does not have my desired behavior, so
I posted the system-auth file here, hoping that someone may tell me
the solution.

From: ynotssor on 20 Sep 2007 10:26
In news:1190297200.806362.101060(a)19g2000hsx.googlegroups.com,
wong_powah(a)yahoo.ca <wong_powah(a)yahoo.ca> wrote:

>> Your question has already been answered the last time you posed it
>> -- if you won't bother reading the replies, then please don't ask.
>
> I had already read the replies, but still think that a solution is
> possible because out of the five linux (RH 7.2, FC3, FC6) computers I
> had, one RH 7.2 computer had my desired behavior.

Your desired behavior would be to NOT start a new thread for the same
question. If you can't understand the answer as being the default root
characteristic of the passwd command, then please confine your confusion to
the original thread.

From: Unruh on 20 Sep 2007 17:21
wong_powah(a)yahoo.ca writes:

>On Sep 19, 6:45 pm, "ynotssor" <ynots...(a)example.org> wrote:
>> Innews:1190235977.314746.266220(a)k79g2000hse.googlegroups.com,
>>
>> wong_po...(a)yahoo.ca <wong_po...(a)yahoo.ca> wrote:
>> > My computer behaves as follows when a short password is entered:
>>
>> Your question has already been answered the last time you posed it -- if you
>> won't bother reading the replies, then please don't ask.

>I had already read the replies, but still think that a solution is
>possible because out of the five linux (RH 7.2, FC3, FC6) computers I
>had, one RH 7.2 computer had my desired behavior.
>I assumed that /etc/pam.d/system-auth is the file to change (is that
>true?), so I modified the system-auth file on a FC6 computer to look
>the same as the working RH 7.2 computer, reboot the FC6 computer.
>However, the FC6 computer still does not have my desired behavior, so
>I posted the system-auth file here, hoping that someone may tell me
>the solution.


Since we have no idea what you want ( you complain but do not explain), it
is unclear how you can be helped. IF root is entering a password for a
user, two things happen-- pam does NOT ask for the old password, and pam
allows the new password to entered even if it does not satisfy the
criteria, since it assumes that root knows what it is doing. Ie, if as root
you insist on using the short password for the user, then it is on your
head. This is exactly what it should do, and noone is going to want to
change that.
If it is a user, then the old password is asked for, AND the criteria are
applied. Ie, the password is rejected and things start again.

That is how it works. And that is how most people want it to work. If you
want it to work differently, you have the source code, go to it.


 | 
Pages: 1
Prev: snmp package
Next: Bluetooth Dongle Not Initalizing