| 1 |
commit: 1b7c7f7678a6402a0b0aec80b3883fd98516be4e |
| 2 |
Author: Mikle Kolyada <zlogene <AT> gentoo <DOT> org> |
| 3 |
AuthorDate: Wed Sep 9 16:32:10 2020 +0000 |
| 4 |
Commit: Mikle Kolyada <zlogene <AT> gentoo <DOT> org> |
| 5 |
CommitDate: Wed Sep 9 16:32:10 2020 +0000 |
| 6 |
URL: https://gitweb.gentoo.org/proj/pambase.git/commit/?id=1b7c7f76 |
| 7 |
|
| 8 |
system-auth: switch password modules to configs |
| 9 |
|
| 10 |
* pam_passwdqc.so can by managed by the /etc/security/passwdqc.conf |
| 11 |
* pam_pwquality.so can be managed by the /etc/security/pwquality.conf |
| 12 |
|
| 13 |
Both allow users to create their own password polices without touching |
| 14 |
files in the /etc/pam.d directory |
| 15 |
|
| 16 |
Signed-off-by: Mikle Kolyada <zlogene <AT> gentoo.org> |
| 17 |
|
| 18 |
templates/system-auth.tpl | 4 ++-- |
| 19 |
1 file changed, 2 insertions(+), 2 deletions(-) |
| 20 |
|
| 21 |
diff --git a/templates/system-auth.tpl b/templates/system-auth.tpl |
| 22 |
index 69cc472..0381e66 100644 |
| 23 |
--- a/templates/system-auth.tpl |
| 24 |
+++ b/templates/system-auth.tpl |
| 25 |
@@ -25,11 +25,11 @@ account required pam_faillock.so |
| 26 |
{% endif %} |
| 27 |
|
| 28 |
{% if passwdqc %} |
| 29 |
-password required pam_passwdqc.so min=8,8,8,8,8 retry=3 |
| 30 |
+password required pam_passwdqc.so config=/etc/security/passwdqc.conf |
| 31 |
{% endif %} |
| 32 |
|
| 33 |
{% if pwquality %} |
| 34 |
-password required pam_pwquality.so retry=3 minlen=8 lcredit=2 ucredit=2 dcredit=2 ocredit=2 difok=3 enforce_for_root |
| 35 |
+password required pam_pwquality.so |
| 36 |
{% endif %} |
| 37 |
|
| 38 |
{% if krb5 %} |
Archives