1 |
commit: 1b7c7f7678a6402a0b0aec80b3883fd98516be4e |
2 |
Author: Mikle Kolyada <zlogene <AT> gentoo <DOT> org> |
3 |
AuthorDate: Wed Sep 9 16:32:10 2020 +0000 |
4 |
Commit: Mikle Kolyada <zlogene <AT> gentoo <DOT> org> |
5 |
CommitDate: Wed Sep 9 16:32:10 2020 +0000 |
6 |
URL: https://gitweb.gentoo.org/proj/pambase.git/commit/?id=1b7c7f76 |
7 |
|
8 |
system-auth: switch password modules to configs |
9 |
|
10 |
* pam_passwdqc.so can by managed by the /etc/security/passwdqc.conf |
11 |
* pam_pwquality.so can be managed by the /etc/security/pwquality.conf |
12 |
|
13 |
Both allow users to create their own password polices without touching |
14 |
files in the /etc/pam.d directory |
15 |
|
16 |
Signed-off-by: Mikle Kolyada <zlogene <AT> gentoo.org> |
17 |
|
18 |
templates/system-auth.tpl | 4 ++-- |
19 |
1 file changed, 2 insertions(+), 2 deletions(-) |
20 |
|
21 |
diff --git a/templates/system-auth.tpl b/templates/system-auth.tpl |
22 |
index 69cc472..0381e66 100644 |
23 |
--- a/templates/system-auth.tpl |
24 |
+++ b/templates/system-auth.tpl |
25 |
@@ -25,11 +25,11 @@ account required pam_faillock.so |
26 |
{% endif %} |
27 |
|
28 |
{% if passwdqc %} |
29 |
-password required pam_passwdqc.so min=8,8,8,8,8 retry=3 |
30 |
+password required pam_passwdqc.so config=/etc/security/passwdqc.conf |
31 |
{% endif %} |
32 |
|
33 |
{% if pwquality %} |
34 |
-password required pam_pwquality.so retry=3 minlen=8 lcredit=2 ucredit=2 dcredit=2 ocredit=2 difok=3 enforce_for_root |
35 |
+password required pam_pwquality.so |
36 |
{% endif %} |
37 |
|
38 |
{% if krb5 %} |