[packages/pam] - replaced pam_cracklib with pam_pwquality
baggins
baggins at pld-linux.org
Sat Dec 23 10:53:34 CET 2023
commit 2bbc19f4b9253e711ab073f6f00b531504421629
Author: Jan Rękorajski <baggins at pld-linux.org>
Date: Sat Dec 23 08:52:44 2023 +0100
- replaced pam_cracklib with pam_pwquality
pam.spec | 5 +++--
system-auth.pamd | 2 +-
2 files changed, 4 insertions(+), 3 deletions(-)
---
diff --git a/pam.spec b/pam.spec
index b6ca1b8..af061de 100644
--- a/pam.spec
+++ b/pam.spec
@@ -1,6 +1,5 @@
# TODO
# - fix pdf gen or disable it: No fo2pdf processor installed, skip PDF generation
-# - replace pam_cracklib.so with pam_pwquality.so (backwards compatible with its options), comes with pam-pam_pwquality package
# - pam_tally, pam_tally2 are deprecated in favor of pam_faillock
# NOTE: https://github.com/linux-pam/linux-pam/releases/download/v%{version}/Linux-PAM-%{version}-docs.tar.xz
# is not needed here: it contains documentation in target formats (HTML, PDF) built from sources included in main tarball
@@ -87,14 +86,16 @@ Requires: awk
Requires: crypt(blowfish)
Requires: glibc >= 6:2.5-0.5
%{?with_selinux:Requires: libselinux >= 2.1.9}
+Requires: pam-pam_pwquality
Suggests: make
-Suggests: pam-pam_pwquality
Suggests: pam-pam_userdb = %{epoch}:%{version}-%{release}
Obsoletes: pam-doc
+Obsoletes: pam-pam_cracklib < 1:1.5.3
Obsoletes: pam-pam_opie
Obsoletes: pam-pam_pwdb
Obsoletes: pam-pam_radius
Obsoletes: pam-pam_skey
+Obsoletes: pam-pam_tally < 1:1.5.3
Obsoletes: pam-pam_tcpd
Obsoletes: pam_make
Obsoletes: pamconfig
diff --git a/system-auth.pamd b/system-auth.pamd
index b60b659..bdf95ab 100644
--- a/system-auth.pamd
+++ b/system-auth.pamd
@@ -9,7 +9,7 @@ account required pam_time.so
account required pam_unix.so
#password [success=1 ignore=reset abort=die default=bad] pam_pwgen.so upper=1 digit=1
-password required pam_cracklib.so try_first_pass difok=2 minlen=8 dcredit=2 ocredit=2 retry=3
+password required pam_pwquality.so difok=2 minlen=13 dcredit=2 ocredit=2 retry=3 use_authtok
password required pam_unix.so try_first_pass yescrypt shadow use_authtok
#password required pam_exec.so failok seteuid /usr/bin/make -C /var/db
#password required pam_exec.so failok seteuid /usr/bin/make -C /var/yp
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/pam.git/commitdiff/23fa49333acbd78ce8d4861c0734e45bd43d0437
More information about the pld-cvs-commit
mailing list