tags 517967 patch
thanks
On Tue, Mar 03, 2009 at 10:33:02AM +0100, martin f krafft wrote:
> Package: libpam-passwdqc
> Version: 0.7.5-1
> Severity: wishlist
> It would be nice if libpam-passwdqc would integrate with the new
> pam-auth-update system. I previously used
> password required pam_passwdqc.so min=disabled,10,6,4,3 similar=deny
> enforce=users ask_oldauthtok check_oldauthtok
> password required pam_unix.so obscure md5 use_authtok try_first_pass
> to share the authtokens between the two, but I do not really know
> how to translate that to the new system without deviating from the
> new method.
This should do it:
/usr/share/pam-configs/passwdqc
Name: passwdqc password strength checking
Default: yes
Priority: 1024
Conflicts: cracklib [maybe?]
Password-Type: Primary
Password:
requisite pam_passwdqc.so min=disabled,10,6,4,3
similar=deny enforce=users ask_oldauthtok check_oldauthtok
I don't know if the options passed in this example are sensible defaults for
the package to ship, I leave that to the maintainer to determine. But
regardless of which options are used, I don't see anything here that would
make it incompatible with the framework. Note also that users editing the
module arguments in /etc/pam.d/common-password should Just Work⢠- this
isn't documented, I was still thinking through what the policy should be for
per-module debconf questions to let modules hook in more completely.
--
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
Ubuntu Developer http://www.debian.org/
[email protected] [email protected]
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
