diff options
| author |   Mikle Kolyada <zlogene@gentoo.org> | 2020-09-09 19:32:10 +0300 |
|---|---|---|
| committer | Mikle Kolyada <zlogene@gentoo.org> | 2020-09-09 19:32:10 +0300 |
| commit | 1b7c7f7678a6402a0b0aec80b3883fd98516be4e (patch) | |
| tree | 13116dc0e81c31ae4b9f54416882e852d3a5dcab | |
| parent | make pam_gnome_keyring optional (diff) | |
| download | pambase-1b7c7f7678a6402a0b0aec80b3883fd98516be4e.tar.gz pambase-1b7c7f7678a6402a0b0aec80b3883fd98516be4e.tar.bz2 pambase-1b7c7f7678a6402a0b0aec80b3883fd98516be4e.zip | |
system-auth: switch password modules to configs
* pam_passwdqc.so can by managed by the /etc/security/passwdqc.conf
* pam_pwquality.so can be managed by the /etc/security/pwquality.conf
Both allow users to create their own password polices without touching
files in the /etc/pam.d directory
Signed-off-by: Mikle Kolyada <zlogene@gentoo.org>
| -rw-r--r-- | templates/system-auth.tpl | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/templates/system-auth.tpl b/templates/system-auth.tpl index 69cc472..0381e66 100644 --- a/templates/system-auth.tpl +++ b/templates/system-auth.tpl @@ -25,11 +25,11 @@ account required pam_faillock.so {% endif %} {% if passwdqc %} -password required pam_passwdqc.so min=8,8,8,8,8 retry=3 +password required pam_passwdqc.so config=/etc/security/passwdqc.conf {% endif %} {% if pwquality %} -password required pam_pwquality.so retry=3 minlen=8 lcredit=2 ucredit=2 dcredit=2 ocredit=2 difok=3 enforce_for_root +password required pam_pwquality.so {% endif %} {% if krb5 %} |