rpms / authselect

Clone
Source Code
GIT

Blame SOURCES/0012-nis-with-nispwquality-will-enable-pwquality-for-nis-.patch

c8 c8-beta c8s c9 c9-beta
  1.   1756dcfa6414e43b9fe5d33f90f41d18fbba20a7
  2.   SOURCES
  3.   0012-nis-with-nispwquality-will-enable-pwquality-for-nis-.patch
Blob History Raw
1756dc 
From 9f3ec1c3a6aa0670479668355c11fd9e7cb4bb7d Mon Sep 17 00:00:00 2001
1756dc 
From: =?UTF-8?q?Pavel=20B=C5=99ezina?= <pbrezina@redhat.com>
1756dc 
Date: Thu, 13 Sep 2018 14:37:57 +0200
1756dc 
Subject: [PATCH 12/16] nis: with-nispwquality will enable pwquality for nis
1756dc 
 users
1756dc
1756dc 
Resolves:
1756dc 
https://github.com/pbrezina/authselect/issues/88
1756dc 
---
1756dc 
 profiles/nis/README        | 5 +++++
1756dc 
 profiles/nis/password-auth | 2 +-
1756dc 
 profiles/nis/system-auth   | 2 +-
1756dc 
 3 files changed, 7 insertions(+), 2 deletions(-)
1756dc
1756dc 
diff --git a/profiles/nis/README b/profiles/nis/README
1756dc 
index 6335fcfb051f01b7acdd4fde689de0d77c0d43a1..b4ffb8b56d8f9930ee5b70f34d0ba7a2dc35dae0 100644
1756dc 
--- a/profiles/nis/README
1756dc 
+++ b/profiles/nis/README
1756dc 
@@ -33,6 +33,11 @@ with-silent-lastlog::
1756dc 
 with-pamaccess::
1756dc 
     Check access.conf during account authorization.
1756dc
1756dc 
+with-nispwquality::
1756dc 
+    If this option is set pam_pwquality module will check password quality
1756dc 
+    for NIS users as well as local users during password change. Without this
1756dc 
+    option only local users passwords are checked.
1756dc 
+
1756dc 
 EXAMPLES
1756dc 
 --------
1756dc 
 * Enable NIS with no additional modules
1756dc 
diff --git a/profiles/nis/password-auth b/profiles/nis/password-auth
1756dc 
index 78028e19bbad3965f5232c6b6177d8780d7e1c04..159da35740cfdf1396a8bc8a97c397919f056797 100644
1756dc 
--- a/profiles/nis/password-auth
1756dc 
+++ b/profiles/nis/password-auth
1756dc 
@@ -13,7 +13,7 @@ account     sufficient                                   pam_localuser.so
1756dc 
 account     sufficient                                   pam_succeed_if.so uid < 1000 quiet
1756dc 
 account     required                                     pam_permit.so
1756dc
1756dc 
-password    requisite                                    pam_pwquality.so try_first_pass local_users_only
1756dc 
+password    requisite                                    pam_pwquality.so try_first_pass {if not "with-nispwquality":local_users_only}
1756dc 
 password    sufficient                                   pam_unix.so sha512 shadow nullok try_first_pass use_authtok nis
1756dc 
 password    required                                     pam_deny.so
1756dc
1756dc 
diff --git a/profiles/nis/system-auth b/profiles/nis/system-auth
1756dc 
index 2909a546a49f991128c48285fa90a1937fa03513..5f941f264b6adf2ca5cdc67685ed227ecc180ac7 100644
1756dc 
--- a/profiles/nis/system-auth
1756dc 
+++ b/profiles/nis/system-auth
1756dc 
@@ -14,7 +14,7 @@ account     sufficient                                   pam_localuser.so
1756dc 
 account     sufficient                                   pam_succeed_if.so uid < 1000 quiet
1756dc 
 account     required                                     pam_permit.so
1756dc
1756dc 
-password    requisite                                    pam_pwquality.so try_first_pass local_users_only
1756dc 
+password    requisite                                    pam_pwquality.so try_first_pass {if not "with-nispwquality":local_users_only}
1756dc 
 password    sufficient                                   pam_unix.so sha512 shadow nullok try_first_pass use_authtok nis
1756dc 
 password    required                                     pam_deny.so
1756dc
1756dc 
--
1756dc 
2.17.1
1756dc

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation