Re: Torvalds:requiring root password for mundane things is moronic

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, Mar 6, 2012 at 5:58 AM, Chris Murphy <lists@xxxxxxxxxxxxxxxxx> wrote:
> On Mar 5, 2012, at 8:37 PM, Chuck Anderson wrote:
>
>> On Mon, Mar 05, 2012 at 08:35:11PM -0700, Chris Murphy wrote:
>>> passwd keeps complaining "The password fails the dictionary check -
>>> it is too simplistic" for fake words NOT in the dictionary but
>>> otherwise too simple for passwd's approval system.
>>
>> I think you can just ignore passwd's warning in this case, it doesn't
>> stop you from going ahead and using the simple password (unless
>> something changed in F17).
>
> Aha. So if I use passwd with liveuser, it says after three tries:
> passwd: Have exhausted maximum number of retries for service
>
> And does not change the passwd. But if I su to root, it still complains once, but does change the password after the Retype entry.
>
> NEVERTHELESS. It's idiotic babysitting. And stupid that I need root to do this mundane task. I wonder how many developer man hours were required for this functionality.

UNIX didn't have these defaults originally; they were added in the
90's only after real-world experience has shown that these policies
are necessary (and they have been pretty much unchanged for the last
10-15 years, AFAIK).  Yes, we can fiddle with the tuning, but there's
no way to make everybody happy all the time.  root can always change
the policy in /etc/pam.d/system-auth.

(and FWIW, regarding the "hullop130" password, a quick grep shows that
"hullo" is in the dictionary, and cracklib may have additional rules
or ways to arrive at the password from a different dictionary word).
   Mirek
-- 
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel



[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux