Philip Kime wrote:
Effective policy is determined by new_passwdPolicy() which considers
the modification
initiated by the password change extop to be internal and local policy
is not
retrieved.
I suspected as much - this should probably go in the password policy
section of the documentation as there are all sorts of recommendations
flying round the Web for setting pam_password to "exop" to allow
password changes to work properly. It does indeed work but as you say,
it bypasses all password policies (except global ones it seems).
I didn't mean to imply that it's intentional or that it should be this
way, just giving you a hand with the analysis. I have some changes
around this area of password policy that aren't committed and might
complicate a potential fix, I've filed a bug for you to keep track:
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=216522
|
--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users
