On Tue, Jul 02, 2002 at 02:45:19PM +1000, John Warburton wrote: > > Hmm - good work Sun. > > Looks like I will have to go back to cracklib for want of anything else. > sigh. Why does that help? Are you able to get cracklib to verify passwords changed through sshd or telnetd? How, if the password management PAM stack is broken in that respect? Is Solaris 9 not an option for you? > Solar > Designer To: John Warburton <John.Warburton@asic.gov.au> > <solar@openwa cc: pam-list@redhat.com > ll.com> Fax to: > Subject: Re: pam_passwdqc, ssh and expired passwords > 29/06/2002 > 03:19 AM > > > > > > > > > *** > This email message has been processed by MIMEsweeper > *** > > Gary Winiger <gww at marduk.eng.sun.com> points out that the following > Solaris 8 bugs all of which are fixed in Solaris 9 are very likely > relevant to this problem: > > 4284795 when passwd is given the -r option, it ignores /etc/pam.conf > 4415159 unix_scheme pam_chauthtok does not stack > 4415162 unix_scheme pam_chauthtok too tightly coupled with passwd > > It seems like we should really try with Solaris 9. -- /sd
