I'm managing a Redhat 9 system in which I'd like to disable cracklib.
I've tried to disable cracklib by commenting out this line in /etc/pam.d/system-auth:
password required /lib/security/$ISA/pam_cracklib.so retry=3 type=
and deleting the word "use_authtok" in the following line:
password sufficient /lib/security/$ISA/pam_unix.so nullok use_authtok shadow
When I then try to change passwords using passwd, I get the following error message:
Authentication token manipulation error.
after I enter my current password.
Can anyone tell me what I'm doing wrong?
The /etc/pam.d/passwd and system-auth files are unmodified from the original installation. The passwd file contains:
#%PAM-1.0 auth required pam_stack.so service=system-auth account required pam_stack.so service=system-auth password required pam_stack.so service=system-auth
and the system-auth file contains:
#%PAM-1.0 # This file is auto-generated. # User changes will be destroyed the next time authconfig is run. auth required /lib/security/$ISA/pam_env.so auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok auth required /lib/security/$ISA/pam_deny.so
account required /lib/security/$ISA/pam_unix.so
password required /lib/security/$ISA/pam_cracklib.so retry=3 type= password sufficient /lib/security/$ISA/pam_unix.so nullok use_authtok shadow password required /lib/security/$ISA/pam_deny.so
session required /lib/security/$ISA/pam_limits.so session required /lib/security/$ISA/pam_unix.so
Thanks for youe help.
John Blinka
_______________________________________________ Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
