> Any ideas/opinions/other choices? What about a 3-pass system, as opposed to a 2-pass system? Pass 1: assert user is allowed to update Pass 2: assert this token is okay Pass 3: commit Rather than freezing the chain after the 1st pass, freeze it after the second? -- :-Dustin p.s. I maintain a PAM module (pam_ecryptfs.so) which is suffering from this problem on some password changes. _______________________________________________ Pam-list mailing list Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
