<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=us-ascii">
<META content="MSHTML 6.00.2800.1476" name=GENERATOR></HEAD>
<BODY>
<DIV><FONT face=Arial size=2><SPAN class=533065417-03122004>Can someone please
tell me how, on FC 2 , to do the following:</SPAN></FONT></DIV>
<DIV><FONT face=Arial size=2><SPAN
class=533065417-03122004></SPAN></FONT> </DIV>
<DIV><FONT face=Arial size=2><SPAN class=533065417-03122004>1. Ensure a
password meets minimum length and other quality
restrictions.</SPAN></FONT></DIV>
<DIV><FONT face=Arial size=2><SPAN
class=533065417-03122004></SPAN></FONT> </DIV>
<DIV><FONT face=Arial size=2><SPAN class=533065417-03122004>2. Lockout an
account for time X after three failed attempts.</SPAN></FONT></DIV>
<DIV><FONT face=Arial size=2><SPAN
class=533065417-03122004></SPAN></FONT> </DIV>
<DIV><FONT face=Arial size=2><SPAN class=533065417-03122004>3. Force a
user to change a password after time Y.</SPAN></FONT></DIV>
<DIV><FONT face=Arial size=2><SPAN
class=533065417-03122004></SPAN></FONT> </DIV>
<DIV><FONT face=Arial size=2><SPAN class=533065417-03122004>4. Report all
the above.</SPAN></FONT></DIV>
<DIV><FONT face=Arial size=2><SPAN
class=533065417-03122004></SPAN></FONT> </DIV>
<DIV><FONT face=Arial size=2><SPAN class=533065417-03122004>The /etc/login.defs
with password restrictions apparently doesn't work with PAM.</SPAN></FONT></DIV>
<DIV><FONT face=Arial size=2><SPAN
class=533065417-03122004></SPAN></FONT> </DIV>
<DIV><FONT face=Arial size=2><SPAN class=533065417-03122004>PAM documentation is
very confusing to me--I see apparent dependencies, duplications, and
overlaps between "services" and modules, and which takes precedence is not
clear..</SPAN></FONT></DIV>
<DIV><FONT face=Arial size=2><SPAN
class=533065417-03122004></SPAN></FONT> </DIV>
<DIV><FONT face=Arial size=2><SPAN class=533065417-03122004>For example,
following the examples in the "Linux-PAM System Administrators' Guide" (latest I
could find: version 0.76, Jun 2002) for the /etc/pam.d/passwd doesn't work for
me. I set the following:</SPAN></FONT></DIV>
<DIV><FONT face=Arial size=2><SPAN
class=533065417-03122004></SPAN></FONT> </DIV>
<DIV><FONT face=Arial size=2><SPAN class=533065417-03122004> password
required pam_cracklib.so \</SPAN></FONT></DIV>
<DIV><FONT face=Arial size=2><SPAN
class=533065417-03122004> dcredit=-1 ucredit=-1
ocredit=o lcredit=-1 minlen=8</SPAN></FONT></DIV>
<DIV><FONT face=Arial size=2><SPAN
class=533065417-03122004></SPAN></FONT> </DIV>
<DIV><FONT face=Arial size=2><SPAN class=533065417-03122004>Nothing
changes:</SPAN></FONT></DIV>
<DIV><FONT face=Arial size=2><SPAN
class=533065417-03122004></SPAN></FONT> </DIV>
<DIV><FONT face=Arial size=2><SPAN class=533065417-03122004> As a user I
try to change my password and it accepts 6 characters.</SPAN></FONT></DIV>
<DIV><FONT face=Arial size=2><SPAN
class=533065417-03122004></SPAN></FONT> </DIV>
<DIV><FONT face=Arial size=2><SPAN class=533065417-03122004>Thanks for any help
or pointers.</SPAN></FONT></DIV>
<DIV><FONT face=Arial size=2><SPAN
class=533065417-03122004></SPAN></FONT> </DIV>
<DIV><FONT face=Arial size=2><SPAN class=533065417-03122004>Tom
Browder</SPAN></FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV></BODY></HTML>