[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: use_authtok -- what purpose?



Jan Rekorajski wrote:
> 
> On Wed, 05 Apr 2000, Michael Tokarev wrote:
> 
> > Also, one good candidate for module is "pam_saveoldpass" that should be stacked
> > on top of password storing module and should do the work that pam_unix currently
> > does -- store old password in, say, /etc/opasswd, and should be used in conjunction
> > with (again) the first "asking" module.
> 
> Now he tells me :(  Do yo started any work on it?  If no then I'm cutting
> this stuff from pam_unix and will make pam_saveoldpass module.

I'm now in process of modifiyng pam_cracklib. And it should have configurable
oldpass file (not only /etc/opasswd, but with default on this).
I want pam_saveoldpass to be the next thing (also with configurable path).
(actually it is new pam_newpass module, as is is a complete rewrite based
on pam_cracklib, and name is not perfect for this. It also have dictpath=
parameter to use cracklib).

Nothe I think that saveoldpass should be stacked _after_ password storing module,
not _before_ it, as Andrew said, as password storing module can fail to change password
for some purpose.  But saveoldpass should be safe -- it is not very bad if it will be
unable to save OLDAUTHTOK...

P.S. Does anybody knows why there is no man pages for pam modules?
I started from man page :)
What documentation format should be used for modules?

> Jan
> --
> Jan RЙkorajski            |  ALL SUSPECTS ARE GUILTY. PERIOD!
> baggins<at>mimuw.edu.pl   |  OTHERWISE THEY WOULDN'T BE SUSPECTS, WOULD THEY?
> BOFH, type MANIAC         |                   -- TROOPS by Kevin Rubio



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []