[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

pam_unix password expiry



I have a setup where I have both shadow passwords and smbpasswd passwords. system-auth is below.

I have a problem with forcing password changes on login. From what I can tell, account pam_unix is requesting the password change with PAM_NEW_AUTHTOK_REQD. From there though, the password change procedure is not the same as when passwd is launched from the command line. Then end result is that the SMB password is not updated when the password is changed on login.

Any ideas anyone?

John.


-- a normal password change $ passwd Changing password for jnewbigin Current SMB password: New LINUX password: Retype new LINUX password: passwd: all authentication tokens updated successfully $

-- a change on login
$ ssh jnewbigin mercury
jnewbigin mercury's password:
You are required to change your password immediately (root enforced)
Warning: Your password has expired, please change it now
Changing password for jnewbigin
(current) UNIX password:
New LINUX password:
Retype new LINUX password:
$


It is a redhat 7.2 box. Here is /etc/system-auth:


auth        required      /lib/security/pam_env.so
auth        requisite     /lib/security/pam_unix.so likeauth nullok
auth        optional      /lib/security/pam_smbpass.so migrate

account required /lib/security/pam_unix.so

password required /lib/security/pam_cracklib.so retry=3 type=LINUX
password required /lib/security/pam_smbpass2.so use_authtok try_first_pass migrate
password requisite /lib/security/pam_unix.so use_authtok md5 shadow try_first_pass


session     required      /lib/security/pam_limits.so
session     required      /lib/security/pam_unix.so

--
Information Technology Innovation Group
School of Information Technology
Swinburne University of Technology
Melbourne, Australia
http://www.it.swin.edu.au/staff/jnewbigin




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]