problems disabling cracklib
John Blinka
jblinka at neo.rr.com
Sat Apr 3 18:39:26 UTC 2004
I'm managing a Redhat 9 system in which I'd like to disable
cracklib.
I've tried to disable cracklib by commenting out this line
in /etc/pam.d/system-auth:
password required /lib/security/$ISA/pam_cracklib.so retry=3 type=
and deleting the word "use_authtok" in the following line:
password sufficient /lib/security/$ISA/pam_unix.so nullok use_authtok shadow
When I then try to change passwords using passwd, I get the
following error message:
Authentication token manipulation error.
after I enter my current password.
Can anyone tell me what I'm doing wrong?
The /etc/pam.d/passwd and system-auth files are unmodified
from the original installation. The passwd file contains:
#%PAM-1.0
auth required pam_stack.so service=system-auth
account required pam_stack.so service=system-auth
password required pam_stack.so service=system-auth
and the system-auth file contains:
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth required /lib/security/$ISA/pam_env.so
auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok
auth required /lib/security/$ISA/pam_deny.so
account required /lib/security/$ISA/pam_unix.so
password required /lib/security/$ISA/pam_cracklib.so retry=3 type=
password sufficient /lib/security/$ISA/pam_unix.so nullok use_authtok shadow
password required /lib/security/$ISA/pam_deny.so
session required /lib/security/$ISA/pam_limits.so
session required /lib/security/$ISA/pam_unix.so
Thanks for youe help.
John Blinka
More information about the Pam-list
mailing list