Entwicklungsumgebung/Dateiliste/common-password
Diese Seite sollte nochmals überarbeitet werden. Eine Begründung befindet sich in der Regel unter Diskussion (oben). |
/etc/pam.d/common-password
Achtung: Bitte achten Sie unbedingt darauf, beim Kopieren und Einfügen einen Editor mit UNIX-Zeilenumbrüchen zu verwenden!
Hinweis: Die im delixs-Schulserver geänderten Zeilen sind gelb unterlegt.
<source highlight="24-28" lang="text">
- /etc/pam.d/common-password - password-related modules common to all services
- This file is included from other service-specific PAM config files,
- and should contain a list of modules that define the services to be
- used to change user passwords. The default is pam_unix.
- Explanation of pam_unix options:
- The "nullok" option allows users to change an empty password, else
- empty passwords are treated as locked accounts.
- The "md5" option enables MD5 passwords. Without this option, the
- default is Unix crypt.
- The "obscure" option replaces the old `OBSCURE_CHECKS_ENAB' option in
- login.defs.
- You can also use the "min" option to enforce the length of the new
- password.
- See the pam_unix manpage for other options.
- password required pam_unix.so nullok obscure md5
password [success=1 default=ignore] pam_unix.so nullok obscure min=4 max=8 md5 password required pam_ldap.so try_first_pass
- password required pam_smbpass.so nullok use_authok try_first_pass
password required pam_permit.so
- Alternate strength checking for password. Note that this
- requires the libpam-cracklib package to be installed.
- You will need to comment out the password line above and
- uncomment the next two in order to use this.
- (Replaces the `OBSCURE_CHECKS_ENAB', `CRACKLIB_DICTPATH')
- password required pam_cracklib.so retry=3 minlen=6 difok=3
- password required pam_unix.so use_authtok nullok md5
</source>