From 9764ce2873a05ec9e81c6979177122f9846a9ee2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pavel=20B=C5=99ezina?= Date: Thu, 13 Sep 2018 14:30:55 +0200 Subject: [PATCH 11/16] nis: add nis option to pam_unix in password phase This option will allow nis users to change their passwords with 'passwd'. Resolves: https://github.com/pbrezina/authselect/issues/87 --- profiles/nis/password-auth | 2 +- profiles/nis/system-auth | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/profiles/nis/password-auth b/profiles/nis/password-auth index 8f18616eb2d2c228880989ea4cce86b6588b2190..78028e19bbad3965f5232c6b6177d8780d7e1c04 100644 --- a/profiles/nis/password-auth +++ b/profiles/nis/password-auth @@ -14,7 +14,7 @@ account sufficient pam_succeed_if.so uid < account required pam_permit.so password requisite pam_pwquality.so try_first_pass local_users_only -password sufficient pam_unix.so sha512 shadow nullok try_first_pass use_authtok +password sufficient pam_unix.so sha512 shadow nullok try_first_pass use_authtok nis password required pam_deny.so session optional pam_keyinit.so revoke diff --git a/profiles/nis/system-auth b/profiles/nis/system-auth index e0bc4ef2fb4efc825927d13c0ff4b0083e5134ea..2909a546a49f991128c48285fa90a1937fa03513 100644 --- a/profiles/nis/system-auth +++ b/profiles/nis/system-auth @@ -15,7 +15,7 @@ account sufficient pam_succeed_if.so uid < account required pam_permit.so password requisite pam_pwquality.so try_first_pass local_users_only -password sufficient pam_unix.so sha512 shadow nullok try_first_pass use_authtok +password sufficient pam_unix.so sha512 shadow nullok try_first_pass use_authtok nis password required pam_deny.so session optional pam_keyinit.so revoke -- 2.17.1