From 6ffceb7ea00d6cb8fa0381784a3f6220258b67ef Mon Sep 17 00:00:00 2001 From: Tomas Mraz Date: Mon, 30 Sep 2013 11:39:27 +0200 Subject: [PATCH] add "local_users_only" to pam_pwquality in default configuration --- pam.spec | 5 ++++- password-auth.pamd | 2 +- system-auth.pamd | 2 +- 3 files changed, 6 insertions(+), 3 deletions(-) diff --git a/pam.spec b/pam.spec index b65bc7b..57c6b3c 100644 --- a/pam.spec +++ b/pam.spec @@ -3,7 +3,7 @@ Summary: An extensible library which provides authentication for applications Name: pam Version: 1.1.7 -Release: 1%{?dist} +Release: 2%{?dist} # The library is BSD licensed with option to relicense as GPLv2+ # - this option is redundant as the BSD license allows that anyway. # pam_timestamp, pam_loginuid, and pam_console modules are GPLv2+. @@ -370,6 +370,9 @@ fi %doc doc/adg/*.txt doc/adg/html %changelog +* Mon Sep 30 2013 Tomáš Mráz 1.1.7-2 +- add "local_users_only" to pam_pwquality in default configuration + * Fri Sep 13 2013 Tomáš Mráz 1.1.7-1 - new upstream release diff --git a/password-auth.pamd b/password-auth.pamd index 6020c9d..2e01bf9 100644 --- a/password-auth.pamd +++ b/password-auth.pamd @@ -7,7 +7,7 @@ auth required pam_deny.so account required pam_unix.so -password requisite pam_pwquality.so try_first_pass retry=3 authtok_type= +password requisite pam_pwquality.so try_first_pass local_users_only retry=3 authtok_type= password sufficient pam_unix.so try_first_pass use_authtok nullok sha512 shadow password required pam_deny.so diff --git a/system-auth.pamd b/system-auth.pamd index 6020c9d..2e01bf9 100644 --- a/system-auth.pamd +++ b/system-auth.pamd @@ -7,7 +7,7 @@ auth required pam_deny.so account required pam_unix.so -password requisite pam_pwquality.so try_first_pass retry=3 authtok_type= +password requisite pam_pwquality.so try_first_pass local_users_only retry=3 authtok_type= password sufficient pam_unix.so try_first_pass use_authtok nullok sha512 shadow password required pam_deny.so