[Bug 227395] New: minimum acceptable password length can't be changed
https://bugzilla.novell.com/show_bug.cgi?id=227395 Summary: minimum acceptable password length can't be changed Product: openSUSE 10.2 Version: RC 5 Platform: Other OS/Version: Other Status: NEW Severity: Normal Priority: P5 - None Component: YaST2 AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: timmi@gmx-topmail.de QAContact: jsrain@novell.com CC: timmi@gmx-topmail.de YaST -> Security and Users -> local security There exists the possibility to set the "minimum acceptable password length". However, when I set it to 0, the change in ignored. When using the 'passwd' command, still the old value is applied. When I call the yast module another time, also there appears the old value. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=227395 ------- Comment #1 from timmi@gmx-topmail.de 2006-12-09 09:13 MST ------- Created an attachment (id=108991) --> (https://bugzilla.novell.com/attachment.cgi?id=108991&action=view) /var/log/YaST2 as .tar.bz2 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=227395 mhorvath@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|bnc-team- |jsuchome@novell.com |screening@forge.provo.novell| |.com | -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=227395 jsuchome@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO Info Provider| |kukuk@novell.com ------- Comment #2 from jsuchome@novell.com 2006-12-11 03:01 MST ------- 'pam-config -a --pwcheck-minlen=0' removes pwcheck-minlen at all. Is that correct? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=227395 kukuk@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |kukuk@novell.com Status|NEEDINFO |ASSIGNED Info Provider|kukuk@novell.com | ------- Comment #3 from kukuk@novell.com 2006-12-11 03:07 MST ------- Yes, that is correct. "minlen=0" does not make sense at all. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=227395 ------- Comment #5 from timmi@gmx-topmail.de 2006-12-11 06:42 MST ------- For me, it makes sense to have minlen=0. I need one user account who is publicly accessible for all people and has no password. As this doesn't work with the "users" module in yast, I've created the user with yast, set minlen=0 (up to 10.1 this was possible) and than changed the password with 'passwd' in the console. Even the missing possibility in yast to create users with empty passwords was reported as bug 144724 and fixed for 10.2. But now, it doesn't work because of this bug here. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=227395 ------- Comment #6 from kukuk@novell.com 2006-12-11 08:05 MST ------- passwd ignores the result of such checks if the user is root, and only root should be allowed to set an empty password. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=227395 ------- Comment #7 from jsuchome@novell.com 2006-12-11 08:14 MST ------- yast2-users has to be called by root when it should modify anything. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=227395 ------- Comment #8 from timmi@gmx-topmail.de 2006-12-12 00:50 MST -------
passwd ignores the result of such checks if the user is root, and only root should be allowed to set an empty password.
Well, In 10.1, that was possible. I've set in yast the minimal password length to 0. Than I've created a user with yast2-users and gave him a password (as yast-users doesn't accept an empty password). Than I've logged on in the console as this user (not as root) and I've set the new, empty password using 'passwd'. It worked. If it is desired is another question... -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=227395 jsuchome@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |jsuchome@novell.com AssignedTo|jsuchome@novell.com |kukuk@novell.com Status|NEEDINFO |NEW Info Provider|kukuk@novell.com | ------- Comment #9 from jsuchome@novell.com 2006-12-12 06:57 MST ------- Thorsten, please either enable it or close the bug. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=227395 kukuk@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|kukuk@novell.com |jsuchome@novell.com ------- Comment #10 from kukuk@novell.com 2007-01-26 08:24 MST ------- pam-config knows now about --pwcheck-no_minlen to remove the option, --pwcheck-minlen=0 will add minlen=0 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=227395 jsuchome@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO Info Provider| |kukuk@novell.com ------- Comment #11 from jsuchome@novell.com 2007-01-26 08:37 MST ------- YaST already calls --pwcheck-minlen=0 when users sets 0 as minimal value, so this should work as well. YaST currently uses "pam-config -d --pwcheck-minlen=" for removing (the same syntax as for other values), does this still work or do I need to adapt it for --pwcheck-no_minlen? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=227395 kukuk@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|jsuchome@novell.com |kukuk@novell.com Status|NEEDINFO |ASSIGNED Info Provider|kukuk@novell.com | ------- Comment #12 from kukuk@novell.com 2007-01-26 08:42 MST ------- --pwcheck-minlen= is identical to --pwcheck-minlen=0, so it worked before and for others because 0 had the special meaning of remove this option. But you are right, my new option is inconsistent, I should fix the -d case... Next try next week. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=227395 kukuk@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|kukuk@novell.com |jsuchome@novell.com Status|ASSIGNED |NEW ------- Comment #13 from kukuk@novell.com 2007-01-29 05:38 MST ------- I have removed --pwcheck-no_minlen again, 'pam-config -d --pwcheck-minlen=' is now the consistent and correct way to remove the option. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=227395 jsuchome@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |FIXED ------- Comment #14 from jsuchome@novell.com 2007-01-29 05:44 MST ------- And since yast2-security already uses this, everything is done. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=227395 timmi@gmx-topmail.de changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |VERIFIED ------- Comment #15 from timmi@gmx-topmail.de 2007-03-23 06:07 MST ------- Verified in openSUSE 10.3 alpha 2. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=227395 timmi@gmx-topmail.de changed: What |Removed |Added ---------------------------------------------------------------------------- CC|timmi@gmx-topmail.de | Status|VERIFIED |CLOSED ------- Comment #16 from timmi@gmx-topmail.de 2007-03-23 06:07 MST ------- Closing. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
participants (1)
-
bugzilla_noreply@novell.com