28 lines
905 B
Plaintext
28 lines
905 B
Plaintext
Please see the README for instructions common to all platforms and
|
|
descriptions of the options mentioned here.
|
|
|
|
|
|
Linux.
|
|
|
|
Most modern Linux distributions use Linux-PAM with a password changing
|
|
module which understands "use_authtok". Thus, you may choose which
|
|
module prompts for the old password, things should work either way.
|
|
|
|
|
|
FreeBSD.
|
|
|
|
Currently, FreeBSD doesn't use PAM for password changing. This means
|
|
you won't be able to use pam_passwdqc with FreeBSD.
|
|
|
|
|
|
Solaris.
|
|
|
|
pam_passwdqc has to ask for the old password during the update phase.
|
|
Use "ask_oldauthtok=update check_oldauthtok" with pam_passwdqc and
|
|
"use_first_pass" with pam_unix.
|
|
|
|
You will likely also need to set "max=8" in order to actually enforce
|
|
not-so-weak passwords with the obsolete "traditional" crypt(3) hashes
|
|
that most Solaris systems use. Of course this way you only get about
|
|
one third of the functionality of pam_passwdqc.
|