commit: 74b99b4462138ed6b496725b2499fb5d17ad9371
Author: Mikle Kolyada <zlogene <AT> gentoo <DOT> org>
AuthorDate: Wed Oct 28 16:07:21 2020 +0000
Commit: Mikle Kolyada <zlogene <AT> gentoo <DOT> org>
CommitDate: Wed Oct 28 16:13:35 2020 +0000
URL: https://gitweb.gentoo.org/proj/pambase.git/commit/?id=74b99b44
Do not use use_authtok if no passwd module was stacked
Signed-off-by: Mikle Kolyada <zlogene <AT> gentoo.org>
templates/system-auth.tpl | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/templates/system-auth.tpl b/templates/system-auth.tpl
index 2ffd7ea..6edba8d 100644
--- a/templates/system-auth.tpl
+++ b/templates/system-auth.tpl
@@ -35,7 +35,12 @@ password required pam_pwhistory.so use_authtok
remember=5 retry=3
password [success=1 default=ignore] pam_krb5.so {{ krb5_params }}
{% endif %}
+{% if passwdqc or pwquality %}
password required pam_unix.so try_first_pass {{
unix_authtok|default('', true) }} {{ nullok|default('', true) }} {{
unix_extended_encryption|default('', true) }} {{ debug|default('', true) }}
+{% else %}
+password required pam_unix.so try_first_pass {{
nullok|default('', true) }} {{ unix_extended_encryption|default('', true) }} {{
debug|default('', true) }}
+{% endif %}
+
password optional pam_permit.so
{% if pam_ssh %}
