"min" and "max" seem to be specific to Debian, and only get used together with the "obscure" keyword: There's a debian-specific patch (debian/patches-applied/007_modules_pam_unix), which adds the function obscure_msg(), where "min" and "max" get handled.
If "md5" gets used, it assumes "unlimited password length" and skips password_check()! It does not really check for pass_max_len otherwise, too. Then, there is a "strange" check in obscure_msg() - at least I don't understand it: + if (oldlen <= pass_max_len && newlen <= pass_max_len) + return NULL; ..and the passwords passed to password_check() get limited then to pass_max_len (what seems to be the only use of "max"). Altogether, this looks really weird altogether I'm using Ubuntu Feisty, pam 0.79-4ubuntu2. btw: apart from that, limiting a password to the first X chars seems to be bad IMHO! ** Changed in: pam (Ubuntu) Status: Unconfirmed => Confirmed -- Documentation for pam_unix incorrect for "max=" option https://bugs.launchpad.net/bugs/85790 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs