search for: pam_passwdqc

...Errata and Bugfix Advisory 2015:0712 Upstream details at : https://rhn.redhat.com/errata/RHBA-2015-0712.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 86b26ba5195d5f022d0b5756bf1ff01ed007703ac5e69995483c28e51e0b261f pam_passwdqc-1.0.5-8.el6.i686.rpm x86_64: 86b26ba5195d5f022d0b5756bf1ff01ed007703ac5e69995483c28e51e0b261f pam_passwdqc-1.0.5-8.el6.i686.rpm dad8c6003bc37cfa40c11700ba5e61e2d45dd27f6469087de98b335be53585da pam_passwdqc-1.0.5-8.el6.x86_64.rpm Source: d5f60315d8560aad15cde53e82f44559d861dd2e9965ea6f0e60b90aa6...

...o it is more specific than "Re: Contents of CentOS-announce digest..." Today's Topics: 1. CESA-2015:0715 Moderate CentOS 6 openssl Security Update (Johnny Hughes) 2. CEBA-2015:0710 CentOS 6 time FASTTRACK BugFix Update (Johnny Hughes) 3. CEBA-2015:0712 CentOS 6 pam_passwdqc FASTTRACK BugFix Update (Johnny Hughes) 4. CEBA-2015:0711 CentOS 6 mgetty FASTTRACK BugFix Update (Johnny Hughes) 5. CEEA-2015:0717 CentOS 6 tzdata Enhancement Update (Johnny Hughes) 6. CEEA-2015:0717 CentOS 5 tzdata Enhancement Update (Johnny Hughes) ------------------------...

...512111, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_ChangePasswordUser2: struct samr_ChangePasswordUser2 out: struct samr_ChangePasswordUser2 result : NT_STATUS_WRONG_PASSWORD Any suggestions? I found this problem when I installed pam_passwdqc, which seem to work. Thanks, Torkil

...i386 2.2-29 base 512 k nss_ldap i386 226-17 update 1.0 M pam_ccreds i386 1-3 base 28 k pam_krb5 i386 2.1.8-1 base 81 k pam_passwdqc i386 0.7.5-2 base 33 k pam_smb i386 1.1.7-5 base 32 k readline i386 4.3-13 base 175 k redhat-lsb i386 3.0-8.EL base 19 k rsh...

...se default domain = Yes cups options = raw [homes] comment = Home Directories read only = No browseable = No [printers] comment = All Printers path = /var/spool/samba printable = Yes browseable = No PAM packages: pam-0.77-65 pam_passwdqc-0.7.5-2 pam-devel-0.77-65 pam_smb-1.1.7-5 pam_krb5-2.1.2-1 pam_ccreds-1-3 /etc/pam.d/system-auth (used by /etc/pam.d/sshd, etc.): #auth auth required /lib/security/$ISA/pam_env.so auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok auth sufficient /lib/se...

Hi, just to avoid re-inventing the wheel, is there any document that can help me reduce even further a "minimum" installation of Centos 4.4 (BTW can you say 600mb is minimum)? I am in the process of creating a small Centos-4.4-based Asterisk box and I need to boot it from a CF card. Deleting useless packages will help me do what i want. Example: even a minimum install of Centos 4.4 (or

Hi, just to avoid re-inventing the wheel, is there any document that can help me reduce even further a "minimum" installation of Centos 4.4 (BTW can you say 600mb is minimum)? I am in the process of creating a small Centos-4.4-based Asterisk box and I need to boot it from a CF card. Deleting useless packages will help me do what i want. Example: even a minimum install of Centos 4.4 (or

...ted straight away. I have added this to my pam.d login file session required /lib/security/pam_limits.so So i presume this is what is causing the issue but does anyone know which module may be missing? # rpm -qa | grep pam pam_ccreds-3-3.rhel4.2 pam-0.77-66.21 pam_krb5-2.1.8-1 pam_smb-1.1.7-5 pam_passwdqc-0.7.5-2 thanks

how to ensure systems users have strong passwords enabled -- Regards Agnello D'souza

...ot; command but "smbpasswd" does not enforce them. This, also, does not affect the Windows client. The complex passwords available on the native windows side are not adequate for my environment. I am running RedHat AS 3.0u3 (samba-3.0.6-2.3E) and using LDAP as the backend database. I use pam_passwdqc.so and I have also tried pam_cracklib.so in /etc/pam.d/system-auth. Has anyone setup Samba to be able to enforce complex password rules defined in Unix on Windows clients? Thanks, Darryl

...passdb backend = smbpasswd cat /etc/pam.d/passwd # # $FreeBSD: src/etc/pam.d/passwd,v 1.3.36.1 2010/02/10 00:26:20 kensmith Exp $ # # PAM configuration for the "passwd" service # # passwd(1) does not use the auth, account or session services. # password #password requisite pam_passwdqc.so enforce=users password required pam_unix.so no_warn try_first_pass nullok password optional /usr/local/lib/pam_smbpass.so try_first_pass smbconf=/usr/local/etc/smb.conf [root at localhost ~]# passwd Changing local password for root New Password: R...

...b_auth is disabled SMB workgroup = "TEST.COM" SMB servers = "192.168.0.100" pam_winbind is enabled SMB workgroup = "TEST.COM" SMB servers = "192.168.0.100" SMB security = "ads" SMB realm = "TEST.COM" pam_cracklib is enabled (retry=3) pam_passwdqc is disabled () So there you have it. I've googled for the problem with no luck. Any ideas? Thanks, Rafiq

...b: /var/lib/rpm/Packages: unsupported hash version: 9 error: cannot open Packages index using db3 - Invalid argument (22) error: cannot open Packages database in /var/lib/rpm error: /tmp/google.sig.G17031: import failed. [ OK ] atd: [ OK ] job 1 at 2013-05-18 06:53 <snip> Installing: pam_passwdqc ################### [1010/1011] Installing: rdist ################### [1011/1011] rpmdb: Program version 4.7 doesn't match environment version 0.128 error: db3 error(-30971) from dbenv->open: DB_VERSION_MISMATCH: Database environment version mismatch error: cannot op...

...Feb 15 13:21:51 nfondy passwd[30090]: pam_smbpass(passwd:chauthtok): Cannot access samba password database, not running as root. Again it works with out tsl or ssl. common-passwd: # here are the per-package modules (the "Primary" block) password requisite pam_passwdqc.so password [success=2 default=ignore] pam_unix.so obscure use_authtok try_first_pass sha512 password [success=1 default=ignore] pam_ldap.so minimum_uid=1000 try_first_pass # here's the fallback if no module succeeds password requisite pam_...

...d SMB workgroup = "CME" SMB servers = "prod-srv-8.cme.com" pam_winbind is enabled SMB workgroup = "CME" SMB servers = "prod-srv-8.cme.com" SMB security = "ads" SMB realm = "CME.COM" pam_cracklib is enabled (try_first_pass retry=3) pam_passwdqc is disabled () pam_access is disabled () pam_mkhomedir is enabled () Always authorize local users is enabled () Authenticate system accounts against network services is disabled Charles Johnson Information Technology Custom Manufacturing & Engineering 2904 44th Ave. N St. Pe...

Here is the applicable article: http://www.linux.com/feature/125548 There are links in the above article that explain tests for the system and what is currently known about the rootkit. Apparently initial access is NOT via any vulnerability but just guessed root passwords. There are currently 2 methods to see if you are infected: 1. In some cases, the root kit causes you to not be able to

...auth sufficient pam_unix.so shadow use_first_pass auth required pam_deny.so /etc/pam.d/common-session: session sufficient pam_ldap.so session required pam_unix.so /etc/pam.d/common-password: password requisite pam_passwdqc.so min=12,10,10,8,6 random=25 retry=3 passphrase=2 password sufficient pam_ldap.so type=network use_authtok first_pass password sufficient pam_unix.so type=machine use_authtok md5 password required pam_deny.so Once all of...

...mon -notify-python -nscd nspr nss nss_db -nss_ldap nss-tools ntp ntsysv -numactl -oddjob -oddjob-libs -openais OpenIPMI OpenIPMI-libs OpenIPMI-tools openjade openldap opensp openssh openssh-clients openssh-server openssl openssl097a openssl-devel -oprofile -ORBit2 pam pam-devel pam_ccreds -pam_krb5 pam_passwdqc pam_pkcs11 pam_smb pango paps parted passwd patch patchutils pax pciutils pciutils-devel -pcmciautils pcre pcre-devel pcsc-lite pcsc-lite-libs perl perl-Compress-Zlib perl-Convert-ASN1 perl-Crypt-SSLeay perl-DateManip perl-DBD-Pg perl-DBI perl-HTML-Parser perl-HTML-Tagset perl-IO-Socket-SSL perl-LD...

Here is the output from yum -y upgrade without the error parts... Its odd because it updated all of these first time round. I have dared reboot the box yet, for fear it won't come back up... Setting up Upgrade Process Setting up Repos Reading repository metadata in from local files Resolving Dependencies --> Populating transaction set with selected packages. Please wait. --->

....x86_64 openssh-5.3p1-20.el6_0.3.x86_64 openssh-clients-5.3p1-20.el6_0.3.x86_64 openssh-server-5.3p1-20.el6_0.3.x86_64 openssl-1.0.0-4.el6_0.2.x86_64 openssl098e-0.9.8e-17.el6.centos.x86_64 pakchois-0.4-3.2.el6.x86_64 pam-1.1.1-4.el6_0.1.x86_64 pam_krb5-2.3.11-1.el6.x86_64 pam_ldap-185-5.el6.x86_64 pam_passwdqc-1.0.5-6.el6.x86_64 pango-1.28.1-3.el6_0.5.x86_64 pangomm-2.26.0-1.el6.x86_64 parted-2.1-10.el6.x86_64 passwd-0.77-4.el6.x86_64 patch-2.6-6.el6.x86_64 pax-3.4-10.1.el6.x86_64 pciutils-3.1.4-9.el6.x86_64 pciutils-libs-3.1.4-9.el6.x86_64 pcmciautils-015-4.2.el6.x86_64 pcre-7.8-3.1.el6.x86_64 perl-5.10...