[Pkg-shadow-devel] Bug#115380: Patch for passwd man page (Debian bug #115380)

[Christian Perrier]

tags 115380 patch
thanks

In http://bugs.debian.org/115380, the user complains that the reject
of "bad" passwords only happens after the password has bene confirmed.

Analysis showed that changing this is not easy, but also that the
passwd(1) man page is misleading about this, suggesting that the
password strength check happens before the confirmation.

The attached patch (for upstream man page) corrects the man page with
that matter.

Tomasz, could you consider applying it to your CVS ?


-- 




-------------- next part --------------
--- passwd.1.xml.ori	2005-09-12 18:15:47.000000000 +0200
+++ passwd.1.xml	2005-09-12 18:23:42.000000000 +0200
@@ -91,10 +91,15 @@
 	password and exits.
       </para>
 
-      <para>The user is then prompted for a replacement password. This
-	password is tested for complexity. As a general guideline, passwords
-	should consist of 6 to 8 characters including one or more from each
-	of following sets:
+      <para>The user is then prompted twice for a replacement
+        password. The second entry is compared against the first and
+        both are required to match in order for the password to be
+        changed.  
+      </para>
+
+      <para>Then, the password is tested for complexity. As a general
+        guideline, passwords should consist of 6 to 8 characters including
+        one or more characters from each of the following sets:
       </para>
 
       <itemizedlist mark='bullet'>
@@ -114,11 +119,6 @@
 	which is not suitably complex.
       </para>
 
-      <para>If the password is accepted, <command>passwd</command> will
-	prompt again and compare the second entry against the first. Both
-	entries are required to match in order for the password to be
-	changed.
-      </para>
     </refsect2>
 
     <refsect2 id='group_passwords'>