[Pkg-shadow-devel] Bug#396726: chpasswd does not update opasswd
Nicolas François
nicolas.francois at centraliens.net
Mon Nov 6 21:13:38 CET 2006
On Mon, Nov 06, 2006 at 12:09:59PM -0500, Brian Ristuccia wrote:
> On Mon, Nov 06, 2006 at 05:07:31PM +0100, Nicolas François wrote:
> >
> > I recommend you to set users' password by root to a simple password that
> > can be communicated to the user, but also tag the password as expired, so
> > that the user have to choose a new password the next time he login (and
> > then the new password will be enterred to /etc/security/opasswd; also the
> > administrator do not have to know the users' passwords).
> >
>
> In that case, only the temporary password is written into opasswd. The
> user's previous password (before it was changed by root to the temporary
> one) is not stored in opasswd and nothing prevents the user from changing
> their password back to that value.
Yes, you are right. I did not understand the issue of #396918.
(This does not change the status for chpasswd, but I will try to have a
look at the pam_unix module)
Kind Regards,
--
Nekral
More information about the Pkg-shadow-devel
mailing list