required password length for users should be the same as pam.d/common-password

Bug #134948 reported by Frank J. Andersen on 2007-08-26
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
GST
Won't Fix
Wishlist
gnome-system-tools (Ubuntu)
Wishlist
Ubuntu Desktop Bugs

Bug Description

Binary package hint: gnome-system-tools

After doing clean install of Ubuntu 7.04 and patching, I create new user. I want to use 4 character password like '1234'. This fails as users-admin demands 6 characters.

Setting in /etc/pam.d/common-password IS 'min=4' !

Pedro Villavicencio (pedro) wrote :

agreed would be nice to have that also the max flag.

Changed in gnome-system-tools:
assignee: nobody → desktop-bugs
importance: Undecided → Wishlist
status: New → Triaged
Pedro Villavicencio (pedro) wrote :

sent upstream you can track it here: http://bugzilla.gnome.org/show_bug.cgi?id=470897

Changed in gst:
status: Unknown → New
David Henningsson (diwic) wrote :

There is also a minor error in the text, quote from user-password.c:

 else if (len < 6) {
  primary_text = _("Password is too short");
  secondary_text = _("User passwords must be longer than 6 characters and preferably "
                     "formed by numbers, letters and special characters.");

That is, length 6 is allowed, but the text claims that "must be longer than 6 characters", i e at least 7 characters.

Anyway, removing these lines altogether seems to be better than the current situation, where users-admin makes up its own non-configurable idea of what a proper password is. (I assume that trying to set a password that pam disallows will fail anyway.)

Milan Bouchet-Valat (nalimilan) wrote :

Yes, I'll have to fix that string, but that will be for Lucid+1.

We can't really remove these checks because when changing password for a user different than the current one, PAM doesn't check the password, which is set using 'chpasswd'. The current situation is pretty lame, but we'd have to parse PAM's config files in the backends and get the information from there... Using PAM in the backends would be better, but we don't support conversation in the protocol, and that would be very hard to implement without breaking all the other gnome-system-tools. Not likely to happen.

Changed in gst:
importance: Unknown → Wishlist
status: New → Confirmed
Changed in gst:
status: Confirmed → Won't Fix
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.