Для нового класса студентов понадобилось установить какой-нибудь простенький пароль на cellmonitor. Однако возникла Problem:
[root@ed01cel02 cellos]# passwd cellmonitor
Changing password for user cellmonitor.
You can now choose the new password or passphrase.
A good password should be a mix of upper and lower case letters,
digits, and other characters. You can use a 5 character long
password.
A passphrase should be of at least 3 words, 5 to 40 characters
long and contain enough different characters.
Alternatively, if noone else can see your terminal now, you can
pick this as your password: "please_goal!Burma".
Enter new password:
Solution: change enforce=everyone -> enforce=none
[root@ed01cel02 cellos]# cd /etc/pam.d/
[root@ed01cel02 pam.d]# cat system-auth
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth required pam_env.so
auth required pam_unix.so try_first_pass nullok
#auth required pam_deny.so
account required pam_unix.so
password requisite pam_passwdqc.so min=5,5,5,5,5 similar=deny enforce=everyone max=40
password sufficient pam_unix.so try_first_pass use_authtok nullok md5 shadow remember=10
password required pam_deny.so
session optional pam_keyinit.so revoke
session required pam_limits.so
session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
session required pam_unix.so
End think about return enforce=everyone back after new password is set
[root@ed01cel02 cellos]# passwd cellmonitor
Changing password for user cellmonitor.
You can now choose the new password or passphrase.
A good password should be a mix of upper and lower case letters,
digits, and other characters. You can use a 5 character long
password.
A passphrase should be of at least 3 words, 5 to 40 characters
long and contain enough different characters.
Alternatively, if noone else can see your terminal now, you can
pick this as your password: "please_goal!Burma".
Enter new password:
Weak password: not enough different characters or classes.
Try again.Solution: change enforce=everyone -> enforce=none
[root@ed01cel02 cellos]# cd /etc/pam.d/
[root@ed01cel02 pam.d]# cat system-auth
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth required pam_env.so
auth required pam_unix.so try_first_pass nullok
#auth required pam_deny.so
account required pam_unix.so
password requisite pam_passwdqc.so min=5,5,5,5,5 similar=deny enforce=everyone max=40
password sufficient pam_unix.so try_first_pass use_authtok nullok md5 shadow remember=10
password required pam_deny.so
session optional pam_keyinit.so revoke
session required pam_limits.so
session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
session required pam_unix.so
End think about return enforce=everyone back after new password is set
Changing password for user cellmonitor.
ReplyDeleteYou can now choose the new password or passphrase.
A good password should be a mix of upper and lower case letters,
digits, and other characters. You can use a 5 character long
password.
A passphrase should be of at least 3 words, 5 to 40 characters
long and contain enough different characters.
Alternatively, if noone else can see your terminal now, you can
pick this as your password: "please_goal!Burma".
how can you remove the above suggestion? It is breaking our script.
Thanks!
Hi, DEsi MALton
DeleteTry passwd --stdin or passwd -S oracle, may be it help you.
Hi Yuri Pud,
DeleteThank you for your reply but it didn't work. Would you know how to disable the whole paragraph of suggestion? Basically our script is looking for "password" and "password" twice as we enter and confirm our pasword while changing it. It is working on thousands of servers but not these Oracle Standalone servers.
Hi,
ReplyDeletetry passwd 1>/dev/null
For example:
# passwd 1>/dev/null
Enter new password:
Hi,
ReplyDeleteThank you very much for your response.