#298 [RFE] Add support for cracklib to password policies
Closed: fixed 3 months ago by rcritten. Opened 10 years ago by rcritten.

Add as another option in password policies the ability to run the password against cracklib to check for dictionary words, etc.

https://bugzilla.redhat.com/show_bug.cgi?id=587752


Also see a ticket #3256 which was filed by JR and is marked as a duplicate of this one.

Metadata Update from @rcritten:
- Issue assigned to rcritten
- Issue set to the milestone: Future Releases

3 years ago

master:

  • 41021c2 Add LDAP schema for new libpwquality attributes
  • 6b452e5 Extend IPA pwquality plugin to include libpwquality support
  • c03b486 Add new pwpolicy objectclass to test_xmprpc/objectclasses.py
  • 3fc2eda Require libpwolicy and configure it in the build system
  • c4cca53 Extend password policy to evaluate passwords using libpwpolicy
  • 46d0096 Add a unit test for libpwquality-based password policy
  • 6da070e Pass the user to the password policy check in the kdb driver
  • be2efc1 Add a raiseonerr option to ldappasswd_user_change
  • fe44835 ipatests: add test for password policies
  • 68aa7c0 Add SELinux policy so kadmind can read the crackdb dictionary
  • f602da4 Requirements and design for libpwquality integration
  • 5155280 ipatests: Add test_pwpolicy to nightly runs

ipa-4-8:

  • 04c34dc Add LDAP schema for new libpwquality attributes
  • e8232dd Extend IPA pwquality plugin to include libpwquality support
  • 4dcb8d9 Add new pwpolicy objectclass to test_xmprpc/objectclasses.py
  • 734afe3 Require libpwolicy and configure it in the build system
  • 43cdcad Extend password policy to evaluate passwords using libpwpolicy
  • cba86e8 Add a unit test for libpwquality-based password policy
  • d6a8fc2 Pass the user to the password policy check in the kdb driver
  • 676979e Add a raiseonerr option to ldappasswd_user_change
  • 9627ac4 ipatests: add test for password policies
  • 60768b7 Add SELinux policy so kadmind can read the crackdb dictionary
  • 48801cb ipatests: Add test_pwpolicy to nightly runs

Metadata Update from @rcritten:
- Issue close_status updated to: fixed
- Issue status updated to: Closed (was: Open)

3 months ago

master:

  • 26b9a69 Wrap libpwquality PKG_CHECK_MODULES in ENABLE_SERVER test

ipa-4-8:

  • 3e51d44 Wrap libpwquality PKG_CHECK_MODULES in ENABLE_SERVER test

Metadata Update from @abbra:
- Custom field changelog adjusted to FreeIPA password quality checking plugin has been extended to use libpwquality library. Password policies can now check for a reuse of a user name, dictionary words using a cracklib package, numbers and symbols replacement and repeating characters in the passwords.

2 months ago

Login to comment on this ticket.

Metadata