docs/184482: passwd (1) man page incorrect info about login.conf

Ryan Gerstenkorn ryan_gerstenkorn at fastmail.fm
Tue Dec 3 23:10:01 UTC 2013 

>Number:         184482
>Category:       docs
>Synopsis:       passwd (1) man page incorrect info about login.conf
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-doc
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          doc-bug
>Submitter-Id:   current-users
>Arrival-Date:   Tue Dec 03 23:10:00 UTC 2013
>Closed-Date:
>Last-Modified:
>Originator:     Ryan Gerstenkorn
>Release:        9-STABLE
>Organization:
>Environment:
FreeBSD FreeBSD92 9.2-STABLE FreeBSD 9.2-STABLE #1: Fri Nov  1 20:37:16 PDT 2013     root at FreeBSD92:/usr/obj/usr/src/sys/GENERIC  amd64
>Description:
In the passwd (1) man page it says the following:
"The new password should be at least six characters long (which may be
     overridden using the login.conf(5) ``minpasswordlen'' setting for a
     user's login class) and not purely alphabetic."

"The new password should contain a mixture of upper and lower case charac-
     ters (which may be overridden using the login.conf(5) ``mixpasswordcase''
     setting for a user's login class).  Allowing lower case passwords may be
     useful where the password file will be used in situations where only
     lower case passwords are permissible, such as when using Samba to authen-
     ticate Windows clients.  In all other situations, numbers, upper case
     letters and meta characters are encouraged."

under Files:
"/etc/login.conf     login class capabilities database"

under See Also:
login(1), login.conf(5),


However it seems that login.conf is no longer used by passwd(1), and instead 
password length and complexity is handled by pam with the pam_passwdqc module.

>From login.conf:
     "The minpasswordlen and minpasswordcase facilities for enforcing restric-
     tions on password quality, which used to be supported by login.conf, have
     been superseded by the pam_passwdqc(8) PAM module."
>How-To-Repeat:
man passwd;man login.conf
>Fix:
Sorry no patch, just replace paragraphs before with info about how to change the password complexity requirements with pam... or just refer to pam and pam_passwdqc(8)

>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-doc mailing list