URL: https://github.com/freeipa/freeipa/pull/5160 Author: rcritten Title: #5160: Add libpwquality checking to IPA password policy Action: opened
PR body: """ This adds support for some of the libpwquality password checking features:
* palindromes (automatic) * maximum number of repeats in a row * maximum number of monotonic sequences (abcde, 1234, etc) * check for username in the password * dict check via cracklib
I attempted to retain backwards compatibility so didn't enable the character class evaluations. We could totally do this but it add six more knobs.
I didn't enable the gecos check to avoid an nss lookup which would pass through a lot of libraries only to end up back at IPA :-)
Note that pwquality has a minimum character limit of six which is different than IPA so a limit of six is enforced if any of the pwqualtiy values are set.
I suspect the SELinux policy I wrote isn't awesome.
TODO: finalize the IANA attributes and objectclasses values TODO: merge the test into another class or determine frequency to execute TODO: I'm open to ipa-next only """
To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/5160/head:pr5160 git checkout pr5160
URL: https://github.com/freeipa/freeipa/pull/5160 Author: rcritten Title: #5160: Add libpwquality checking to IPA password policy Action: closed
To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/5160/head:pr5160 git checkout pr5160
freeipa-devel@lists.fedorahosted.org