logging password changes
Running current potato and I have the following in /etc/pam.d/passwd:
password required pam_cracklib.so retry=3 minlen=6 difok=4
password required pam_unix.so use_authtok md5
This works well for logging password-changing failures and related
messages. However when a password change is *successful,* nothing is
sent to syslog.
How can I set that up? I've been using
http://www.us.kernel.org/pub/linux/libs/pam/Linux-PAM-html/pam-6.html as
a reference for the module arguments but it appears to be a bit stale.
I tried adding the following line to the end of the stack:
session required pam_unix.so
which did log password changes but it wrote too much crap to the logs
because it sent a log entry as soon as I ran "passwd" as well as another
one when passwd exited:
Apr 3 12:39:06 atw PAM-warn[6608]: service: passwd [on terminal:
<unknown>]
Apr 3 12:39:06 atw PAM-warn[6608]: user: (uid=0) -> test [remote:
?nobody@?nowhere]
Apr 3 12:39:16 atw PAM-warn[6608]: service: passwd [on terminal:
<unknown>]
Apr 3 12:39:16 atw PAM-warn[6608]: user: (uid=0) -> test [remote:
?nobody@?nowhere]
leaving me with 4 mostly-useless lines in the logs.
slink used to log successful password changes, I just am not totally
familiar with PAM yet (getting there though).
Thanks. :)
Reply to: