Just FYI, only root is re-prompted and accepted if they're
persistent. Regular users don't get this curtesy - they *have* to
obey the rules !
> How do
>
> [cc'd JKH: Assuming this passes review, can I put it in 4.0 and MFC? ]
>
> passwd(1) normally enforces mixed case passwords -- or at least it forces
> you to enter the lower case password several times before it will actually
> let you use it.
>
> This is a pain if you're using the Unix password file in a situation where
> lower case passwords are useful. For example, Windows 9x lower cases
> passwords before sending them on to Samba for authentication. You can
> sort of work around this in Samba with the "password level" smb.conf
> setting, but that's a bit of a hack.
>
> It's also a pain if you have to tell your users, when changing their
> passwords, that they have to enter the same password several times
> before the change will be accepted. They ask complicated questions
> like "Why should I?", and then they walk off without listening to the
> answer. . .
>
> So, attached is a tiny patch that teaches passwd(1) about a new login.conf
> setting, "mixpasswordcase".
>
> By default, everything is exactly as it was before. However, if you have
>
> :mixpasswordcase@:
>
> somewhere appropriate in your login.conf file, passwd(1) will allow lower
> case passwords for those users without further complaint.
>
> Thoughts?
>
> N
> --
> If you want to imagine the future, imagine a tennis shoe stamping
> on a penguin's face forever.
> --- with apologies to George Orwell
>
> --Q68bSM7Ycu6FN28Q
> Content-Type: text/plain; charset=us-ascii
> Content-Disposition: attachment; filename=diff
>
> Index: local_passwd.c
> ===================================================================
> RCS file: /home/ncvs/src/usr.bin/passwd/local_passwd.c,v
> retrieving revision 1.23
> diff -u -r1.23 local_passwd.c
> --- local_passwd.c 1999/08/28 01:04:51 1.23
> +++ local_passwd.c 2000/02/08 19:25:05
> @@ -95,6 +95,7 @@
> int nis;
> {
> int tries, min_length = 6;
> + int force_mix_case = 1;
> char *p, *t;
> #ifdef LOGIN_CAP
> login_cap_t * lc;
> @@ -114,7 +115,8 @@
>
> #ifdef LOGIN_CAP
> /*
> - * Determine minimum password length and next password change date.
> + * Determine minimum password length, next password change date,
> + * and whether or not to force mixed case passwords.
> * Note that even for NIS passwords, login_cap is still used.
> */
> if ((lc = login_getpwclass(pw)) != NULL) {
> @@ -128,6 +130,8 @@
> if (period > (time_t)0) {
> pw->pw_change = time(NULL) + period;
> }
> + /* mixpasswordcase capability */
> + force_mix_case = login_getcapbool(lc, "mixpasswordcase", 1);
> login_close(lc);
> }
> #endif
> @@ -142,10 +146,13 @@
> (void)printf("Please enter a password at least %d characters
>in length.\n", min_length);
> continue;
> }
> - for (t = p; *t && islower(*t); ++t);
> - if (!*t && (uid != 0 || ++tries < 2)) {
> - (void)printf("Please don't use an all-lower case
>password.\nUnusual capitalization, control characters or digits are suggested.\n");
> - continue;
> +
> + if (force_mix_case) {
> + for (t = p; *t && islower(*t); ++t);
> + if (!*t && (uid != 0 || ++tries < 2)) {
> + (void)printf("Please don't use an all-lower case
>password.\nUnusual capitalization, control characters or digits are suggested.\n");
> + continue;
> + }
> }
> (void)strcpy(buf, p);
> if (!strcmp(buf, getpass("Retype new password:")))
> Index: passwd.1
> ===================================================================
> RCS file: /home/ncvs/src/usr.bin/passwd/passwd.1,v
> retrieving revision 1.16
> diff -u -r1.16 passwd.1
> --- passwd.1 1999/08/28 01:04:51 1.16
> +++ passwd.1 2000/02/08 19:14:50
> @@ -70,8 +70,17 @@
> Its total length must be less than
> .Dv _PASSWORD_LEN
> (currently 128 characters).
> -Numbers, upper case letters and meta characters
> -are encouraged.
> +.Pp
> +The new password should contain a mixture of upper and lower case
> +characters (which may be overridden using the
> +.Xr login.conf 5
> +.if t ``mixpasswordcase''
> +.if n "mixpasswordcase"
> +setting for a user's login class). Allowing lower case passwords may
> +be useful where the password file will be used in situations where only
> +lower case passwords are permissable, such as when using Samba to
> +authenticate Windows clients. In all other situations, numbers, upper
> +case letters and meta characters are encouraged.
> .Pp
> Once the password has been verified,
> .Nm passwd
>
> --Q68bSM7Ycu6FN28Q--
>
>
> To Unsubscribe: send mail to [EMAIL PROTECTED]
> with "unsubscribe freebsd-current" in the body of the message
>
--
Brian <[EMAIL PROTECTED]> <[EMAIL PROTECTED]>
<http://www.Awfulhak.org> <[EMAIL PROTECTED]>
Don't _EVER_ lose your sense of humour ! <[EMAIL PROTECTED]>
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message
