Mar 12, 2019 · The pam_cracklib module is enabled via the system's standard PAM configuration interface. On Debian systems, this is the /etc/pam.d/common-password file (but it's /etc/pam.d/system-auth on RedHat-derived systems--can't we all just get along?). The typical configuration looks something like this:
auth required pam_env.so auth sufficient pam_unix.so nullok auth requisite pam_succeed_if.so uid >= 500 quiet auth required pam_deny.so After modification, changes in bold : auth required pam_env.so auth optional libmapr_pam.so # MapR PAM module auth sufficient pam_unix.so nullok try_first_pass auth requisite pam_succeed_if.so uid >= 500 quiet ...
ふとPAMの設定ファイルを眺めてたらpam-auth-update(8)というスクリプトがあるらしいことを知った。 manによるとauth-client-configと同じく 自動的にPAMの設定を書き換えてくれるすごいやつで、
Univention Bugzilla – Bug 38510. univention-system-setup-boot calls pam-auth-update. Last modified: 2015-05-15 07:52:36 CEST