Describe the bug
In templates/pam_passwdqc.erb#L2 seems to be an accidental paste of passwdqc.erb, which renders the Name: key value pair unusable. This results in an empty line (due to missing Name) when doing pam-auth-update.
Expected behavior
When the accidental paste is removed, the Name value shows up in pam-auth-update:
┌───────────────────────────────────────┤ PAM configuration ├────────────────────────────────────────┐
│ Pluggable Authentication Modules (PAM) determine how authentication, authorization, and password │
│ changing are handled on the system, as well as allowing configuration of additional actions to │
│ take when starting user sessions. │
│ │
│ Some PAM module packages provide profiles that can be used to automatically adjust the behavior │
│ of all PAM-using applications on the system. Please indicate which of these behaviors you wish │
│ to enable. │
│ │
│ PAM profiles to enable: │
│ │
│ [*] tally2 lockout after failed attempts enforcement │
│ [ ] passwdqc password strength enforcement │
│ [ ] Fingerprint authentication │
│ [*] Unix authentication │
│ [*] PKCS11 Smartcard Authentication │
│ [*] Register user sessions in the systemd control group hierarchy │
│ [ ] Create home directory on login │
│ [*] GNOME Keyring Daemon - Login keyring management │
│ [*] Inheritable Capabilities Management │
│ │
│ │
│ <Ok> <Cancel> │
│ │
└────────────────────────────────────────────────────────────────────────────────────────────────────┘
Actual behavior
┌───────────────────────────────────────┤ PAM configuration ├────────────────────────────────────────┐
│ Pluggable Authentication Modules (PAM) determine how authentication, authorization, and password │
│ changing are handled on the system, as well as allowing configuration of additional actions to │
│ take when starting user sessions. │
│ │
│ Some PAM module packages provide profiles that can be used to automatically adjust the behavior │
│ of all PAM-using applications on the system. Please indicate which of these behaviors you wish │
│ to enable. │
│ │
│ PAM profiles to enable: │
│ │
│ [*] tally2 lockout after failed attempts enforcement │
│ [ ] │
│ [ ] Fingerprint authentication │
│ [*] Unix authentication │
│ [*] PKCS11 Smartcard Authentication │
│ [*] Register user sessions in the systemd control group hierarchy │
│ [ ] Create home directory on login │
│ [*] GNOME Keyring Daemon - Login keyring management │
│ [*] Inheritable Capabilities Management │
│ │
│ │
│ <Ok> <Cancel> │
│ │
└────────────────────────────────────────────────────────────────────────────────────────────────────┘
Example code
$ LC_ALL=C sudo pam-auth-update
OS / Environment
$ uname -a
Linux <removed> 5.15.0-48-generic #54~20.04.1-Ubuntu SMP Thu Sep 1 16:17:26 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux
Describe the bug In templates/pam_passwdqc.erb#L2 seems to be an accidental paste of
passwdqc.erb
, which renders theName:
key value pair unusable. This results in an empty line (due to missingName
) when doingpam-auth-update
.Expected behavior When the accidental paste is removed, the
Name
value shows up inpam-auth-update
:Actual behavior
Example code
OS / Environment
Puppet Version