Closed linuxdan closed 5 years ago
The STIG reads that you need to use 'pwquality'. This module puts those password lines in a different file from /etc/pam.d/passwd is all. Think they should be in /etc/pam.d/password-auth-ac or system-auth-ac.
From that stigviewer link: cat /etc/pam.d/passwd | grep pam_pwquality Nessus is looking for the line in /etc/pam.d/passwd But the openscap scanner is looking in /etc/pam.d/system-auth
Hi, Sounds like you need some symlinks setup to make this pass. I'm not sure where to go from here.
DISA STIG for RHEL 7 calls for a non-default line in /etc/pam.d/passwd
RHEL-07-010119
https://www.stigviewer.com/stig/red_hat_enterprise_linux_7/2017-12-14/finding/V-73159
https://github.com/ghoneycutt/puppet-module-pam/issues/180 did not answer the issue Changes to pam_password_lines propagates to /etc/pam.d/system-auth-ac
I need /etc/pam.d/passwd