diff options
Diffstat (limited to 'doc/man/pwquality.conf.5.pod')
| -rw-r--r-- | doc/man/pwquality.conf.5.pod | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/doc/man/pwquality.conf.5.pod b/doc/man/pwquality.conf.5.pod index 4d90285..47d6fd0 100644 --- a/doc/man/pwquality.conf.5.pod +++ b/doc/man/pwquality.conf.5.pod @@ -129,6 +129,26 @@ not created yet. Path to the cracklib dictionaries. Default is to use the cracklib default. +=item B<retry=>I<N> + +Prompt user at most I<N> times before returning with error. The default is +I<1>. + +=item B<enforce_for_root> + +The module will return error on failed check even if the user changing the +password is root. This option is off by default which means that just +the message about the failed check is printed but root can change +the password anyway. Note that root is not asked for an old password +so the checks that compare the old and new password are not performed. + +=item B<local_users_only> + +The module will not test the password quality for users that are not present +in the F</etc/passwd> file. The module still asks for the password so +the following modules in the stack can use the B<use_authtok> option. +This option is off by default. + =back =head1 SEE ALSO |