I switch to md5-hashing by replacing \"prefix=$2a$\" in /etc/pam.d/system-auth with \"md5\", create a new user and try to set a password for him. passwd (run under root) fails to do this: Enter new password: Re-type new password: passwd: Memory buffer error. (And with \"prefix=$2a$\" it works.) In syslog-messages we can see this: Jul 4 20:37:28 shamrock pam_tcb[18898]: crypt_gensalt_ra: Invalid argument --- use the attached /etc/pam.d/system-auth $ useradd t $ passwd t You can now choose the new password or passphrase. A valid password should be a mix of upper and lower case letters, digits and other characters. You can use an 8 character long password with characters from at least 3 of these 4 classes, or a 7 character long password containing characters from all the classes. Characters that form a common pattern are discarded by the check. A passphrase should be of at least 3 words, 12 to 40 characters long and contain enough different characters. Alternatively, if noone else can see your terminal now, you can pick this as your password: \"format_behave&exempt\". Enter new password: Re-type new password: passwd: Memory buffer error. $ --- # rpm -qa passwd \'*tcb*\' \'*pam*\' glibc | sort -u glibc-2.2.5-alt10 libpam-0.75-alt15 libtcb-0.9.7.1-alt1 nss_tcb-0.9.7.1-alt1 pam-0.75-alt15 pam-config-1.1.2-alt1 pam_console-0.75-alt15 pam_passwdqc-0.4-alt3 pam_tcb-0.9.7.1-alt1 pam_userpass-0.5-alt3 passwd-1.0.0-alt1 tcb-utils-0.9.7.1-alt1# rpm -qa passwd \'*tcb*\' \'*pam*\' glibc | sort -u | xargs rpm -V S.5....T c /etc/pam.d/system-auth
There are no bug at all, neither in \"passwd\" nor in \"pam_tcb\" or in \"libcrypt\". Every time you change password hashing algorithm for pam_tcb, please ensure you do it right way; for example, change of \"prefix\" parameter also requires update of \"count\" parameter.
