Bug 82823

Summary: [patch] little addon for /etc/periodic/400.passwdless
Product: Base System Reporter: Wolfgang Lausenbart <u>
Component: confAssignee: freebsd-bugs (Nobody) <bugs>
Status: Open ---    
Severity: Affects Only Me Keywords: patch
Priority: Normal    
Version: Unspecified   
Hardware: Any   
OS: Any   

Description Wolfgang Lausenbart 2005-06-30 16:10:02 UTC
--- 400.passwdless.backup	Wed Jun 29 19:21:24 2005
+++ 400.passwdless	Wed Jun 29 19:22:10 2005
@@ -45,4 +45,16 @@
     *)	rc=0;;
 esac
 
+#exit "$rc"
+

+case "$daily_status_security_passwdless_enable" in
+#this needs to be defined first
+#case "$daily_status_security_pam_enable" in
+    [Yy][Ee][Ss])
+	echo ""
+	echo 'Checking for weak pam configuration:'
+	grep 'optional' /etc/pam.d/* | grep -v '#' | grep -v README;;
+	
+   *)  rc=0;;
+esac
+
 exit "$rc"

Fix: 

not critical, but apply if you want.
How-To-Repeat:       Just goto /etc/pam.d/ and replace 
      "auth required" with "auth optional" a.s.f. 
      and local users could login without
      password. I think it is good style to check
      for this.
Comment 1 Eitan Adler freebsd_committer freebsd_triage 2017-12-31 07:58:31 UTC
For bugs matching the following criteria:

Status: In Progress Changed: (is less than) 2014-06-01

Reset to default assignee and clear in-progress tags.

Mail being skipped
Comment 2 Graham Perrin freebsd_committer freebsd_triage 2022-10-17 12:35:40 UTC
Keyword: 

    patch
or  patch-ready

– in lieu of summary line prefix: 

    [patch]

* bulk change for the keyword
* summary lines may be edited manually (not in bulk). 

Keyword descriptions and search interface: 

    <https://bugs.freebsd.org/bugzilla/describekeywords.cgi>