Bug 208455 - try_first_pass in man page but nonexistent in pam_unix code
Summary: try_first_pass in man page but nonexistent in pam_unix code
Status: Open
Alias: None
Product: Documentation
Classification: Unclassified
Component: Manual Pages (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Dag-Erling Smørgrav
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2016-04-01 15:37 UTC by mwlucas
Modified: 2024-08-26 13:21 UTC (History)
3 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description mwlucas 2016-04-01 15:37:09 UTC 
pam_unix(8) says:

     try_first_pass      This option is similar to the use_first_pass option,
                         except that if the previously obtained password
                         fails, the user is prompted for another password.

Per DES: The try_first_pass option has never worked. It's never been implemented, in any FreeBSD version. Like, ever. The code isn't even there. This isn't an ex-parrot, it's a wholly imaginary one. It needs to be removed back to the beginning of time.

Should also be removed from the pam_unix entries in /etc/pam.d/* files, but that would require me to fill out an entirely new bug report. And probably make a patch. Making a patch would be SO MUCH more fun than writing a PAM book... but I'm going back to work like a good boy.
Comment 1 Dag-Erling Smørgrav freebsd_committer freebsd_triage 2018-05-12 16:20:52 UTC 
I would really rather implement try_first_pass than remove it from the documentation...  IMCFT
Comment 2 me 2024-08-23 18:46:30 UTC 
I don't see use_first_pass in the code either
Comment 3 Dag-Erling Smørgrav freebsd_committer freebsd_triage 2024-08-26 13:21:33 UTC 
They're both handled (in part) by `pam_get_authtok(3)`.