VMware Cloud Community
jfinegan
Contributor
Contributor

Why is "nullok" specified as part of the pam_unix.so definitions in /etc/pam.d/vmtoolsd

The "nullok" option on instructs the pam_unix.so module to allow a blank password (which is not the default). Ref: http://linux.die.net/man/8/pam_unix

Why is this necessary to enable null passwords under pam_unix.so within the /etc/pam.d/vmtoolsd configuration file? Can this option be removed?

The default /etc/pam.d/vmtoolsd file is:

     #%PAM-1.0
     auth       sufficient       pam_unix2.so shadow nullok
     auth       sufficient       pam_unix.so shadow nullok
     auth       required         pam_unix_auth.so shadow nullok
     account    sufficient       pam_unix2.so
     account    sufficient       pam_unix.so
     account    required         pam_unix_acct.so

Thank you in advance.

Tags (1)
0 Kudos
1 Reply
MisterTrep
Contributor
Contributor

I 've got the same question, can someone help us ?

0 Kudos