pwquality: password policy updates

pwquality.conf provides a way to configure the password quality
requirements. This file is used by libpwquality library and utilities
for checking and generating passwords.

This commit enforces below additional password quality requirements

   - The minimum number of required classes of characters for the new
     password (digits, uppercase, lowercase, others).
     minclass=2
   - Whether to check for the words from the cracklib dictionary.
     The check is enabled if the value is not 0.
     dictcheck=1
   - Whether to check if it contains the user name in some form.
     The check is enabled if the value is not 0.
     usercheck=1
   - The maximum length of monotonic character sequences in the new password.
     Examples of such sequence are '12345' or 'fedcb'. Note that most such
     passwords will not pass the simplicity check unless the sequence is only
     a minor part of the password. The check is disabled if the value is 0.
     (default 0)
     maxsequence=1

Tested: p10 build verified.

Change-Id: I4cad5685646640f938cad4847ee930fd953994b7
Signed-off-by: Jayanth Othayoth <ojayanth@in.ibm.com>

1 files changed, 4 insertions, 0 deletions

diff --git a/meta-phosphor/recipes-extended/libpwquality/libpwquality/pwquality.conf b/meta-phosphor/recipes-extended/libpwquality/libpwquality/pwquality.conf
index 048c0fd7d5..5a54dc7345 100644
--- a/meta-phosphor/recipes-extended/libpwquality/libpwquality/pwquality.conf
+++ b/meta-phosphor/recipes-extended/libpwquality/libpwquality/pwquality.conf
@@ -5,3 +5,7 @@ lcredit=0
 ocredit=0
 dcredit=0
 ucredit=0
+minclass=2
+usercheck=1
+dictcheck=1
+maxsequence=3