[SOLVED] rebuild cracklib dictionaries

Issues related to applications and software problems
Post Reply
drknut
Posts: 40
Joined: 2016/12/13 11:59:42

[SOLVED] rebuild cracklib dictionaries

Post by drknut » 2019/08/25 06:30:44

Hello All,

I have followed the instructions from https://www.thegeekdiary.com/how-to-add ... nary-words

I appended a word previously accepted by cracklib-check to the /usr/share/dict/linux.words file and now it is refused. That's what I want.

The problem is that the pw_dict.pwd file shrank from 8.3 MB to 2.4 MB.

Obviously the dictionary provided by the cracklib-dicts package is not made from linux.words alone.

What is the complete create-cracklib-dict command to rebuild the pw_dict.pwd as provided by the cracklib-dicts package ?
Last edited by drknut on 2019/08/25 12:47:18, edited 1 time in total.

User avatar
TrevorH
Forum Moderator
Posts: 26971
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: rebuild cracklib dictionaries

Post by TrevorH » 2019/08/25 10:41:23

The file /usr/share/cracklib/pw_dict.pwd is owned by the cracklib-dicts-2.9.0-11.el7.x86_64 package and it is not marked as a config file or a doc file so every time there is an update to that package, it will replace your modified version anyway.

I have no idea how that file is created, you'd probably need to download the SRPM that produces cracklib-dicts-2.9.0-11.el7.x86_64 and read what it does.
CentOS 5 died in March 2017 - migrate NOW!
CentOS 6 goes EOL sooner rather than later, get upgrading!
Full time Geek, part time moderator. Use the FAQ Luke

drknut
Posts: 40
Joined: 2016/12/13 11:59:42

[SOLVED] rebuild cracklib dictionaries

Post by drknut » 2019/08/25 12:46:46

you'd probably need to download the SRPM that produces cracklib-dicts-2.9.0-11.el7.x86_64 and read what it does.
I did that and found 31 lists which, given to create-cracklib-dict , make a 8.1 MB pwd_dict.pwd (instead of 8.3).

I could investigate the differences with cracklib-unpacker, but I won't.
The file /usr/share/cracklib/pw_dict.pwd is owned by the cracklib-dicts-2.9.0-11.el7.x86_64 package and it is not marked as a config file or a doc file so every time there is an update to that package, it will replace your modified version anyway.
It seems that the cracklib software suite has been designed to survive such replacements. The man pages talk about daily cron jobs to rebuild the dictionaries. Unfortunately CentOS Redhat left that part as an exercise for us.

Thank you for your help.

Post Reply

Return to “CentOS 7 - Software Support”