Set password length to meet VA scan requirements

2019-05-31 10:21:14 +01:00
parent a6f307c6b5
commit 81c0b70a6f
2 changed files with 2 additions and 1 deletions
--- a/1
+++ b/1
@@ -86,7 +86,6 @@ RUN chmod ug+x /usr/local/bin/runmqserver \
  && chmod ug+xs /usr/local/bin/chkmq* \
  && chown -R mqm:mqm /etc/mqm/* \
  && install --directory --mode 0775 --owner mqm --group root /run/runmqserver \
-  && install --directory --mode 0775 --owner mqm --group root /run/tls \
  && touch /run/termination-log \
  && chown mqm:root /run/termination-log \
  && chmod 0660 /run/termination-log
--- a/install-mq.sh
+++ b/install-mq.sh
@@ -90,6 +90,8 @@ ln -s /mnt/mqm/data /var/mqm
 # Optional: Ensure any passwords expire in a timely manner
 sed -i 's/PASS_MAX_DAYS\t99999/PASS_MAX_DAYS\t90/' /etc/login.defs
 sed -i 's/PASS_MIN_DAYS\t0/PASS_MIN_DAYS\t1/' /etc/login.defs
+sed -i 's/PASS_MIN_LEN\t5/PASS_MIN_LEN\t8/' /etc/login.defs
+sed -i 's/# minlen = 9/minlen = 8/' /etc/security/pwquality.conf

 $UBUNTU && PAM_FILE=/etc/pam.d/common-password
 $RPM && PAM_FILE=/etc/pam.d/password-auth