Flatcar icon indicating copy to clipboard operation
Flatcar copied to clipboard
verified publisher icon flatcar

Password quality check failing on Flatcar Linux 4152.2.1

Open snikhil1998 opened this issue 9 months ago • 3 comments

Description

Password quality check is failing due to missing /usr/lib/cracklib_dict.pwd.gz and create-cracklib-dict command is not working since the filesystem is read-only.

Impact

Password quality checks are failing.

Environment and steps to reproduce

  1. Set-up: Flatcar Linux 4152.2.1 on VMware ESXi.
  2. Task: Checking password strength or changing password.
  3. Action(s): Running pwscore, chpasswd, or passwd commands.
  4. Error:
/usr/lib/cracklib_dict.pwd.gz: No such file or directory
Password quality check failed:
 The password fails the dictionary check - error loading dictionary

Expected behavior

Password quality check should give password score.

snikhil1998 avatar Mar 11 '25 06:03 snikhil1998

Hi @snikhil1998,

Thanks for raising this. What's your use case here? From an immutable system approach we should not change passwords on a running Flatcar instance. That said, I think it's possible to do so by building this dictionary from a Docker image and to copy it on the system and then configure pwscore to load the dictionary from a non r-o location.

tormath1 avatar Mar 12 '25 09:03 tormath1

Is there a fix in progress for this? If yes, when can we expect it?

snikhil1998 avatar Mar 13 '25 05:03 snikhil1998

@snikhil1998 Could you please explain the usecase as @tormath1 mentioned in the earlier comment?

sayanchowdhury avatar Jun 06 '25 14:06 sayanchowdhury