[SOLVED] rebuild cracklib dictionaries

Issues related to applications and software problems
Post Reply
drknut
Posts: 50
Joined: 2016/12/13 11:59:42

[SOLVED] rebuild cracklib dictionaries

Post by drknut » 2019/08/25 06:30:44

Hello All,

I have followed the instructions from https://www.thegeekdiary.com/how-to-add ... nary-words

I appended a word previously accepted by cracklib-check to the /usr/share/dict/linux.words file and now it is refused. That's what I want.

The problem is that the pw_dict.pwd file shrank from 8.3 MB to 2.4 MB.

Obviously the dictionary provided by the cracklib-dicts package is not made from linux.words alone.

What is the complete create-cracklib-dict command to rebuild the pw_dict.pwd as provided by the cracklib-dicts package ?
Last edited by drknut on 2019/08/25 12:47:18, edited 1 time in total.

User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: rebuild cracklib dictionaries

Post by TrevorH » 2019/08/25 10:41:23

The file /usr/share/cracklib/pw_dict.pwd is owned by the cracklib-dicts-2.9.0-11.el7.x86_64 package and it is not marked as a config file or a doc file so every time there is an update to that package, it will replace your modified version anyway.

I have no idea how that file is created, you'd probably need to download the SRPM that produces cracklib-dicts-2.9.0-11.el7.x86_64 and read what it does.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

drknut
Posts: 50
Joined: 2016/12/13 11:59:42

[SOLVED] rebuild cracklib dictionaries

Post by drknut » 2019/08/25 12:46:46

you'd probably need to download the SRPM that produces cracklib-dicts-2.9.0-11.el7.x86_64 and read what it does.
I did that and found 31 lists which, given to create-cracklib-dict , make a 8.1 MB pwd_dict.pwd (instead of 8.3).

I could investigate the differences with cracklib-unpacker, but I won't.
The file /usr/share/cracklib/pw_dict.pwd is owned by the cracklib-dicts-2.9.0-11.el7.x86_64 package and it is not marked as a config file or a doc file so every time there is an update to that package, it will replace your modified version anyway.
It seems that the cracklib software suite has been designed to survive such replacements. The man pages talk about daily cron jobs to rebuild the dictionaries. Unfortunately CentOS Redhat left that part as an exercise for us.

Thank you for your help.

Post Reply