XDM/GDM Password Utilities Executed as 'root' Do Not Enforce Password Strength Checks in /etc/default/passwd (pam_authtok_check) (Doc ID 1321384.1)

Symptoms

1) Steps to Reproduce
A user account is created with the password forced to change when the user logs in for the first time (e.g. 'passwd -f <USER>').  A password is provided to the user.  The user logs in and uses the password provided, then the user is prompted to change their password.  The user selects enter, and the user is then prompted to confirm their password.  The user selects enter again and the return message is;

Xdm: password successfully changed for <USER>
The system has excepted a blank password!

2) Detailed Problem Statement
The problem appears to be running the password change utility as root which has no password restrictions, and cannot have any restrictions imposed when changing a password.  If the password change utility is run as a user, the restrictions on the password appear to work correctly as happens when the user telnets into the system.  The problem is that if the xdm interface is run with a user id instead of root, the xdm login will not work.

Cause

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.