PAM:Enable password history pam module
pam password history module is required to not allow the
history passwords.
We have the following D-bus property which is required this
module.
https://github.com/openbmc/phosphor-dbus-interfaces/blob/master/
xyz/openbmc_project/User/AccountPolicy.interface.yaml#L27
Change-Id: Ia55b2e17d98a9cfdce7932b4180f22f8dac5133c
Signed-off-by: Ratan Gupta <ratagupt@linux.vnet.ibm.com>
diff --git a/recipes-core/pam/libpam/pam.d/common-password b/recipes-core/pam/libpam/pam.d/common-password
index ac3f368..f0f0518 100644
--- a/recipes-core/pam/libpam/pam.d/common-password
+++ b/recipes-core/pam/libpam/pam.d/common-password
@@ -18,7 +18,7 @@
# here are the per-package modules (the "Primary" block)
password [success=ok default=die] pam_ipmicheck.so spec_grp_name=ipmi
password [success=ok default=die] pam_cracklib.so debug enforce_for_root reject_username minlen=8 difok=0 use_authtok
-#password [success=ok ignore=ignore default=die] pam_pwhistory.so debug enforce_for_root remember=0 use_authtok
+password [success=ok ignore=ignore default=die] pam_pwhistory.so debug enforce_for_root remember=0 use_authtok
password [success=ok default=die] pam_unix.so sha512 use_authtok
password [success=1 default=die] pam_ipmisave.so spec_grp_name=ipmi spec_pass_file=/etc/ipmi_pass key_file=/etc/key_file
# here's the fallback if no module succeeds