The OpenLDAP project I am currently working on requires mandatory password strength checking in addition to password policy definitions. OpenLDAP supports the password policy specification out of the box. Password strength checking, however, requires writing a custom module as no such module is currently included.

Note that the OpenLDAP password policy implementation is based on an RFC draft.

I have written an OpenLDAP module that checks passwords for a minimum length of 6 characters and the presence of at least three out of four of lower, upper, digit and punctuation characters. Additionally, the module runs the password through cracklib (if cracklib has been linked in).

We have used LDAP in a lot of our projects.

Most of them are based on OpenLDAP software.

eCryptfs, An Enterprise-class Encrypted Filesystem for Linux

eCryptfs is a cryptographic filesystem for Linux that stacks on top of existing filesystems. It provides functionality similar to that of GnuPG, except the process of encrypting and decrypting the data is done transparently from the perspective of the application. eCryptfs leverages the recently introduced Linux kernel keyring service, the kernel cryptographic API, the Linux Pluggable Authentication Modules (PAM) framework, OpenSSL/GPGME, the Trusted Platform Module (TPM), and the GnuPG keyring in order to make the process of key and authentication token management seamless to the end user.

The main configuration file is

/etc/multipath.conf

. The following configuration file is for use with a Hitachi SAN.

OCFS2 main configuration file is
/etc/ocfs2/cluster.conf

Oracle states that this file should only be edited using ocfs2console, a GTK GUI which is part of the project.