vCloud

View Only

Reset the password history on vCD cells

JDMils_Interact posted Sep 02, 2025 11:16 PM

I have been informed that the file /etc/pam.d/system-password holds the password history days:

# Begin /etc/pam.d/system-password
password    requisite   pam_cracklib.so     minlen=8 minclass=4 difok=4 maxsequence=0 retry=3 enforce_for_root
password    requisite   pam_pwhistory.so    retry=3 remember=5 enforce_for_root
password    required    pam_unix.so         sha512 shadow use_authtok
# End /etc/pam.d/system-password

I need to reset the password to the existing one as it has automatically expired (I know, I know) but when I edit the file and change "remember=5" to "remember=0", and then try to write and quit using ":!wq", I get the error:

/bin/bash: wq: command not found
shell returned 127
Press ENTER or type command to continue

and it throws me back into the editor.

However if I use ":wq" it saves the changes and quits.

What's the difference? I've used ":!wq" before in vCenter and ESXi files without issues.

vCD is 10.4.3.23064643

CMS201110141 posted Sep 03, 2025 03:23 AM

Actually this is "regular behavior" for the vi (or vim) editor.

If you start the command with an exclamation mark it will be passed to the shell and executed there, so for example
:!ls
will show a listing of the current directory (and ":!wq" leads to an error message as the shell does not know about a comand called wg).

The exclamation mark at the end of the command however just means to force the command, so
:wq!
will write and and quite even if the file is marked as read-only (assuming the user has the appropriate permission to perform the taks) and
:q!
will exit without saving even if there are unsaved changes.

If this did work differently on ESXi in the past I can only guess that the vi was so limited that it didn't support the execution of shell commands and instead it used the "force" meanining of the "!" regardless of its position.

Regards,

Carl