THat is correct. You will also need to run through /etc/shadow and
make sure that any account with passwords has the correct values in
them also.
What do you exactly mean by running through /etc/shadow.
Password history you will need to use the pam_passwdqc moduel in pam.
Most security policies will ask for a minimum length of 7 characters
(though 8 is preferred), and a change time of 90 days.
As I mentioned, I changed /etc/pam.d/system-auth file and
/etc/login.defs file(Made minimum password length as 9), but it is not
reflecting when the user issues passwd command.
I will do some home work here and get back to you on Monday.
--
Stephen J Smoogen.
CSIRT/Linux System Administrator