LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices

Reply
 
Search this Thread
Old 01-03-2012, 05:26 AM   #1
sudh
LQ Newbie
 
Registered: Nov 2007
Posts: 6

Rep: Reputation: 0
Password doesn't expire after expiry date


Hi,
I modified the expiry date of the password for a user in order to simulate an expiry and forced password reset scenario. However, the distro fails to recognise the expiry and continues to accept the expired password for almost a day after the expiry date.

Steps followed:-
1) Set the expiry date to a day ahead using the chage -M command for the user 'user'

2) O/p from the chage -l command is as below:-
# chage -l user
Last password change: Jan 03, 2012
Password expires : Jan 04, 2012
Password inactive : never
Account expires : never
Minimum number of days between password change : 0
Maximum number of days between password change : 1
Number of days of warning before password expires: 0

3) Set the date as Jan 04, 2012 00:01 hrs using the date -s option

4) Tried to login using the old password. Was able to login successfully without being asked to reset my password.

Is the behaviour in step 4 expected? Shouldn't it force me to reset my password before I can proceed?

Thanks in advance!!
 
Old 01-03-2012, 10:23 AM   #2
kbscores
Member
 
Registered: Oct 2011
Location: USA
Distribution: Red Hat
Posts: 259
Blog Entries: 9

Rep: Reputation: 32
Code:
chage -d 0 <username>
Will force password reset through expiration.

Also for expiration check to verify expiration was set correctly there are a few places it can be set.

/etc/login.defs
/etc/default/useradd


Also -- for setting a specific user's expiration I recommend just using:

Code:
passwd -x 56 <username>
That will set expiration to 56 for specified user.

Then check /etc/shadow to verify expiration is set correctly for test user. (4th from the end)

Last edited by kbscores; 01-03-2012 at 10:25 AM.
 
Old 01-03-2012, 10:23 PM   #3
sudh
LQ Newbie
 
Registered: Nov 2007
Posts: 6

Original Poster
Rep: Reputation: 0
Thank you for the reply.

I tried using the passwd -x command but it seems to set the expiry date relative to the date of the last password change. Is there any other command apart from the chage -M, that can be used to set the expiry date relative to the current date?

Also, the passwd -x still allows me to login with my old password as mentioned earlier. Any idea on why that might be happening?

Last edited by sudh; 01-03-2012 at 10:44 PM.
 
Old 01-04-2012, 03:17 PM   #4
kbscores
Member
 
Registered: Oct 2011
Location: USA
Distribution: Red Hat
Posts: 259
Blog Entries: 9

Rep: Reputation: 32
chage -d sets relative to Jan 01 1970 -- so with some math you could use it. I also know you can use a specific day with it - Here is what man has:

-d, --lastday LAST_DAY
Set the number of days since January 1st, 1970 when the password was last changed. The date may also be expressed in the format YYYY-MM-DD (or the format more commonly used in your area).

-E, --expiredate EXPIRE_DATE
Set the date or number of days since January 1, 1970 on which the user's account will no longer be accessible. The date may also be expressed in the format YYYY-MM-DD (or the format more commonly used in your area). A user whose account is locked must contact the system administrator before being able to use the system again.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
find expiry date of SSLcertificate sunilsagar Programming 1 09-21-2011 06:25 AM
How do I set a user password to expire on a specific date? Linuxwho? Linux - Newbie 5 07-06-2009 01:40 PM
Expiry date for users kapilbajpai88 Linux - Newbie 3 04-27-2009 02:46 PM
how to check the password expiry date of a user? binary_0011 Other *NIX 1 06-04-2008 01:37 AM
expire date in useradd ALInux Linux - Security 2 11-08-2005 08:30 AM


All times are GMT -5. The time now is 04:53 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration