Logging a User Off

LCDR Michael E. Dobson rdc30med at nmrdc1.nmrdc.nnmc.navy.mil
Thu Sep 13 05:38:48 AEST 1990


In article <544 at fciva.FRANKLIN.COM> dag at fciva.UUCP (Daniel A. Graifer) writes:
>
>I believe the passwd mechanism supported this before the options for managing
>it were added to /bin/passwd.  You should find the file format for /etc/passwd
>(I believe it is in section 4 of the Programmer's Reference Manual).  There is
>some combination of characters which are not valid encryption results (ex. ",",
>".", and "/") that are appended to the encrypted password field.  I forget 
>where the 'last change date' is stored.

It indeed does.  A ',' after the encryption field defines the beginning of
the passwd aging and last changed fields.  It is stored as four alphanumeric
values, the first two being the min and max password age values and the last 
two defining the last changed date.

On my system, all new users have ',B3' in the passwd field of /etc/passwd.  
This forces all new users to assign a password at first login and they can't 
by-pass it.  It also forces them to choose a new password every 120 days and 
prevents them from changing for 30 days after the last change.  See the passwd 
man page on Sys V for details and what the field values mean.

-- 
Mike Dobson, Sys Admin for      | Internet: rdc30med at nmrdc1.nmrdc.nnmc.navy.mil
nmrdc1.nmrdc.nnmc.navy.mil      | UUCP:   ...uunet!mimsy!nmrdc1!rdc30med
AT&T 3B2/600G Sys V R 3.2.2     | BITNET:   dobson at usuhsb.bitnet
WIN/TCP for 3B2                 | MCI-Mail: 377-2719 or 0003772719 at mcimail.com



More information about the Comp.unix.shell mailing list