On Tue, Dec 12, 2006 at 10:20:56PM +0100, Erik Norgaard wrote:
> Anton Shterenlikht wrote:
> >On Fri, Dec 08, 2006 at 09:57:22PM +0100, Erik Norgaard wrote:
> >>Anton Shterenlikht wrote:
> >>>   I can't see how to prescribe periodic passwd change,
> >>>only how to set expiry time. At the moment I put the following
> >>>line in the root's crontab:
> >>>
> >>>2 2 2 * * pw usermod shterenl -p "`date '+\%d-\%m-\%Y'`"
> >>>
> >>>This makes a user's passwd expire once a month.
> >>>
> >>>Is there a better way to force users change their passwds periodically?
> >>You can set it in login.conf, when the password is updated the next 
> >>expire is automatically set.
> >
> >I checked login.conf. It seems that passwordtime option has no effect.
> >I did a brief search and found many postings describing the same problem:
> >many options from login.conf have no effect. Perhaps these are the
> >"RESERVED CAPABILITIES' as they are called in the man page. Some people
> >list a patch that supposedly fixes the problem, but I'm not sure if it
> >applies to 6.2-prerelease thatI'm running.
> >
> >thanks
> >anton
> did you remember to cap_mkdb after? from the man page:
> 
> "Whenever changes to this, or the user's ~/.login_conf, file are made, 
> the modifications will not be picked up until cap_mkdb(1) is used to 
> compile the file into a database."
> 
> Cheers, Erik

        yes, I did. Other options, e.g. passwd_prompt from
Authentication category do work, but passwordtime has no effect.
There are plenty of similar accounts I found on the net, e.g.:

www.derkeiler.com/Mailing-Lists/FreeBSD-Security/2003-02/0039.html

"Many login.conf accounting and authentication options broken
Date: Mon, 3 Feb 2003 05:40:48 -0800
From: David Schultz <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]

   Most of the accounting options in login.conf(5) and many examples
   in /etc/login.conf don't seem to work. I can't even find any
   evidence of a mechanism to support them. (Perhaps an old-timer
   can tell me where one used to exist, if it used to exist.) ..."

thanks
anton
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to