On Tue, Dec 12, 2006 at 10:20:56PM +0100, Erik Norgaard wrote: > Anton Shterenlikht wrote: > >On Fri, Dec 08, 2006 at 09:57:22PM +0100, Erik Norgaard wrote: > >>Anton Shterenlikht wrote: > >>> I can't see how to prescribe periodic passwd change, > >>>only how to set expiry time. At the moment I put the following > >>>line in the root's crontab: > >>> > >>>2 2 2 * * pw usermod shterenl -p "`date '+\%d-\%m-\%Y'`" > >>> > >>>This makes a user's passwd expire once a month. > >>> > >>>Is there a better way to force users change their passwds periodically? > >>You can set it in login.conf, when the password is updated the next > >>expire is automatically set. > > > >I checked login.conf. It seems that passwordtime option has no effect. > >I did a brief search and found many postings describing the same problem: > >many options from login.conf have no effect. Perhaps these are the > >"RESERVED CAPABILITIES' as they are called in the man page. Some people > >list a patch that supposedly fixes the problem, but I'm not sure if it > >applies to 6.2-prerelease thatI'm running. > > > >thanks > >anton > did you remember to cap_mkdb after? from the man page: > > "Whenever changes to this, or the user's ~/.login_conf, file are made, > the modifications will not be picked up until cap_mkdb(1) is used to > compile the file into a database." > > Cheers, Erik
yes, I did. Other options, e.g. passwd_prompt from Authentication category do work, but passwordtime has no effect. There are plenty of similar accounts I found on the net, e.g.: www.derkeiler.com/Mailing-Lists/FreeBSD-Security/2003-02/0039.html "Many login.conf accounting and authentication options broken Date: Mon, 3 Feb 2003 05:40:48 -0800 From: David Schultz <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Most of the accounting options in login.conf(5) and many examples in /etc/login.conf don't seem to work. I can't even find any evidence of a mechanism to support them. (Perhaps an old-timer can tell me where one used to exist, if it used to exist.) ..." thanks anton _______________________________________________ email@example.com mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"