You are not logged in.
Pages: 1
I was reading the man page for passwd utility and there are some not clear points for me (both --keep-tokens and --mindays doesn't work properly).
Firstly, how can I see the result of the following option?
-k, --keep-tokens
Indicate password change should be performed only for expired authentication tokens (passwords). The user wishes to keep their non-expired tokens as before.
I thought that the command "passwd -k" won't have effect if my password isn't expired, but this is wrong! I can change any password with "passwd -k"!
Let's create a test user (I will type the following commands as root):
> useradd -m foo
then let's set a password for it:
> passwd foo
Enter new UNIX password: bar
Retype new UNIX password: bar
passwd: password updated successfully
To make sure that the password isn't outdated type this:
> passwd -S foo
foo P 06/23/2008 0 99999 7 -1
99999 is enough large number of days.
But the password will be changed anyway if I'll run "passwd -k" under foo (or "passwd -k foo" under root). Why? What does actually mean the -k option? How can I use it?
Secondly, there is an option to limit the period between password changes - "--mindays":
-m, --mindays MIN_DAYS
Set the minimum number of days between password changes to MIN_DAYS. A value of zero for this field indicates that the user may change his/her password at any time.
But this doesn't work!
Let's create a test user:
> useradd -m bar
with some password:
> passwd bar
Enter new UNIX password: 123
Retype new UNIX password: 123
passwd: password updated successfully
Default value of MIN_DAYS is 0, which means that user can change his/her password at any time:
> passwd -S bar
bar P 06/23/2008 0 99999 7 -1
Set the MIN_DAYS to 3 days by the following commands:
> passwd --mindays 3 bar
Password changed.
> passwd -S bar
bar P 06/23/2008 3 99999 7 -1
According to the man page, the user bar can change his password only once every three days. But this isn't true! Under bar I can change the password indefinite number of times as before!
Thanks!
Offline
Are you changing that bar's password as a root or as a bar user?
Offline
I tried that out as both bar and root.
For example here is three passwd calls:
[bar@aldan-3 sergey]$ passwd -S bar
bar P 06/23/2008 3 99999 7 -1
[bar@aldan-3 sergey]$ passwd
Changing password for bar.
(current) UNIX password:
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
[bar@aldan-3 sergey]$ passwd
Changing password for bar.
(current) UNIX password:
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
[bar@aldan-3 sergey]$ passwd
Changing password for bar.
(current) UNIX password:
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
Offline
Works fine on Debian [SID] so it might be Arch-specific.
Offline
OK, after testing on Slax this evening, I will post a bug to the bug tracker.
Offline
This bug isn't reproduced in Slax (all works as expected), so I've created a bug report: http://bugs.archlinux.org/task/10744
Offline
Pages: 1