* change that password.
*/
- if ((status > 1) || (sp->sp_max < sp->sp_min)) {
+ if (status > 1) {
(void) puts (_(" Contact the system administrator."));
exit (EXIT_FAILURE);
}
* file. They are set to uninitialized values.
*/
sp.sp_lstchg = -1;
- sp.sp_min = 0;
+ sp.sp_min = -1;
sp.sp_max = -1;
sp.sp_warn = -1;
sp.sp_expire = -1;
else if (a2sl(&spwd.sp_lstchg, fields[2], NULL, 0, 0, LONG_MAX) == -1)
return NULL;
- /*
- * Get the minimum period between password changes.
- */
-
- if (streq(fields[3], ""))
- spwd.sp_min = -1;
- else if (a2sl(&spwd.sp_min, fields[3], NULL, 0, 0, LONG_MAX) == -1)
- return NULL;
+ spwd.sp_min = -1;
/*
* Get the maximum number of days a password is valid.
}
/* The libc might define other fields. They won't be copied. */
sp->sp_lstchg = spent->sp_lstchg;
- sp->sp_min = spent->sp_min;
+ sp->sp_min = -1;
sp->sp_max = spent->sp_max;
sp->sp_warn = spent->sp_warn;
sp->sp_inact = spent->sp_inact;
<varlistentry>
<term><emphasis role="bold">minimum password age</emphasis></term>
<listitem>
- <para>
- The minimum password age is the number of days the user must wait
- before they can change their password again.
- </para>
- <para>
- An empty field and value 0 mean that there is no minimum
- password age.
- </para>
+ <para>This deprecated field should be empty, and is ignored.</para>
</listitem>
</varlistentry>
<varlistentry>
static char user_name[BUFSIZ] = "";
static uid_t user_uid = -1;
-static long mindays;
static long maxdays;
static long lstchgdate;
static long warndays;
(void) puts (_("Enter the new value, or press ENTER for the default"));
(void) puts ("");
- mindays = -1;
-
stprintf_a(buf, "%ld", maxdays);
change_field(buf, sizeof(buf), _("Maximum Password Age"));
if (a2sl(&maxdays, buf, NULL, 0, -1, LONG_MAX) == -1)
(void) fputs (_("Account expires\t\t\t\t\t\t: "), stdout);
print_day_as_date(expdate);
- /*
- * Start with the easy numbers - the number of days before the
- * password can be changed, the number of days after which the
- * password must be changed, the number of days before the password
- * expires that the user is told, and the number of days after the
- * password expires that the account becomes unusable.
- */
- printf (_("Minimum number of days between password change\t\t: %ld\n"),
- mindays);
printf (_("Maximum number of days between password change\t\t: %ld\n"),
maxdays);
printf (_("Number of days of warning before password expires\t: %ld\n"),
* password files will commit any changes that have been made.
*/
spwent.sp_max = maxdays;
- spwent.sp_min = mindays;
+ spwent.sp_min = -1;
spwent.sp_lstchg = lstchgdate;
spwent.sp_warn = warndays;
spwent.sp_inact = inactdays;
if (!Mflg) {
maxdays = sp->sp_max;
}
- mindays = sp->sp_min;
if (!dflg) {
lstchgdate = sp->sp_lstchg;
}
if (!Mflg) {
maxdays = -1;
}
- mindays = -1;
if (!dflg) {
lstchgdate = -1;
}
/*
* Expired accounts cannot be changed ever. Passwords which are
- * locked may not be changed. Passwords where min > max may not be
- * changed. Passwords which have been inactive too long cannot be
- * changed.
+ * locked may not be changed.
+ * Passwords which have been inactive too long cannot be changed.
*/
if ( strprefix(sp->sp_pwdp, "!")
- || (exp_status > 1)
- || ( (sp->sp_max >= 0)
- && (sp->sp_min > sp->sp_max))) {
+ || (exp_status > 1)) {
(void) fprintf (stderr,
_("The password for %s cannot be changed.\n"),
sp->sp_namp);
closelog ();
fail_exit(E_NOPERM, process_selinux);
}
-
- /*
- * Passwords may only be changed after sp_min time is up.
- */
- if (sp->sp_lstchg > 0) {
- long now, ok;
- now = time(NULL) / DAY;
- ok = sp->sp_lstchg;
- if ( (sp->sp_min > 0)
- && __builtin_add_overflow(ok, sp->sp_min, &ok)) {
- ok = LONG_MAX;
- }
-
- if (now < ok) {
- (void) fprintf (stderr,
- _("The password for %s cannot be changed yet.\n"),
- sp->sp_namp);
- SYSLOG(LOG_WARN, "now < minimum age for '%s'", sp->sp_namp);
- closelog ();
- fail_exit(E_NOPERM, process_selinux);
- }
- }
}
static /*@observer@*/const char *pw_status (const char *pass)
sp = prefix_getspnam (pw->pw_name); /* local, no need for xprefix_getspnam */
if (NULL != sp) {
day_to_str_a(date, sp->sp_lstchg);
- (void) printf ("%s %s %s %ld %ld %ld %ld\n",
+ (void) printf ("%s %s %s -1 %ld %ld %ld\n",
pw->pw_name,
pw_status (sp->sp_pwdp),
date,
- sp->sp_min,
sp->sp_max,
sp->sp_warn,
sp->sp_inact);
assert shadow_entry.name == "tuser1", "Incorrect username"
assert shadow_entry.password is not None, "Incorrect password"
assert shadow_entry.last_changed == days_since_epoch(), "Incorrect last changed"
- assert shadow_entry.min_days == 0, "Incorrect min days"
+ assert shadow_entry.min_days is None, "Incorrect min days"
assert shadow_entry.max_days == 99999, "Incorrect max days"
assert shadow_entry.warn_days == 7, "Incorrect warn days"
assert shadow_entry.name == "tuser2", "Incorrect username"
assert shadow_entry.password is not None, "Incorrect password"
assert shadow_entry.last_changed == days_since_epoch(), "Incorrect last changed"
- assert shadow_entry.min_days == 0, "Incorrect min days"
+ assert shadow_entry.min_days is None, "Incorrect min days"
assert shadow_entry.max_days == 99999, "Incorrect max days"
assert shadow_entry.warn_days == 7, "Incorrect warn days"
assert shadow_entry.name == "tuser1", "Incorrect username"
assert shadow_entry.password is not None, "Incorrect password"
assert shadow_entry.last_changed == days_since_epoch(), "Incorrect last changed"
- assert shadow_entry.min_days == 0, "Incorrect min days"
+ assert shadow_entry.min_days is None, "Incorrect min days"
assert shadow_entry.max_days == 99999, "Incorrect max days"
assert shadow_entry.warn_days == 7, "Incorrect warn days"
assert shadow_entry.name == "tuser2", "Incorrect username"
assert shadow_entry.password is not None, "Incorrect password"
assert shadow_entry.last_changed == days_since_epoch(), "Incorrect last changed"
- assert shadow_entry.min_days == 0, "Incorrect min days"
+ assert shadow_entry.min_days is None, "Incorrect min days"
assert shadow_entry.max_days == 99999, "Incorrect max days"
assert shadow_entry.warn_days == 7, "Incorrect warn days"
assert shadow_entry.name == "tuser", "Incorrect username"
assert shadow_entry.password == "!", "Incorrect password"
assert shadow_entry.last_changed == days_since_epoch(), "Incorrect last changed"
- assert shadow_entry.min_days == 0, "Incorrect min days"
+ assert shadow_entry.min_days is None, "Incorrect min days"
assert shadow_entry.max_days == 99999, "Incorrect max days"
assert shadow_entry.warn_days == 7, "Incorrect warn days"