]> git.ipfire.org Git - thirdparty/shadow.git/commitdiff
etc/login.defs: Remove defaults for password expiration
authorAlejandro Colomar <alx@kernel.org>
Mon, 15 Dec 2025 13:03:49 +0000 (14:03 +0100)
committerSerge Hallyn <serge@hallyn.com>
Wed, 15 Jul 2026 14:07:44 +0000 (09:07 -0500)
Expiring passwords has been determined to decrease safety.
Let's default to not expiring passwords.

Signed-off-by: Alejandro Colomar <alx@kernel.org>
etc/login.defs

index 1b81afd82e0b4d37cddfd71910bfbc73c48640e4..f7c1618d0997b08a30a1f608fa35a27857dd633d 100644 (file)
@@ -209,13 +209,9 @@ UMASK              022
 #
 # Password aging controls:
 #
-#      PASS_MAX_DAYS   Maximum number of days a password may be used.
 #      PASS_MIN_LEN    Minimum acceptable password length.
-#      PASS_WARN_AGE   Number of days warning given before a password expires.
 #
-PASS_MAX_DAYS  99999
 PASS_MIN_LEN   5
-PASS_WARN_AGE  7
 
 #
 # If "yes", the user must be listed as a member of the first gid 0 group