From: Alejandro Colomar Date: Tue, 16 Dec 2025 19:53:31 +0000 (+0100) Subject: */: passwd(1): -n,--mindays: Remove option X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=46b15cd769b584ce7dfeb9927912fddddce1ffca;p=thirdparty%2Fshadow.git */: passwd(1): -n,--mindays: Remove option It makes no sense to limit the frequency of password change. If one changes its password, and 5 minutes later the password is leaked, one should be able to change the password immediately. Link: Reviewed-by: Serge Hallyn Signed-off-by: Alejandro Colomar --- diff --git a/man/passwd.1.xml b/man/passwd.1.xml index f05efab53..54da906c7 100644 --- a/man/passwd.1.xml +++ b/man/passwd.1.xml @@ -236,18 +236,6 @@ - - - ,  MIN_DAYS - - - - Set the minimum number of days between password changes to - MIN_DAYS. A value of zero for this field - indicates that the user may change their password at any time. - - - , diff --git a/src/passwd.c b/src/passwd.c index 351252e0b..7e9f63e6b 100644 --- a/src/passwd.c +++ b/src/passwd.c @@ -79,7 +79,6 @@ static bool iflg = false, /* -i - set inactive days */ kflg = false, /* -k - change only if expired */ lflg = false, /* -l - lock the user's password */ - nflg = false, /* -n - set minimum days */ qflg = false, /* -q - quiet mode */ Sflg = false, /* -S - show password status */ uflg = false, /* -u - unlock the user's password */ @@ -93,7 +92,6 @@ static bool */ static bool anyflag = false; -static long age_min = 0; /* Minimum days before change */ static long age_max = 0; /* Maximum days until change */ static long warn = 0; /* Warning days before change */ static long inact = 0; /* Days without change before locked */ @@ -163,8 +161,6 @@ usage (int status) (void) fputs (_(" -i, --inactive INACTIVE set password inactive after expiration\n" " to INACTIVE\n"), usageout); (void) fputs (_(" -l, --lock lock the password of the named account\n"), usageout); - (void) fputs (_(" -n, --mindays MIN_DAYS set minimum number of days before password\n" - " change to MIN_DAYS\n"), usageout); (void) fputs (_(" -q, --quiet quiet mode\n"), usageout); (void) fputs (_(" -r, --repository REPOSITORY change password in REPOSITORY repository\n"), usageout); (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout); @@ -692,9 +688,6 @@ static void update_shadow(bool process_selinux) if (xflg) { nsp->sp_max = age_max; } - if (nflg) { - nsp->sp_min = age_min; - } if (wflg) { nsp->sp_warn = warn; } @@ -749,7 +742,7 @@ static void update_shadow(bool process_selinux) ret ? SHADOW_AUDIT_SUCCESS : SHADOW_AUDIT_FAILURE); } /* Audit aging parameter changes if any were modified */ - if (xflg || nflg || wflg || iflg) { + if (xflg || wflg || iflg) { char aging_msg[256]; stprintf_a(aging_msg, "changed-password-aging min=%ld max=%ld warn=%ld inact=%ld", @@ -781,7 +774,6 @@ static void update_shadow(bool process_selinux) * -i # set sp_inact to # days (*) * -k change password only if expired * -l lock the password of the named account (*) - * -n # set sp_min to # days (*) * -r # change password in # repository * -S show password status of named account * -u unlock the password of the named account (*) @@ -849,7 +841,6 @@ main(int argc, char **argv) {"inactive", required_argument, NULL, 'i'}, {"keep-tokens", no_argument, NULL, 'k'}, {"lock", no_argument, NULL, 'l'}, - {"mindays", required_argument, NULL, 'n'}, {"quiet", no_argument, NULL, 'q'}, {"repository", required_argument, NULL, 'r'}, {"root", required_argument, NULL, 'R'}, @@ -899,18 +890,6 @@ main(int argc, char **argv) lflg = true; anyflag = true; break; - case 'n': - if (a2sl(&age_min, optarg, NULL, 0, -1, LONG_MAX) - == -1) - { - fprintf (stderr, - _("%s: invalid numeric argument '%s'\n"), - Prog, optarg); - usage (E_BAD_ARG); - } - nflg = true; - anyflag = true; - break; case 'q': qflg = true; /* ok for users */ break;