Re: Overriding password ageing for an individual - StdModSecExt

RobinKing · ‎09-20-2007

All

I've installed StdModSecExt, and have setup all the global settings I want in /etc/default/security. This includes PASSWORD_MAXDAYS=90. However I have a number of functional user accounts that I want to disable password ageing for.

/etc/security.dsc suggest I can't use userdbset to change the /var/adm/userdb for individuals.

# S : can configure a system-wide default in /etc/default/security
# u : can configure a per-user value in /var/adm/userdb
# s : can configure a per-user value in /etc/shadow if shadow mode
# p : can configure a per-user value in /etc/passwd if standard mode
# L : the attribute applies only to local users in /etc/passwd

PASSWORD_MAXDAYS;-1;441;-1;LpsS;Maximum number of days that a password is valid (-1=Disable aging)

How do I do this via the /etc/passwd file as it suggests? Is it actually possible to change this attribute for individual users?

Thanks...

RobinKing · ‎09-20-2007

Anyone?

Robert Fritz · ‎09-21-2007

Hi Robin,

These are the relevant entries that apply to your situation:
# s : can configure a per-user value in /etc/shadow if shadow mode
# p : can configure a per-user value in /etc/passwd if standard mode

So use passwd -w... as long as you're not in Trusted Mode.

Those Who Would Sacrifice Liberty for Security Deserve Neither." - Benjamin Franklin

RobinKing · ‎09-23-2007

Thanks for the response Robert, but that'll just deal with the warngin message. I've tested with passwd -x -1 and that does what I need it to.

Robin

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Discussions

Forums

Discussions

Forums

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Re: Overriding password ageing for an individual - StdModSecExt

Overriding password ageing for an individual - StdModSecExt