There's a field in /etc/shadow which sets how many days before expiry the user is warned, however this warning is on logon and so will not work for rarely administered boxes. chage -l root will give you this and other values including the expiry date of the current password.
Unfortunately the password expiry date is not in an easily calculable format, however it should be possible to convert it to epoch and compare with today's date, eg Perl's Date::Calc module provides a delta days function which could be used for this... ---------- Post updated at 11:59 ---------- Previous update was at 11:36 ----------
To expand...
Last edited by Skrynesaver; 08-31-2016 at 11:58 AM..
I couldnt find this in any other post - so hoping someone can help out.
I want to set password expiry (or rather I have to) for a number of users on my solaris 9 system. I know i can set the following options in the /etc/default/passwd file to do it and then just type a passwd -f <username> to... (6 Replies)
Hi Friends.
I am new to scripting now i want to change the root password using the script with standard password.
which is the easy scripting to learn for the beginner, Thanks in advance. (2 Replies)
Hello All,
I have several solaris boxes running Solaris 8. When changing root passwords on them, all will simply ask for the new root password to change and of course to re-type the new password. One of the systems however asks for the existing root password before it will display the new password... (8 Replies)
Hi,
Is there any way of sending an email to a number of users indicating that the passwords of user accounts will expire?
Currently we have a test server with a number of oracle test accounts on it. Each of these accounts correspond to an instance of Oracle on the server. These... (2 Replies)
Hi,
Is there any way of sending an email to a number of users indicating that the passwords of user accounts will expire?
Currently we have a test server with a number of oracle test accounts on it. Each of these accounts correspond to an instance of Oracle on the server. These... (2 Replies)
Hi Gurus
I have a few Sol 5.9 servers and i have enabled password less authentication between them for my user ID. Often i have found that when my password has expired,the login fails.
Resetting my password reenables the keys.
Do i need to do something to avoid this scenario or is this... (2 Replies)
Hi All,
I have a gateway server, from where I can connect any server via 'sudo ssh server_name'. Generally, if we need to run a command on any number of servers, we put server names in a file like '/tmp/ser_name' and execute it with for loop from gateway server.
Now, I need to set non-expiry... (0 Replies)
I am connecting to sql databases through shell script. Databases that i am connecting will need password change every 60 days. This is according to our security policy and cannot be changed. But this is creating problem when connecting to Databases through shell script . To connect to oracle DB we... (2 Replies)
Newbie in scripting
Please assist with a script to send an email to all users seven days before their passwords expires.Aging set for 90 days.
# chage -l user1
Last password change : Jul 08, 2015
Password expires :... (4 Replies)
Discussion started by: tshepang
4 Replies
LEARN ABOUT OSX
chage
CHAGE(1) User Commands CHAGE(1)NAME
chage - change user password expiry information
SYNOPSIS
chage [options] LOGIN
DESCRIPTION
The chage command changes the number of days between password changes and the date of the last password change. This information is used by
the system to determine when a user must change his/her password.
OPTIONS
The options which apply to the chage command are:
-d, --lastday LAST_DAY
Set the number of days since January 1st, 1970 when the password was last changed. The date may also be expressed in the format
YYYY-MM-DD (or the format more commonly used in your area).
-E, --expiredate EXPIRE_DATE
Set the date or number of days since January 1, 1970 on which the user's account will no longer be accessible. The date may also be
expressed in the format YYYY-MM-DD (or the format more commonly used in your area). A user whose account is locked must contact the
system administrator before being able to use the system again.
Passing the number -1 as the EXPIRE_DATE will remove an account expiration date.
-h, --help
Display help message and exit.
-I, --inactive INACTIVE
Set the number of days of inactivity after a password has expired before the account is locked. The INACTIVE option is the number of
days of inactivity. A user whose account is locked must contact the system administrator before being able to use the system again.
Passing the number -1 as the INACTIVE will remove an account's inactivity.
-l, --list
Show account aging information.
-m, --mindays MIN_DAYS
Set the minimum number of days between password changes to MIN_DAYS. A value of zero for this field indicates that the user may change
his/her password at any time.
-M, --maxdays MAX_DAYS
Set the maximum number of days during which a password is valid. When MAX_DAYS plus LAST_DAY is less than the current day, the user
will be required to change his/her password before being able to use his/her account. This occurrence can be planned for in advance by
use of the -W option, which provides the user with advance warning.
Passing the number -1 as MAX_DAYS will remove checking a password's validity.
-R, --root CHROOT_DIR
Apply changes in the CHROOT_DIR directory and use the configuration files from the CHROOT_DIR directory.
-W, --warndays WARN_DAYS
Set the number of days of warning before a password change is required. The WARN_DAYS option is the number of days prior to the
password expiring that a user will be warned his/her password is about to expire.
If none of the options are selected, chage operates in an interactive fashion, prompting the user with the current values for all of the
fields. Enter the new value to change the field, or leave the line blank to use the current value. The current value is displayed between a
pair of [ ] marks.
NOTE
The chage program requires a shadow password file to be available.
The chage command is restricted to the root user, except for the -l option, which may be used by an unprivileged user to determine when
his/her password or account is due to expire.
CONFIGURATION
The following configuration variables in /etc/login.defs change the behavior of this tool:
FILES
/etc/passwd
User account information.
/etc/shadow
Secure user account information.
EXIT VALUES
The chage command exits with the following values:
0
success
1
permission denied
2
invalid command syntax
15
can't find the shadow password file
SEE ALSO passwd(5), shadow(5).
shadow-utils 4.5 01/25/2018 CHAGE(1)