Solved

How to list security policy of Red Hat Linux, specifically need password expiration and grace period thereof

Posted on 2010-11-11
6
612 Views
Last Modified: 2012-05-10
Hello,
I am running Red Hat Enterprise Linux Server release 5.2 and it has a security policy that expires passwords after 90 days. I want to find out specifically what the grace period is (if any) and generally how to list all of the terms of the security policy.
Thank you,
Peter
0
Comment
Question by:pdegregorio
  • 3
  • 2
6 Comments
 
LVL 17

Accepted Solution

by:
sweetfa2 earned 250 total points
ID: 34116378
chage --list user
0
 

Author Comment

by:pdegregorio
ID: 34116705
Thanks for the quick reply. Here are my results

ast password change                                    : Nov 11, 2010
Password expires                                        : Feb 09, 2011
Password inactive                                       : Feb 09, 2011
Account expires                                         : never
Minimum number of days between password change          : 0
Maximum number of days between password change          : 90
Number of days of warning before password expires       : 5

I interpret this as meaning that if I don't change my password by Feb 09, 2011 I will be locked out and have to get help from the system administrator. At that point what does the administrator do? Is there a command to reactivate the user so they can log in and change their own password?
0
 
LVL 17

Expert Comment

by:sweetfa2
ID: 34116803
As far as I recall you will not be able to login after this date without changing your password.  

I don't believe that it makes your account inactive.

The account expires value would be the one that you would be concerned about in that case.

The super-user could re-activate your password simply by changing it with the passwd command.

0
Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

 
LVL 40

Assisted Solution

by:noci
noci earned 250 total points
ID: 34116824
you can change the password on behalf of the use by passwd.
Or the chage command can be used to (re)set the last password date to something so it is still valid for few days.
0
 

Assisted Solution

by:pdegregorio
pdegregorio earned 0 total points
ID: 34117051
Thanks experts ... OK so the system has a 90 day expiration so the following command

chage -d `date +"%Y-%m-%d" -d -89days` THE_USER

will set the user's last password change to 89 days ago and they can log in today and change their password with passwd. If they don't do it today they are locked out again. Perfect.

0
 

Author Closing Comment

by:pdegregorio
ID: 34143566
My comment (zero points) is accepted as part of the solution because it gives a specific and practical use example.
0

Featured Post

Master Your Team's Linux and Cloud Stack

Come see why top tech companies like Mailchimp and Media Temple use Linux Academy to build their employee training programs.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Hello EE, Today we will learn how to send all your network traffic through Tor which is useful to get around censorship and being tracked all together to a certain degree. This article assumes you will be using Linux, have a minimal knowledge of …
Fine Tune your automatic Updates for Ubuntu / Debian
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question