Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

How to list security policy of Red Hat Linux, specifically need password expiration and grace period thereof

Posted on 2010-11-11
6
Medium Priority
?
619 Views
Last Modified: 2012-05-10
Hello,
I am running Red Hat Enterprise Linux Server release 5.2 and it has a security policy that expires passwords after 90 days. I want to find out specifically what the grace period is (if any) and generally how to list all of the terms of the security policy.
Thank you,
Peter
0
Comment
Question by:pdegregorio
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 17

Accepted Solution

by:
sweetfa2 earned 1000 total points
ID: 34116378
chage --list user
0
 

Author Comment

by:pdegregorio
ID: 34116705
Thanks for the quick reply. Here are my results

ast password change                                    : Nov 11, 2010
Password expires                                        : Feb 09, 2011
Password inactive                                       : Feb 09, 2011
Account expires                                         : never
Minimum number of days between password change          : 0
Maximum number of days between password change          : 90
Number of days of warning before password expires       : 5

I interpret this as meaning that if I don't change my password by Feb 09, 2011 I will be locked out and have to get help from the system administrator. At that point what does the administrator do? Is there a command to reactivate the user so they can log in and change their own password?
0
 
LVL 17

Expert Comment

by:sweetfa2
ID: 34116803
As far as I recall you will not be able to login after this date without changing your password.  

I don't believe that it makes your account inactive.

The account expires value would be the one that you would be concerned about in that case.

The super-user could re-activate your password simply by changing it with the passwd command.

0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 40

Assisted Solution

by:noci
noci earned 1000 total points
ID: 34116824
you can change the password on behalf of the use by passwd.
Or the chage command can be used to (re)set the last password date to something so it is still valid for few days.
0
 

Assisted Solution

by:pdegregorio
pdegregorio earned 0 total points
ID: 34117051
Thanks experts ... OK so the system has a 90 day expiration so the following command

chage -d `date +"%Y-%m-%d" -d -89days` THE_USER

will set the user's last password change to 89 days ago and they can log in today and change their password with passwd. If they don't do it today they are locked out again. Perfect.

0
 

Author Closing Comment

by:pdegregorio
ID: 34143566
My comment (zero points) is accepted as part of the solution because it gives a specific and practical use example.
0

Featured Post

Get your Disaster Recovery as a Service basics

Disaster Recovery as a Service is one go-to solution that revolutionizes DR planning. Implementing DRaaS could be an efficient process, easily accessible to non-DR experts. Learn about monitoring, testing, executing failovers and failbacks to ensure a "healthy" DR environment.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Hello EE, Today we will learn how to send all your network traffic through Tor which is useful to get around censorship and being tracked all together to a certain degree. This article assumes you will be using Linux, have a minimal knowledge of …
BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
Have you created a query with information for a calendar? ... and then, abra-cadabra, the calendar is done?! I am going to show you how to make that happen. Visualize your data!  ... really see it To use the code to create a calendar from a q…
Please read the paragraph below before following the instructions in the video — there are important caveats in the paragraph that I did not mention in the video. If your PaperPort 12 or PaperPort 14 is failing to start, or crashing, or hanging, …

604 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question