From owner-freebsd-questions Wed May 22 8: 8:47 2002 Delivered-To: freebsd-questions@freebsd.org Received: from kanga.honeypot.net (kanga.honeypot.net [208.162.254.122]) by hub.freebsd.org (Postfix) with ESMTP id 2517B37B401 for ; Wed, 22 May 2002 08:08:40 -0700 (PDT) Received: from pooh (mail@pooh.int [10.0.1.2]) by kanga.honeypot.net (8.12.3/8.12.3) with ESMTP id g4MF8XmS017871 for ; Wed, 22 May 2002 10:08:33 -0500 (CDT) (envelope-from kirk@strauser.com) Received: from kirk by pooh with local (Exim 3.35 #1 (Debian)) id 17AXj6-0001EB-00 for ; Wed, 22 May 2002 10:08:32 -0500 To: freebsd-questions@freebsd.org Subject: Re: How to force one user to change his password? References: From: Kirk Strauser Date: 22 May 2002 10:08:32 -0500 In-Reply-To: Message-ID: <873cwkte33.fsf@strauser.com> Lines: 24 X-Mailer: Gnus/5.09 (Gnus v5.9.0) Emacs/21.2 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG At 2002-05-22T14:24:37Z, Jeffrey Tang writes: > Yes, I setup his 'change' field to some date to enforce my password change > policy. When he logons, he gets a prompt to re-new password, but he can > still press enter to skip this procedure and get the shell. > So, is there any method to force users to change their stale passwords > before granted permission to log in? Try the BOFH approach. Add this near the top of their .bashrc (or other shell startup script): passwd if [ $? != 0 ]; then echo "Change your password. I mean it." exit fi Your user will *have* to change their password everytime he they log in until they get wise to it. Re-apply as necessary. -- Kirk Strauser To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message