Date: Mon, 3 Feb 2003 05:40:48 -0800 From: David Schultz <dschultz@uclink.Berkeley.EDU> To: security@FreeBSD.ORG Subject: Many login.conf accounting and authentication options broken Message-ID: <20030203134047.GA475@HAL9000.homeunix.com>
next in thread | raw e-mail | index | archive | help
Most of the accounting options in login.conf(5) and many examples
in /etc/login.conf don't seem to work. I can't even find any
evidence of a mechanism to support them. (Perhaps an old-timer
can tell me where one used to exist, if it used to exist.) Please
let me know if I'm missing something here.
Some of these features are useful. For instance, it would be nice
if passwd respected passwordtime when updating a password, rather
than disabling password expiration whenever a user changes his
password.[1] Others, such as autodelete and sessiontime, seem less
useful. Do people have comments on any of the unimplemented items
in the following list? I have a good mind to ask that the useless
ones be removed from the documentation, and if I have time in the
next few weeks I may implement some of the missing functionality.
minpasswordlen (superseded by pam_passwdqc; needs doc update)
minpasswordcase (superseded by pam_passwdqc; needs doc update)
autodelete
accounted
bootfull
daytime
expireperiod
graceexpire
gracetime
host.accounted
host.exempt
idletime
monthtime
passwordtime
refreshtime
refreshperiod
sessiontime
sessionlimit
ttys.accounted
ttys.exempt
warntime
weektime
[1] Passwordtime works in 4.x, but support was apparently removed
accidentally in the PAMification process.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030203134047.GA475>