From owner-freebsd-questions@FreeBSD.ORG Thu Dec 13 18:23:07 2007 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6945916A417 for ; Thu, 13 Dec 2007 18:23:07 +0000 (UTC) (envelope-from jamesh@lanl.gov) Received: from mailwasher.lanl.gov (mailwasher.lanl.gov [204.121.3.2]) by mx1.freebsd.org (Postfix) with ESMTP id 1DBF413C455 for ; Thu, 13 Dec 2007 18:23:06 +0000 (UTC) (envelope-from jamesh@lanl.gov) Received: from mailrelay3.lanl.gov (mailrelay3.lanl.gov [128.165.4.104]) by mailwasher.lanl.gov (8.13.8/8.13.8/(ccn-5)) with ESMTP id lBDIN5X3021141 for ; Thu, 13 Dec 2007 11:23:05 -0700 Received: from oppie-mail.lanl.gov (oppie-mail.lanl.gov [128.165.4.123]) by mailrelay3.lanl.gov (8.13.8/8.13.8/(ccn-5)) with ESMTP id lBDIN4Ig019828 for ; Thu, 13 Dec 2007 11:23:04 -0700 Received: from [128.165.86.60] (p25dual1.lanl.gov [128.165.86.60]) by oppie-mail.lanl.gov (Postfix) with ESMTP id 4AE851F8012 for ; Thu, 13 Dec 2007 11:22:58 -0700 (MST) From: James Harrison To: freebsd-questions Content-Type: text/plain Organization: Los Alamos National Labs Date: Thu, 13 Dec 2007 11:22:57 -0700 Message-Id: <1197570177.17297.58.camel@p25dual1.lanl.gov> Mime-Version: 1.0 X-Mailer: Evolution 2.8.0 (2.8.0-33.0.1.el5) Content-Transfer-Encoding: 7bit X-CTN-5-MailScanner-Information: Please see http://network.lanl.gov/email/virus-scan.php X-CTN-5-MailScanner: Found to be clean X-CTN-5-MailScanner-From: jamesh@lanl.gov X-Spam-Status: No Subject: login.conf password options X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: jamesh@lanl.gov List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 13 Dec 2007 18:23:07 -0000 Hi folks, I've slowly been setting up some options for the default class in login.conf such that passwords will expire after 150 days. To test whether this functionality was working, I have a warning appear on the first day, so that if I set a password and log in , I ought to be warned that my password will expire in 150 days. It doesn't appear to be working. I am not receiving any kind of warning that my password will expire. To see whether I was correctly in the default class, I changed the message of the day file from /etc/motd to /etc/motw, and the message of the day changed appropriately. I then set up a session limit of an hour and a half with a warning appearing after 1 minute, but that isn't working either. The method I'm using is this: I use vi to edit the /etc/login.conf, then run cap_mkdb /etc/login.conf. I then reboot the machine, to make sure that everything that ought to be paying attention does. I suspected that /etc/master.passwd might need updating, so I used vipw, made a trivial change, saved the change, but nothing. My default class reads: default:\ :passwd_format=md5:\ :copyright=/etc/COPYRIGHT:\ :welcome=/etc/motd:\ :setenv=MAIL=/var/mail/$,BLOCKSIZE=K,FTP_PASSIVE_MODE=YES:\ :path=/sbin /bin /usr/sbin /usr/bin /usr/games /usr/local/sbin /usr/local/bin ~/bin:\ :nologin=/var/run/nologin:\ :cputime=unlimited:\ :datasize=unlimited:\ :stacksize=unlimited:\ :memorylocked=unlimited:\ :memoryuse=unlimited:\ :filesize=unlimited:\ :coredumpsize=unlimited:\ :openfiles=unlimited:\ :maxproc=unlimited:\ :sbsize=unlimited:\ :vmemoryuse=unlimited:\ :priority=0:\ :ignoretime@:\ :umask=022:\ :passwordtime=150d:\ :warnpassword=150d: :sessiontime=1h30m:\ :warntime=1h29m: Any ideas?