From owner-freebsd-questions@FreeBSD.ORG Sat Jun 30 20:17:51 2007 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 9076016A469; Sat, 30 Jun 2007 20:17:51 +0000 (UTC) (envelope-from rea-fbsd@codelabs.ru) Received: from pobox.codelabs.ru (pobox.codelabs.ru [144.206.177.45]) by mx1.freebsd.org (Postfix) with ESMTP id 4337513C447; Sat, 30 Jun 2007 20:17:51 +0000 (UTC) (envelope-from rea-fbsd@codelabs.ru) DomainKey-Signature: a=rsa-sha1; q=dns; c=simple; s=one; d=codelabs.ru; h=Received:Date:From:To:Cc:Message-ID:References:MIME-Version:Content-Type:Content-Disposition:In-Reply-To:Sender:X-Spam-Status:Subject; b=F9fVrei+UQ9jb6gQU0vNa7ChTCrRDXBNQEfft1PSbOdMoAHerNCO2E6J3Flx6ZMMuzUNpzwQBLXBUCAOKmEPRFdth8n+lsNEnSVIxBhZ8/kTcOZ8i9gfRof/Q/9TWUDwDvaOaU/PAbG11zKNALdO8Ga1joAJ002IWiuJH1/SvJU=; Received: from void.codelabs.ru (void.codelabs.ru [144.206.177.25]) by pobox.codelabs.ru with esmtpsa (TLSv1:AES256-SHA:256) id 1I4jOA-000B3t-CW; Sun, 01 Jul 2007 00:17:50 +0400 Date: Sun, 1 Jul 2007 00:17:46 +0400 From: Eygene Ryabinkin To: Patrick Dung Message-ID: <20070630201745.GB1240@void.codelabs.ru> References: <105872.23286.qm@web54305.mail.re2.yahoo.com> <20070630195949.GA1240@void.codelabs.ru> MIME-Version: 1.0 Content-Type: text/plain; charset=koi8-r Content-Disposition: inline In-Reply-To: <20070630195949.GA1240@void.codelabs.ru> Sender: rea-fbsd@codelabs.ru X-Spam-Status: No, score=-2.9 required=4.0 tests=ALL_TRUSTED,AWL,BAYES_00 Cc: freebsd-hackers@freebsd.org, freebsd-questions@freebsd.org Subject: Re: password againg and other policy enforcement X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 30 Jun 2007 20:17:51 -0000 Me again. Forgot to finish the sentence, sorry. Sat, Jun 30, 2007 at 11:59:49PM +0400, Eygene Ryabinkin wrote: > > 1. Administrator can enforce password expire in /etc/login.conf > > In the /etc/master.passwd. login.conf has the fields, but does > not implement the functionality, if the manpage is right: > ===== > RESERVED CAPABILITIES > The following capabilities are reserved for the purposes indicated and > may be supported by third-party software. They are not implemented in > the base system. > > Name Type Notes Description > <...> > expireperiod time Time for expiry allocation. > graceexpire time Grace days for expired account. > ===== > But the following fields are working: ===== warnexpire time Advance notice for pending account expiry. warnpassword time Advance notice for pending password expiry. ===== So this can provide some warnings to the user when it logs in. -- Eygene