password againg and other policy enforcement
Eygene Ryabinkin
rea-fbsd at codelabs.ru
Sat Jun 30 20:17:51 UTC 2007
Me again. Forgot to finish the sentence, sorry.
Sat, Jun 30, 2007 at 11:59:49PM +0400, Eygene Ryabinkin wrote:
> > 1. Administrator can enforce password expire in /etc/login.conf
>
> In the /etc/master.passwd. login.conf has the fields, but does
> not implement the functionality, if the manpage is right:
> =====
> RESERVED CAPABILITIES
> The following capabilities are reserved for the purposes indicated and
> may be supported by third-party software. They are not implemented in
> the base system.
>
> Name Type Notes Description
> <...>
> expireperiod time Time for expiry allocation.
> graceexpire time Grace days for expired account.
> =====
> But the following fields are working:
=====
warnexpire time Advance notice for pending account
expiry.
warnpassword time Advance notice for pending password
expiry.
=====
So this can provide some warnings to the user when it logs in.
--
Eygene
More information about the freebsd-hackers
mailing list