@dmnks commented on this pull request.
> @@ -90,6 +91,10 @@ user() {
fi
fi
fi
+
+ if [[ $expire ]]; then
+ usermod -e 0 "${user}"
Although various sources claim that both 0 and 1 (or higher) can be used to
disable an account, there's at least one place where the use of 0 is
discouraged, in the `shadow(5)` man page:
```
account expiration date
The date of expiration of the account, expressed as the number of
days since Jan 1, 1970 00:00 UTC.
Note that an account expiration differs from a password expiration.
In case of an account expiration, the user
shall not be allowed to login. In case of a password expiration, the
user is not allowed to login using her
password.
An empty field means that the account will never expire.
The value 0 should not be used as it is interpreted as either an
account with no expiration, or as an expiration
on Jan 1, 1970.
```
So I wonder if using 1 wouldn't be safer? It's also what sysusers does here
(albeit still saying that either 0 or 1 can be used, see this
[line](https://github.com/systemd/systemd/pull/34876/files#diff-eb65aa4f56499547620bc75540e9be7d6d0a2a49647304d64bcc8661d32ae2a9R659)).
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/3481#pullrequestreview-2482242241
You are receiving this because you are subscribed to this thread.
Message ID: <rpm-software-management/rpm/pull/3481/review/2482242...@github.com>_______________________________________________
Rpm-maint mailing list
Rpm-maint@lists.rpm.org
https://lists.rpm.org/mailman/listinfo/rpm-maint
