In article <a8f5336a-e646-07f9-9454-ea901f807...@spg.tu-darmstadt.de>, Hauke Fath <h...@spg.tu-darmstadt.de> wrote: >Hi, > >I am looking at augmenting the linux-style 'shadow' map generation in >/var/yp/Makefile.yp. > >In this context: > >(1) The 'change' field in master.passwd can either be empty[*] (no >passwd aging), hold a maximum passwd age, or hold '-1', forcing the user >to set a new password during their next login[**]. > >If set to '-1', who changes this value after a password update, and to >what value?
It is handled in login login.c and openssh auth.c. login invokes chpass and chpass handles it; it is set to the current time. openssh does not let the user login. > >(2) master.passwd(5) says > >"If either of the change or expire fields are set, the system will >remind the user of the impending change or expiry if they login within a >configurable period (defaulting to 14 days) before the event." > >Where is this 'configurable period' being set? I guess the man page >should say? It is set in login_cap and documented in login.conf as "password-warn". Best, christos
