Set Up Login.defs But Password Still Not Expire?

Home » General » Set Up Login.defs But Password Still Not Expire?
General 2 Comments

We have CentOS 5.8 on LInux server.I setup /etc/login.defs following:
PASS_MAX_DAYS   3
PASS_MIN_DAYS   0
PASS_MIN_LEN    8
PASS_WARN_AGE   1

after that I chack user password policy and it show:# chage -l user1
Last password change                                    : Jun 29, 2015
Password expires                                        : never Password inactive                                       : never Account expires                                         : never Minimum number of days between password change          : 0
Maximum number of days between password change          : 99999
Number of days of warning before password expires       : 7

anyone know why?   I did reboot server still same.

2 thoughts on - Set Up Login.defs But Password Still Not Expire?

  • Hi,

    It will not be applied automatically to existing users, you have to do that manually by running below command,

    For an example,

    # chage -E 6/30/2015 -m 5 -M 90 -I 30 -W 14 test ( For more information read Man page )

    If you gonna create a new user after making changes into /etc/login.defs then password policy will be applied automatically on new user and you can check it by running “chage -l username”.

    –Regards Ashishkumar S. Yadav

  • So you’re saying that you’re running a CentOS that has not been updated in three years and as such is full of security vulnerabilities and bugs and yet you are security-conscious enough to want a 3 day password expire?

    Do yourself a favor and yum update, that will help you to secure your system way better than your password policy.

    Peter