Set Up Login.defs But Password Still Not Expire?
We have CentOS 5.8 on LInux server.I setup /etc/login.defs following:
PASS_MAX_DAYS 3
PASS_MIN_DAYS 0
PASS_MIN_LEN 8
PASS_WARN_AGE 1
after that I chack user password policy and it show:# chage -l user1
Last password change : Jun 29, 2015
Password expires : never Password inactive : never Account expires : never Minimum number of days between password change : 0
Maximum number of days between password change : 99999
Number of days of warning before password expires : 7
anyone know why? I did reboot server still same.
2 thoughts on - Set Up Login.defs But Password Still Not Expire?
Hi,
It will not be applied automatically to existing users, you have to do that manually by running below command,
For an example,
# chage -E 6/30/2015 -m 5 -M 90 -I 30 -W 14 test ( For more information read Man page )
If you gonna create a new user after making changes into /etc/login.defs then password policy will be applied automatically on new user and you can check it by running “chage -l username”.
–Regards Ashishkumar S. Yadav
So you’re saying that you’re running a CentOS that has not been updated in three years and as such is full of security vulnerabilities and bugs and yet you are security-conscious enough to want a 3 day password expire?
Do yourself a favor and yum update, that will help you to secure your system way better than your password policy.
Peter