trog woolley

We need to change several hundred user accounts so that
the passwords are non-expiring (yes I know that this is
a very bad security risk but we do have a good reason).

If I go into the gui User Manager, select one user,
and untick the password expiry box, the sp_min and the
sp_warn fields in /etc/shadow are set to -1 and the sp_max
field is set to 99999, yet if I use the passwd command
to change these fields for another user, setting them
to the aforementioned values, and then check this user
via the gui, the password expiry box is still ticked.

What I need to know is what value or values cause this
tick box to be unticked, without having to modify each
one via the gui. I cannot set all users to non-expiring
passwords, as some users must still have this enabled.
We're using RH9.

TIA
--
Trog Woolley | trog at trogwoolley dot com
(A Croweater back residing in Pommie Land with Linux)
Isis Astarte Diana Hecate Demeter Kali Inanna

andreas tretow

Weird. I have FC1 and when I untick the checkbox the change is reflected
in /etc/shadow like this:

john:$1$u7qq2d5k$Qn6EqdCq9hu6VXeUug2uk1:12450:0:99 999:7:::

On my system, any other value than '7' in sp_warn will
leave the checkbox ticked.

For the example user john use this to achieve the same:
'passwd -x 99999 -i -1 -w 7 john'

or manually edit /etc/shadow to look like the aforementioned entry.

HTH
Andreas