Password MINWEEKS in Solaris 10

From: Steven Sim (steven.sim@faplccc.net)
Date: Wed Nov 15 2006 - 06:17:02 EST

• Next message: Harald.Husemann@materna.de: "SC 3.1 U4 on Sol 10 x86 + Ora 10g"
• Previous message: Gerard Henry: "SUMMARY: T2000: disk capacity max?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

 All;

To implement password expiry in Solaris 10, I modified the following
entry in /etc/default/passwd;

MAXWEEKS=13

The above works out to be 7 * 13 = 91 days.

However, my customer insist on a strict 90 day expiry. Is there a syntax
to use DAYS instead of WEEKS in /etc/default/passwd?

Strangely, the MAN page for passwd list the following statements;

min The minimum number of days required between
password changes for name. MINWEEKS is found
in /etc/default/passwd and is set to NULL.

max The maximum number of days the password is
valid for name. MAXWEEKS is found in
/etc/default/passwd and is set to NULL.

Note the syntax. It says ".... number of days...."

But looking up the source code in open solaris, I get

5 void 176 turn_on_default_aging(struct spwd *spw) 177 { 178 int minweeks; 179 int maxweeks; 180 int warnweeks; 181 182 if (defopen(PWADMIN) != 0) { 183 minweeks = MINWEEKS; 184 maxweeks = MAXWEEKS; 185 warnweeks = WARNWEEKS; 186 } else { 187 minweeks = def_getuint("MINWEEKS=", MINWEEKS); 188 maxweeks = def_getuint("MAXWEEKS=", MAXWEEKS); 189 warnweeks = def_getuint("WARNWEEKS=", WARNWEEKS); 190 (void) defopen(NULL); 191 } 192 193 /* 194 * The values specified in /etc/default/passwd are interpreted 195 * in a specific way. Special cases are 196 * MINWEEKS==0 (results in sp_min = -1) 197 * MAXWEEKS==0 (results in sp_max = default) 198 */ 199 spw->sp_min = 7 * minweeks; 200
  if (spw->sp_min <= 0) 201 spw->sp_min = -1; 202 203 spw->sp_max = 7 * maxweeks; 204 if (spw->sp_max == 0) 205 spw->sp_max = 7 * MAXWEEKS; 206 if (spw->sp_max < 0) 207 spw->sp_max = -1; 208 209 spw->sp_warn = 7 * warnweeks; 210 if (spw->sp_warn <= 0) 211 spw->sp_warn = -1; 212 }

Seems like we can only specify in terms of weeks? Is there a way around
this?

Warmest Regards
Steven Sim

Fujitsu Asia Pte. Ltd.
_____________________________________________________

This e-mail is confidential and may also be privileged. If you are not
the intended recipient, please notify us immediately. You should not copy
or use it for any purpose, nor disclose its contents to any other person.

Opinions, conclusions and other information in this message that do not
relate to the official business of my firm shall be understood as neither
given nor endorsed by it.
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers

• Next message: Harald.Husemann@materna.de: "SC 3.1 U4 on Sol 10 x86 + Ora 10g"
• Previous message: Gerard Henry: "SUMMARY: T2000: disk capacity max?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:41:11 EDT