Univention Bugzilla – Bug 45957
simplify "user has to change password on next logon behavior" (shadowLastChange)
Last modified: 2021-05-03 21:32:42 CEST
man 5 shadow says: > date of last password change ... > The value 0 has a special meaning, which is that the user should change her pasword the next time she > will log in the system..... > maximum password age ... > An empty field means that there are no maximum password age, no password warning period, and no > password inactivity period (see below). So, if shadowLastChange is set to "0" the user has to change his password on the next login. To achieve this we're currently setting "shadowMax" to date(now) - pw_expiry_interval - 1. Instead we could simplify the behavior to: 1. set shadowMax only to pw_expiry_interval 2. set shadowLastChange to "0" There is a patch in the branch fbest/45842-simplify-shadowLastChange, which is based on the feature branch of Bug #45842.
Created attachment 9330 [details] patch