Message ID | 20190318132146.3574-1-arnout@mind.be |
---|---|
State | Accepted |
Headers | show |
Series | system/skeleton: remove password expiration from shadow | expand |
diff --git a/system/skeleton/etc/shadow b/system/skeleton/etc/shadow index 06778f13f9..37de977cba 100644 --- a/system/skeleton/etc/shadow +++ b/system/skeleton/etc/shadow @@ -1,9 +1,9 @@ -root::10933:0:99999:7::: -daemon:*:10933:0:99999:7::: -bin:*:10933:0:99999:7::: -sys:*:10933:0:99999:7::: -sync:*:10933:0:99999:7::: -mail:*:10933:0:99999:7::: -www-data:*:10933:0:99999:7::: -operator:*:10933:0:99999:7::: -nobody:*:10933:0:99999:7::: +root:::::::: +daemon:*::::::: +bin:*::::::: +sys:*::::::: +sync:*::::::: +mail:*::::::: +www-data:*::::::: +operator:*::::::: +nobody:*:::::::
The fields in /etc/shadow were set as follows: root::10933:0:99999:7::: This sets the date of last password change to Jan 1, 2000, the minimum password age to 0 days, the maximum password age to near-infinity, and a warning period of 7 days. In practice, this means the password never expires. So all of this is quite useless. On the other hand, mkusers creates lines without all of these options. It just sets ::::: which disables password expiration completely. To make things consistent, do the same for the skeleton entries. Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be> --- system/skeleton/etc/shadow | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-)