editing the password field. Debian patch 494_passwd_lock.
+2007-11-17 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/passwd.c, man/passwd.1.xml: -l/-u options: edit the
+ shadow account expiry field *in addition* to editing the password
+ field. Debian patch 494_passwd_lock.
+
2007-11-17 Nicolas François <nicolas.francois@centraliens.net>
* src/newgrp.c: Do not request a password when a user uses newgrp
<listitem>
<para>
Lock the named account. This option disables an account by changing
- the password to a value which matches no possible encrypted value.
+ the password to a value which matches no possible encrypted value,
+ and by setting the account expiry field to 1.
</para>
</listitem>
</varlistentry>
<para>
Unlock the named account. This option re-enables an account by
changing the password back to its previous value (to value before
- using <option>-l</option> option).
+ using <option>-l</option> option), and by resetting the account
+ expiry field.
</para>
</listitem>
</varlistentry>
nsp->sp_inact = (inact * DAY) / SCALE;
if (do_update_age)
nsp->sp_lstchg = time ((time_t *) 0) / SCALE;
+ if (lflg) {
+ /* Set the account expiry field to 1.
+ * Some PAM implementation consider zero as a non expired
+ * account.
+ */
+ nsp->sp_expire = 1;
+ }
+ if (uflg)
+ nsp->sp_expire = -1;
/*
* Force change on next login, like SunOS 4.x passwd -e or Solaris