SEO

If a password is configured to expire in 7 days, and the
configuration was done at say 2 PM on Sunday, will the
password expire at 2 PM the following Sunday, or 1 minute
after midnight the following Sunday morning? If not, can
anyone tell me how the algorithm works?

-Thanks

On 2005-04-20, somebody <some@body.com> wrote:
>
>
> If a password is configured to expire in 7 days, and the
> configuration was done at say 2 PM on Sunday, will the
> password expire at 2 PM the following Sunday, or 1 minute
> after midnight the following Sunday morning? If not, can
> anyone tell me how the algorithm works?

My understanding is that it'll be 2pm the following Sunday.
The times are recorded in utime format so it'll be X days
since that time. exactly.

Doug

In article <slrnd6cihj.1q5.dkoleary@linux.attbi.com>, Doug O'Leary wrote:
> On 2005-04-20, somebody <some@body.com> wrote:
>>
>>
>> If a password is configured to expire in 7 days, and the
>> configuration was done at say 2 PM on Sunday, will the
>> password expire at 2 PM the following Sunday, or 1 minute
>> after midnight the following Sunday morning? If not, can
>> anyone tell me how the algorithm works?
>
> My understanding is that it'll be 2pm the following Sunday.
> The times are recorded in utime format so it'll be X days
> since that time. exactly.
>
> Doug

I don't believe that is entirely correct. From 'man 4 passwd':

The characters used to represent "digits" are . for 0, / for 1, 0
through 9 for 2 through 11, A through Z for 12 through 37, and a
through z for 38 through 63.

Password aging is put in effect for a particular user if his encrypted
password in the password file is followed by a comma and a non-null
string of characters from the above alphabet. (Such a string must be
introduced in the first instance by a superuser.) This string defines
the "age" needed to implement password aging.

UNIX keeps internal time stamps in a format with a base date of
Thursday January 1, 1970. Because of this, passwd considers the
beginning of a week to be 00:00 GMT Thursday.

The first character of the age, M, denotes the maximum number of weeks
for which a password is valid. A user who attempts to login after his
password has expired is forced to supply a new one. The next
character, m, denotes the minimum period in weeks that must expire
before the password can be changed. The remaining two characters
define the week when the password was last changed (a null string is
equivalent to zero). M and m have numerical values in the range 0
through 63 that correspond to the 64-character set of "digits" shown
above.

If m = M = 0 (derived from the string . or ..), the user is forced to
change his password next time he logs in (and the "age" disappears
from his entry in the password file). If m > M (signified, for
example, by the string ./), then only a superuser (not the user) can
change the password. Not allowing the user to ever change the
password is discouraged.


Kevin

--
Unix Guy Consulting, LLC
Unix and Linux Automation, Shell, Perl and CGI scripting
http://www.unix-guy.com

On 2005-04-20, Kevin Collins <spamtotrash@toomuchfiction.com> wrote:
>
>
> In article <slrnd6cihj.1q5.dkoleary@linux.attbi.com>, Doug O'Leary wrote:
>> On 2005-04-20, somebody <some@body.com> wrote:
>>>
> I don't believe that is entirely correct. From 'man 4 passwd':

[[ Large snip ]]

> Kevin

Usually true; however, the protected password entries under HPUX operate
slightly differently. See getprpw(1m) and similar pages.

Doug