[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: minimum number of days between password change

On Wed, 03 Nov 2010 20:40:15 +0100, Lukas Baxa wrote:

> Camaleón wrote:
>> On Mon, 01 Nov 2010 21:35:20 +0000, Wolodja Wentland wrote:
>> (...)
>>> … which is clearly not working in the way it is described. I have not
>>> reproduced this bug myself, but it is exactly that and should
>>> therefore be reported - not by posting to d-d - but rather by
>>> executing "reportbug passwd".
>> I've tried in a lenny box and faced the same behaviour than the OP.
>> Maybe the new policy is to be applied _a day after_ the change or it
>> should be enforced _as soon as_ changed? Is a "passwd" error (not
>> reading/applying "/etc/shadow" mandate) or a "chage" one? :-?
> Even if the discussion to this topic shows that the mindays option of
> chage might not be very useful in most cases, it doesn't work as it
> should.

I agree.
> I would like to file a new bug report, but I'm not sure against which
> package. I'm considering either passwd or libpam-modules. 


"passwd" (as Wolodja suggested) should not allow the user to change his 
password if "/etc/shadow" states so. Anyway, I would not worry about the 
"correctness" of the package against you are to report the bug as devels 
will change it if they estimate it convenient.



Reply to: