From owner-freebsd-hackers@FreeBSD.ORG  Sat Jun 30 20:17:51 2007
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
X-Original-To: freebsd-hackers@freebsd.org
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 9076016A469;
	Sat, 30 Jun 2007 20:17:51 +0000 (UTC)
	(envelope-from rea-fbsd@codelabs.ru)
Received: from pobox.codelabs.ru (pobox.codelabs.ru [144.206.177.45])
	by mx1.freebsd.org (Postfix) with ESMTP id 4337513C447;
	Sat, 30 Jun 2007 20:17:51 +0000 (UTC)
	(envelope-from rea-fbsd@codelabs.ru)
DomainKey-Signature: a=rsa-sha1; q=dns; c=simple; s=one; d=codelabs.ru;
	h=Received:Date:From:To:Cc:Message-ID:References:MIME-Version:Content-Type:Content-Disposition:In-Reply-To:Sender:X-Spam-Status:Subject;
	b=F9fVrei+UQ9jb6gQU0vNa7ChTCrRDXBNQEfft1PSbOdMoAHerNCO2E6J3Flx6ZMMuzUNpzwQBLXBUCAOKmEPRFdth8n+lsNEnSVIxBhZ8/kTcOZ8i9gfRof/Q/9TWUDwDvaOaU/PAbG11zKNALdO8Ga1joAJ002IWiuJH1/SvJU=;
Received: from void.codelabs.ru (void.codelabs.ru [144.206.177.25])
	by pobox.codelabs.ru with esmtpsa (TLSv1:AES256-SHA:256)
	id 1I4jOA-000B3t-CW; Sun, 01 Jul 2007 00:17:50 +0400
Date: Sun, 1 Jul 2007 00:17:46 +0400
From: Eygene Ryabinkin <rea-fbsd@codelabs.ru>
To: Patrick Dung <patrick_dkt@yahoo.com.hk>
Message-ID: <20070630201745.GB1240@void.codelabs.ru>
References: <105872.23286.qm@web54305.mail.re2.yahoo.com>
	<20070630195949.GA1240@void.codelabs.ru>
MIME-Version: 1.0
Content-Type: text/plain; charset=koi8-r
Content-Disposition: inline
In-Reply-To: <20070630195949.GA1240@void.codelabs.ru>
Sender: rea-fbsd@codelabs.ru
X-Spam-Status: No, score=-2.9 required=4.0 tests=ALL_TRUSTED,AWL,BAYES_00
Cc: freebsd-hackers@freebsd.org, freebsd-questions@freebsd.org
Subject: Re: password againg and other policy enforcement
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>, 
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 30 Jun 2007 20:17:51 -0000

Me again.  Forgot to finish the sentence, sorry.

Sat, Jun 30, 2007 at 11:59:49PM +0400, Eygene Ryabinkin wrote:
> > 1. Administrator can enforce password expire in /etc/login.conf
> 
> In the /etc/master.passwd. login.conf has the fields, but does
> not implement the functionality, if the manpage is right:
> =====
> RESERVED CAPABILITIES
>      The following capabilities are reserved for the purposes indicated and
>      may be supported by third-party software.  They are not implemented in
>      the base system.
> 
>      Name              Type      Notes     Description
> <...>
>      expireperiod      time                Time for expiry allocation.
>      graceexpire       time                Grace days for expired account.
> =====
> But the following fields are working:
=====
     warnexpire       time                Advance notice for pending account
                                          expiry.
     warnpassword     time                Advance notice for pending password
                                          expiry.
=====
So this can provide some warnings to the user when it logs in.
-- 
Eygene