Methods to control account expiration under Linux:
The enterprise generally gives the unmanaged role account or the developer temporary demand and so on May set the account expiration date, enhances the security!
Method 1: when adding usersuseradd oldboy -e 01/28/12
Or modify the following file parameters:
[[email protected] skel]# grep EXPIRE /etc/default/useradd
Example 7: specify the parameter to execute useradd-d-e
[[email protected] ~]# date +%F
[[email protected] ~]# useradd-d-e 01/19/12 #→ modify the new account expiration time by default, after setting, the new user will expire after this time.
[[email protected] ~]# useradd-d |grep EXPIR #→ modification has worked.
[[email protected] ~]# useradd tmpuser3 #→ add user tmpuser3, note that the -e parameter is not added.
[[email protected] ~]# chage-l tmpuser3 #→ view account expiration time.
Last password change date: January 24, 2012
Password expiration date: never
Password expiration time: never
Account expiration date: on January 19, 2012 # – is to modify the default expiration time.
The minimum number of days between two password changes: 0
The maximum number of days between two password changes: 99999
Number of days before the password expires: 7
[[email protected] ~]# useradd-d-e “” #→ restore after test
[[email protected] ~]# useradd -D
EXPIRE= #→ restored
Special note: only the default value of the configuration file has been changed, which is only valid for new users established later, not for old users.
Method 2: modify the account attributesusermod -e 01/28/12 oldboy
Method 3: adjust account expirationchage -E 01/28/12 oldboy
View account expiration date:chage -l oldboy
Configuration can be scripted, passing a time parameter at each stage.
Let our work more standard, more professional!
The expiration time of c5.8 is postponed by 2 days on the set date.
c6.4The expiration date is 1 day later than the set date.