[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Determine if new user has changed password

From 'man shadow'

shadow manipulates the contents of the shadow password file,
/etc/shadow. The structure in the #include file is

      struct spwd {
                char *sp_namp; /* user login name */
                char *sp_pwdp; /* encrypted password */
                long sp_lstchg; /* last password change */
                int  sp_min; /* days until change allowed. */
                int  sp_max; /* days before change required */
                int  sp_warn; /* days warning for expiration */
                int  sp_inact; /* days before account inactive */
                int  sp_expire; /* date when account expires */
                int  sp_flag; /* reserved for future use */

The meanings of each field are

sp_namp - pointer to null-terminated user name.
sp_pwdp - pointer to null-terminated password.
sp_lstchg - days since Jan 1, 1970 password was last changed.
sp_min - days before which password may not be changed.
sp_max - days after which password must be changed.
sp_warn - days before password is to expire that user is warned of
pending password expiration.
sp_inact - days after password expires that account is considered inac-
tive and disabled.
sp_expire - days since Jan 1, 1970 when account will be disabled.
sp_flag - reserved for future use.

Note: When a password is changed, the 'sp_lstchg' entry is updated.

You can use that entry to determine if the password was updated.

Ow Mun Heng wrote:


Normal practice when adding a new user is to batch load
(with the same password)and then inform the user to change their username within a set period of time.

The problem statement is.. how do I determine if the user
has changed their password by the end of the grace period.

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]