Setting the Validity Period of a User Account
To ensure user security, you need to set the validity period of a user. You can run the chage command to set the validity period of a user.
Command:
chage [-m mindays] [-M maxdays] [-d lastday] [-I inactive] [-E expiredate] [-W warndays] user
For details, see Table 1.
Parameter |
Description |
|---|---|
-d --lastday |
Date when a password was changed the last time. |
-E --expiredate |
Date when a user account expires. The user account is unavailable when the account validity period has expired. |
-h --help |
Displays command help information. |
-i --iso8601 |
Changes the expiration date of a user password and displays the date in the YYYY-MM-DD format. |
-I --inactive |
Expiry grace period in days. After the specified time period has expired, a password becomes invalid. |
-l --list |
Lists the current settings. It helps non-privileged users to determine the time when their passwords or accounts expire. |
-m --mindays |
Minimum number of days before a password can be changed. The value 0 indicates that a password can be changed at any time. |
-M --maxdays |
Maximum validity period (days) of a password. The value -1 indicates that the validity check of a password can be disabled. The value 99999 indicates that the validity period is unlimited. |
-R --root |
Sets the root directory where the command is executed to a specified directory. |
-W --warndays |
Number of days in advance users are notified that their passwords are about to expire. |
- The date format is YYYY-MM-DD. For example, chage -E 2017-12-01 test indicates that the password of user test expires on December 1, 2017.
- user must be specified. Replace it with the actual user name. The default user is root.
- The account password must be updated periodically to prevent security risks.
For example, to change the validity period of user test to 90 days, run the following command:
chage -M 90 test