1
Index: shadow-4.1.1/src/useradd.c
2
===================================================================
3
--- shadow-4.1.1.orig/src/useradd.c 2009-04-02 21:09:54.260892797 -0400
4
+++ shadow-4.1.1/src/useradd.c 2009-04-02 21:09:54.580852116 -0400
6
spent->sp_namp = (char *) user_name;
7
spent->sp_pwdp = (char *) user_pass;
8
spent->sp_lstchg = time ((time_t *) 0) / SCALE;
11
+ * If the system clock is set to Jan-01-1970, the lastchg field will
12
+ * come out as zero (which is the value used when a password is expired
13
+ * with passwd -e. In these cases, replace 0 with -1 to omit the field
14
+ * since whatever value we would come up would be wrong anyway.
17
+ if (spent->sp_lstchg == 0)
19
+ if (spent->sp_pwdp != "!") {
20
+ /* If we're setting a password, display a warning that password aging will be disabled */
23
+ ("%s: warning: system clock set to January 01, 1970.\n"
24
+ "The last changed field will be omitted from /etc/shadow.\n"
25
+ "Password aging will be disabled on this account until a new password is set with the system clock properly set.\n" ),
29
+ spent->sp_lstchg = -1;
33
spent->sp_min = scale_age (getdef_num ("PASS_MIN_DAYS", -1));
34
spent->sp_max = scale_age (getdef_num ("PASS_MAX_DAYS", -1));
35
Index: shadow-4.1.1/src/chpasswd.c
36
===================================================================
37
--- shadow-4.1.1.orig/src/chpasswd.c 2009-04-02 21:09:54.568871823 -0400
38
+++ shadow-4.1.1/src/chpasswd.c 2009-04-02 21:09:54.580852116 -0400
41
process_flags (argc, argv);
46
+ ("%s: warning: system clock set to January 01, 1970.\n"
47
+ "The last changed field will be omitted from /etc/shadow.\n"
48
+ "Password aging will be disabled on this account until a new password is set with the system clock properly set.\n" ),
61
+ * If the system clock is set to Jan-01-1970, the lastchg field will
62
+ * come out as zero (which is the value used when a password is expired
63
+ * with passwd -e. In these cases, replace 0 with -1 to omit the field
64
+ * since whatever value we would come up would be wrong anyway.
67
newsp.sp_lstchg = now;
68
+ if (newsp.sp_lstchg == 0)
69
+ newsp.sp_lstchg = -1;
74
Index: shadow-4.1.1/src/passwd.c
75
===================================================================
76
--- shadow-4.1.1.orig/src/passwd.c 2009-04-02 21:09:54.512870154 -0400
77
+++ shadow-4.1.1/src/passwd.c 2009-04-02 21:09:54.580852116 -0400
79
nsp->sp_lstchg = time ((time_t *) 0) / SCALE;
82
+ * If the system clock is set to Jan-01-1970, the lastchg field will
83
+ * come out as zero (which is the value used when a password is expired
84
+ * with passwd -e. In these cases, replace 0 with -1 to omit the field
85
+ * since whatever value we would come up would be wrong anyway.
88
+ if (nsp->sp_lstchg == 0) {
91
+ ("%s: warning: system clock set to January 01, 1970.\n"
92
+ "The last changed field will be omitted from /etc/shadow.\n"
93
+ "Password aging will be disabled on this account until a new password is set with the system clock properly set.\n" ),
96
+ nsp->sp_lstchg = -1;
100
* Force change on next login, like SunOS 4.x passwd -e or Solaris
101
* 2.x passwd -f. Solaris 2.x seems to do the same thing (set
103
Index: shadow-4.1.1/libmisc/pwd2spwd.c
104
===================================================================
105
--- shadow-4.1.1.orig/libmisc/pwd2spwd.c 2009-04-02 21:09:48.284851709 -0400
106
+++ shadow-4.1.1/libmisc/pwd2spwd.c 2009-04-02 21:09:54.580852116 -0400
109
sp.sp_max = (10000L * DAY) / SCALE;
110
sp.sp_lstchg = time ((time_t *) 0) / SCALE;
112
+ if (sp.sp_lstchg == 0) {
118
Index: shadow-4.1.1/src/newusers.c
119
===================================================================
120
--- shadow-4.1.1.orig/src/newusers.c 2009-04-02 21:09:54.476851191 -0400
121
+++ shadow-4.1.1/src/newusers.c 2009-04-02 21:09:54.580852116 -0400
124
static int rflg = 0; /* create a system account */
126
+static long now = 0;
128
static char *crypt_method = NULL;
129
static long sha_rounds = 5000;
131
const char *salt = crypt_make_salt (crypt_method, crypt_arg);
132
spent.sp_pwdp = pw_encrypt (password, salt);
134
- spent.sp_lstchg = time ((time_t *) 0) / SCALE;
135
+ spent.sp_lstchg = now;
138
+ * If the system clock is set to Jan-01-1970, the lastchg field will
139
+ * come out as zero (which is the value used when a password is expired
140
+ * with passwd -e. In these cases, replace 0 with -1 to omit the field
141
+ * since whatever value we would come up would be wrong anyway.
144
+ if (spent.sp_lstchg == 0)
145
+ spent.sp_lstchg = -1;
147
spent.sp_min = getdef_num ("PASS_MIN_DAYS", 0);
148
/* 10000 is infinity this week */
149
spent.sp_max = getdef_num ("PASS_MAX_DAYS", 10000);
154
+ now = time ((time_t *) 0) / SCALE;
156
Prog = Basename (argv[0]);
158
setlocale (LC_ALL, "");
166
+ ("%s: warning: system clock set to January 01, 1970.\n"
167
+ "The last changed field will be omitted from /etc/shadow.\n"
168
+ "Password aging will be disabled on this account until a new password is set with the system clock properly set.\n" ),
172
is_shadow = spw_file_present ();
175
Index: shadow-4.1.1/src/pwconv.c
176
===================================================================
177
--- shadow-4.1.1.orig/src/pwconv.c 2009-04-02 21:09:48.244903334 -0400
178
+++ shadow-4.1.1/src/pwconv.c 2009-04-02 21:09:54.584850879 -0400
180
const struct spwd *sp;
182
char *Prog = argv[0];
183
+ long now = time ((time_t *) 0) / (24L * 3600L);
185
setlocale (LC_ALL, "");
186
bindtextdomain (PACKAGE, LOCALEDIR);
188
fail_exit (E_FAILURE);
194
+ ("%s: warning: system clock set to January 01, 1970.\n"
195
+ "The last changed field will be omitted from /etc/shadow.\n"
196
+ "Password aging will be disabled on this account until a new password is set with the system clock properly set.\n" ),
201
* Remove /etc/shadow entries for users not in /etc/passwd.
206
spent.sp_pwdp = pw->pw_passwd;
207
- spent.sp_lstchg = time ((time_t *) 0) / (24L * 3600L);
208
+ spent.sp_lstchg = now;
211
+ * If the system clock is set to Jan-01-1970, the lastchg field will
212
+ * come out as zero (which is the value used when a password is expired
213
+ * with passwd -e. In these cases, replace 0 with -1 to omit the field
214
+ * since whatever value we would come up would be wrong anyway.
217
+ if (spent.sp_lstchg == 0) {
218
+ spent.sp_lstchg = -1;
221
if (!spw_update (&spent)) {