From 'man shadow'
shadow manipulates the contents of the shadow password file,
/etc/shadow. The structure in the #include file is
struct spwd {
char *sp_namp; /* user login name */
char *sp_pwdp; /* encrypted password */
long sp_lstchg; /* last password change */
int sp_min; /* days until change allowed. */
int sp_max; /* days before change required */
int sp_warn; /* days warning for expiration */
int sp_inact; /* days before account inactive */
int sp_expire; /* date when account expires */
int sp_flag; /* reserved for future use */
}The meanings of each field are
sp_namp - pointer to null-terminated user name.
sp_pwdp - pointer to null-terminated password.
sp_lstchg - days since Jan 1, 1970 password was last changed.
sp_min - days before which password may not be changed.
sp_max - days after which password must be changed.
sp_warn - days before password is to expire that user is warned of
pending password expiration.
sp_inact - days after password expires that account is considered inac-
tive and disabled.
sp_expire - days since Jan 1, 1970 when account will be disabled.
sp_flag - reserved for future use.
Note: When a password is changed, the 'sp_lstchg' entry is updated.
You can use that entry to determine if the password was updated.
Ow Mun Heng wrote:
Hi,
Normal practice when adding a new user is to batch load
(with the same password)and then inform the user to change their username within a set period of time.
The problem statement is.. how do I determine if the user
has changed their password by the end of the grace period.
