Subject: Re: "daily insecurity output" annoyance
To: Perry E. Metzger <firstname.lastname@example.org>
From: Andrew Brown <email@example.com>
Date: 01/25/2001 13:48:24
>Right now, as it stands, /etc/security prints that message out no
>matter what if field two of the password file is not thirteen or
>twenty characters long. (What is twenty characters for?)
20 characters is for md5 based passwords. you're using current, so a
quick look at passwd.conf (sorry, there's no example in the tree)
should give you an idea of this.
>I propose that we distinguish between accounts that are not password
>loginable and accounts that are off by using different characters for
>the second field -- something other than * -- and that I then hack the
>/etc/security script to properly note this distinction and ignore the
>accounts that are intentionally on but password disabled.
to get around this, i always use the string ActiveAccount in the
password field. it's 13 characters and /etc/security doesn't
complain. you could always use ClosedAccount as well. or
SystemAccount. use your imagination.
|-----< "CODE WARRIOR" >-----|
firstname.lastname@example.org * "ah! i see you have the internet
email@example.com (Andrew Brown) that goes *ping*!"
firstname.lastname@example.org * "information is power -- share the wealth."