[Pkg-shadow-devel] Bug#496789: passwd(1) still describes the old behaviour of --lock

Ron ron at debian.org
Wed Aug 27 12:55:59 UTC 2008

Package: passwd
Version: 1:4.1.1-4
Severity: normal


The passwd man page currently says:

   -l, --lock
       Lock the password of the named account. This option disables a password
       by changing it to a value which matches no possible encrypted value (it
       adds a ´!´ at the beginning of the password).

       Note that this does not disable the account. The user may still be able
       to login using another authentication token (e.g. an SSH key).
       To disable the account, administrators should use usermod --expiredate 1
       (this set the account´s expire date to Jan 2, 1970).

Since the 'Note' now seems to be the default behaviour (which I do like :), it
should probably either be reworded to reflect that, or dropped entirely.  I'd
guess the former will probably cause the least confusion while people readjust
their expectation of what -l does.


More information about the Pkg-shadow-devel mailing list