[Pkg-shadow-devel] Bug#496789: passwd(1) still describes the old behaviour of --lock
Ron
ron at debian.org
Wed Aug 27 12:55:59 UTC 2008
Package: passwd
Version: 1:4.1.1-4
Severity: normal
Hi,
The passwd man page currently says:
-l, --lock
Lock the password of the named account. This option disables a password
by changing it to a value which matches no possible encrypted value (it
adds a ´!´ at the beginning of the password).
Note that this does not disable the account. The user may still be able
to login using another authentication token (e.g. an SSH key).
To disable the account, administrators should use usermod --expiredate 1
(this set the account´s expire date to Jan 2, 1970).
Since the 'Note' now seems to be the default behaviour (which I do like :), it
should probably either be reworded to reflect that, or dropped entirely. I'd
guess the former will probably cause the least confusion while people readjust
their expectation of what -l does.
Thanks!
Ron
More information about the Pkg-shadow-devel
mailing list