[Pkg-shadow-devel] Bug#496789: Bug#496789: passwd(1) still describes the old behaviour of --lock
Nicolas François
nicolas.francois at centraliens.net
Sun Aug 31 23:14:59 UTC 2008
Hi,
On Wed, Aug 27, 2008 at 10:25:59PM +0930, ron at debian.org wrote:
>
> The passwd man page currently says:
>
> -l, --lock
> Lock the password of the named account. This option disables a password
> by changing it to a value which matches no possible encrypted value (it
> adds a ´!´ at the beginning of the password).
>
> Note that this does not disable the account. The user may still be able
> to login using another authentication token (e.g. an SSH key).
> To disable the account, administrators should use usermod --expiredate 1
> (this set the account´s expire date to Jan 2, 1970).
>
> Since the 'Note' now seems to be the default behaviour (which I do like :), it
> should probably either be reworded to reflect that, or dropped entirely. I'd
> guess the former will probably cause the least confusion while people readjust
> their expectation of what -l does.
Sorry, I don't really understand what you would like to change.
In my understanding, the two paragraphs are consistent with the current
(1:4.1.1-4) passwd.
I prefer to describe what -l does, and give additional information to
avoid misread.
If I reverse the two paragraphs, I don't think it will be clearer (there
are a lot of other thinks that passwd -l does not do).
Would you have a proposal?
Thanks in advance,
--
Nekral
More information about the Pkg-shadow-devel
mailing list