NAME top
chage - change user password expiry informationSYNOPSIS top
chage [options] LOGINDESCRIPTION top
The chage command changes the number of days between password changes and the date of the last password change. This information is used by the system to determine when a user must change their password.OPTIONS top
The options which apply to the chage command are: -d, --lastday LAST_DAY Set the number of days since January 1st, 1970 when the password was last changed. The date may also be expressed in the format YYYY-MM-DD (or the format more commonly used in your area). If the LAST_DAY is set to 0 the user is forced to change his password on the next log on. -E, --expiredate EXPIRE_DATE Set the date or number of days since January 1, 1970 on which the user's account will no longer be accessible. The date may also be expressed in the format YYYY-MM-DD (or the format more commonly used in your area). A user whose account is locked must contact the system administrator before being able to use the system again. For example the following can be used to set an account to expire in 180 days: chage -E $(date -d +180days +%Y-%m-%d) Passing the number -1 as the EXPIRE_DATE will remove an account expiration date. -h, --help Display help message and exit. -i, --iso8601 When printing dates, use YYYY-MM-DD format. -I, --inactive INACTIVE Set the number of days of inactivity after a password has expired before the account is locked. The INACTIVE option is the number of days of inactivity. A user whose account is locked must contact the system administrator before being able to use the system again. Passing the number -1 as the INACTIVE will remove an account's inactivity. -l, --list Show account aging information. -m, --mindays MIN_DAYS Set the minimum number of days between password changes to MIN_DAYS. A value of zero for this field indicates that the user may change their password at any time. -M, --maxdays MAX_DAYS Set the maximum number of days during which a password is valid. When MAX_DAYS plus LAST_DAY is less than the current day, the user will be required to change their password before being able to use their account. This occurrence can be planned for in advance by use of the -W option, which provides the user with advance warning. Passing the number -1 as MAX_DAYS will remove checking a password's validity. -R, --root CHROOT_DIR Apply changes in the CHROOT_DIR directory and use the configuration files from the CHROOT_DIR directory. -W, --warndays WARN_DAYS Set the number of days of warning before a password change is required. The WARN_DAYS option is the number of days prior to the password expiring that a user will be warned their password is about to expire. If none of the options are selected, chage operates in an interactive fashion, prompting the user with the current values for all of the fields. Enter the new value to change the field, or leave the line blank to use the current value. The current value is displayed between a pair of [ ] marks.NOTE top
The chage program requires a shadow password file to be available. The chage program will report only the information from the shadow password file. This implies that configuration from other sources (e.g. LDAP or empty password hash field from the passwd file) that affect the user's login will not be shown in the chage output. The chage program will also not report any inconsistency between the shadow and passwd files (e.g. missing x in the passwd file). The pwck can be used to check for this kind of inconsistencies. The chage command is restricted to the root user, except for the -l option, which may be used by an unprivileged user to determine when their password or account is due to expire.CONFIGURATION top
The following configuration variables in /etc/login.defs change the behavior of this tool:FILES top
/etc/passwd User account information. /etc/shadow Secure user account information.EXIT VALUES top
The chage command exits with the following values: 0 success 1 permission denied 2 invalid command syntax 15 can't find the shadow password fileSEE ALSO top
passwd(5), shadow(5).COLOPHON top
This page is part of the shadow-utils (utilities for managing accounts and shadow password files) project. Information about the project can be found at ⟨//github.com/shadow-maint/shadow⟩. If you have a bug report for this manual page, send it to . This page was obtained from the project's upstream Git repository ⟨//github.com/shadow-maint/shadow⟩ on 2021-08-27. (At that time, the date of the most recent commit that was found in the repository was 2021-08-14.) If you discover any rendering problems in this HTML version of the page, or you believe there is a better or more up-to-date source for the page, or you have corrections or improvements to the information in this COLOPHON (which is not part of the original manual page), send a mail to shadow-utils 4.8.1 08/27/2021 CHAGE(1)Pages that refer to this page: shadow(5)
Which command can you use to lock a user account?
To lock a user account use the command usermod -L or passwd -l. Both the commands adds an exclamation mark (“!”) in the second field of the file /etc/shadow.It has to be executed by either boby/privilaged user. It will deny any access which would be done directly using su or with ssh.
Which of the following commands will change the SELinux security context of a file?
1. Temporary Changes: chcon. The chcon command changes the SELinux context for files.
What command can you use to view Journald log entries on a system that uses systemd?
To see the logs that the journald daemon has collected, use the journalctl command. When used alone, every journal entry that is in the system will be displayed within a pager (usually less ) for you to browse. The oldest entries will be up top: journalctl.
Which of the following options for the tar command will create an archive?
To create a tar archive, use the -c option followed by -f and the name of the archive. You can create archives from the contents of one or more directories or files.