Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

help on /etc/security/user file

Status
Not open for further replies.
Edward1982

Edward1982

Technical User
Oct 1, 2008
15
US
We have applied a new password policy for our organization about 3 months ago. The problem is that we are now being prompted to change the Root password. Which line needs to be added or modified in the /etc/security/user file to avoid having to change the Root password? Thanks for your help.
 
Sort by date Sort by votes
It's a flag for root's password in /etc/security/passwd you're after:

[tt]root:
password = MGURSj.F056Dj
lastupdate = 623078865
flags = NOCHECK[/tt]

You can set that flag with

[tt]pwdadm -c root # clear all root password flags
pwdadm -f NOCHECK root # set NOCHECK flag for root password[/tt]

But it IS a good idea to periodically change passwords, including root's password.

HTH,

p5wizard
 
Upvote 0 Downvote
What p5wizard said is one way to do this but of course this will bypass any other restrictions applied by the /etc/security/user!

The best thing is to reset maxage attribute in the /etc/security/user for root to zero!

Code: 
maxage
Defines the maximum age (in weeks) of a password. The password must be changed by this time. The value is a decimal integer string. The default is a value of 0, indicating no maximum age.

This will prevent the password from expiring!

Again i second p5wizard opinion into keeping this policy as it is a good idea to change the root password from time to time!

Regards,
Khalid
 
Upvote 0 Downvote
A full description of /etc/security/user can be found here:


It is recommended to change values inside the /etc/security/user using the chuser command as descriped here:


What you are after can be done using the following:

Code: 
chuser maxage=0 root

Regards,
Khalid
 
Upvote 0 Downvote
Great guys, thanks for the help, I did not consider the passwd file. Yes, you are correct about changing the root password. We didn't want to change it as much as the users have to thiers.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

E
  • Question
AIX Power5 on 5.3- On varyonvg error "cannot be varied on because no good copies of the descriptor area"
Replies
1
Views
295
JenLM
J
mohamedazrin
  • Locked
  • Question
Need some help with extend the PP
Replies
1
Views
271
Andjey
Andjey
David Figueiredo
  • Locked
  • Question
CDE on AIX
Replies
0
Views
183
David Figueiredo
David Figueiredo
bjvail
  • Locked
  • Question
IBM PS700 replaced, map existing drives on DS3500
Replies
1
Views
149
iggsterman
iggsterman
mar3i
  • Locked
  • Question
Cannot inrease var filesystem 1
Replies
2
Views
159
pa2nc
pa2nc

Part and Inventory Search

Sponsor

Back
Top