Lock the password of the named account. This option disables a password by changing it to a value which matches no possible encrypted value (it adds a ?!? at the beginning of the password).
Note that this does not disable the account. The user may still be able to login using another authentication token (e.g. an SSH key).
To disable the account, administrators should use usermod --expiredate 1 (this set the account's expire date to Jan 2, 1970).
Users with a locked password are not allowed to change their password.
修改/etc/shadow中的第2个字段内容,段的原来内容第2个字前会加上一个“!”;前提是该用户设定了自己的密码,否则显示密码的字段会是一个“!”,上锁之后仍是“!”。
用法:passwd -l 用户名
若一用户已离职或正在休假中,为了避免该账户被人不正当使用,可以暂时将该用户帐号锁定,等到需要此账户在打开;另外,也可以在/etc/passwd文件中将要锁定的账号前加“#”或“*”来锁定;若用户上锁,则将使用-S选项时,输出信息的第二部分将显示为“L”,反之则显示“P”。
-u, --unlock
Unlock the password of the named account. This option re-enables apassword by changing the password back to its previous value (tothe value before using the -l option).
与-l选项的作用相反,用法同“-l”参数,用户账号一经上锁,必须使用该参数来打开锁定的帐号;有些时候,若账号使用空白密码(未设密码或者密码已被删除),则此步骤可能会失效,这种情况下,需使用“-f”参数才强制打开该账号。
-n, --mindays MIN_DAYS
Set the minimum number of days between password changes to MIN_DAYS. A value of zero for this field indicates that the user may change his/her password at any time.
修改/etc/shadow中的第4个字段内容,第4个字段被修改为 MIN_DAYS
用法:passwd -n MIN_DAYS 用户名
例子:sudo passwd -n 30 linli
-x, --maxdays MAX_DAYS
Set the maximum number of days a password remains valid. After MAX_DAYS, the password is required to be changed.
修改/etc/shadow中的第5个字段内容,第5个字段被修改为 MAX_DAYS
用法:passwd -x MAX_DAYS 用户名
例子:sudo passwd -x 60 linli
-w, --warndays WARN_DAYS
Set the number of days of warning before a password change is required. The WARN_DAYS option is the number of days prior to the
password expiring that a user will be warned that his/her password is about to expire.
修改/etc/shadow中的第6个字段内容,第6个字段被修改为 WARN_DAYS
用法:passwd -w WARN_DAYS 用户名
例子:sudo passwd -w 40 linli
-i, --inactive INACTIVE
This option is used to disable an account after the password hasbeen expired for a number of days. After a user account has had an expired password for INACTIVE days, the user may no longer sign on to the account.
修改/etc/shadow中的第7个字段内容,第7个字段内容被修改为 INACTIVE
用法:passwd -i INACTIVE 用户名
例子:sudo passwd -i 100 linli
以上修改的内容将以-S参数予以显示:
-S, --status
Display account status information. The status information consists of 7 fields. The first field is the user's login name. The second field indicates if the user account has a locked password (L), has no password (NP), or has a usable password (P). The third field gives the date of the last password change. The next four fields are the minimum age, maximum age, warning period, and inactivity
period for the password. These ages are expressed in days.
主要是显示用户账号信息,可以了解密码的设置与否以及密码的失效时间等。
用法:passwd -S 用户名
输出信息:
administrator@ubuntu:/home$ sudo passwd -S linli零度科技原文链接:http://www.ldisp.com/a/linux/2014/Linux-passwd.shtml
上一篇:Linux chattr命令使用详解
下一篇:测试网站集群节点的页面访问是否正常
