chage(1) - f31

1CHAGE(1)                         User Commands                        CHAGE(1)
2
3
4

NAME

6       chage - change user password expiry information
7

SYNOPSIS

9       chage [options] LOGIN
10

DESCRIPTION

12       The chage command changes the number of days between password changes
13       and the date of the last password change. This information is used by
14       the system to determine when a user must change their password.
15

OPTIONS

17       The options which apply to the chage command are:
18
19       -d, --lastday LAST_DAY
20           Set the number of days since January 1st, 1970 when the password
21           was last changed. The date may also be expressed in the format
22           YYYY-MM-DD (or the format more commonly used in your area). If the
23           LAST_DAY is set to 0 the user is forced to change his password on
24           the next log on.
25
26       -E, --expiredate EXPIRE_DATE
27           Set the date or number of days since January 1, 1970 on which the
28           user's account will no longer be accessible. The date may also be
29           expressed in the format YYYY-MM-DD (or the format more commonly
30           used in your area). A user whose account is locked must contact the
31           system administrator before being able to use the system again.
32
33           For example the following can be used to set an account to expire
34           in 180 days:
35
36                        chage -E $(date -d +180days +%Y-%m-%d)
37
38
39           Passing the number -1 as the EXPIRE_DATE will remove an account
40           expiration date.
41
42       -h, --help
43           Display help message and exit.
44
45       -I, --inactive INACTIVE
46           Set the number of days of inactivity after a password has expired
47           before the account is locked. The INACTIVE option is the number of
48           days of inactivity. A user whose account is locked must contact the
49           system administrator before being able to use the system again.
50
51           Passing the number -1 as the INACTIVE will remove an account's
52           inactivity.
53
54       -l, --list
55           Show account aging information.
56
57       -m, --mindays MIN_DAYS
58           Set the minimum number of days between password changes to
59           MIN_DAYS. A value of zero for this field indicates that the user
60           may change their password at any time.
61
62       -M, --maxdays MAX_DAYS
63           Set the maximum number of days during which a password is valid.
64           When MAX_DAYS plus LAST_DAY is less than the current day, the user
65           will be required to change their password before being able to use
66           their account. This occurrence can be planned for in advance by use
67           of the -W option, which provides the user with advance warning.
68
69           Passing the number -1 as MAX_DAYS will remove checking a password's
70           validity.
71
72       -R, --root CHROOT_DIR
73           Apply changes in the CHROOT_DIR directory and use the configuration
74           files from the CHROOT_DIR directory.
75
76       -W, --warndays WARN_DAYS
77           Set the number of days of warning before a password change is
78           required. The WARN_DAYS option is the number of days prior to the
79           password expiring that a user will be warned their password is
80           about to expire.
81
82       If none of the options are selected, chage operates in an interactive
83       fashion, prompting the user with the current values for all of the
84       fields. Enter the new value to change the field, or leave the line
85       blank to use the current value. The current value is displayed between
86       a pair of [ ] marks.
87

NOTE

89       The chage program requires a shadow password file to be available.
90
91       The chage program will report only the information from the shadow
92       password file. This implies that configuration from other sources (e.g.
93       LDAP or empty password hash field from the passwd file) that affect the
94       user's login will not be shown in the chage output.
95
96       The chage program will also not report any inconsistency between the
97       shadow and passwd files (e.g. missing x in the passwd file). The pwck
98       can be used to check for this kind of inconsistencies.
99
100       The chage command is restricted to the root user, except for the -l
101       option, which may be used by an unprivileged user to determine when
102       their password or account is due to expire.
103

CONFIGURATION

105       The following configuration variables in /etc/login.defs change the
106       behavior of this tool:
107

FILES

109       /etc/passwd
110           User account information.
111
112       /etc/shadow
113           Secure user account information.
114

EXIT VALUES

116       The chage command exits with the following values:
117
118       0
119           success
120
121       1
122           permission denied
123
124       2
125           invalid command syntax
126
127       15
128           can't find the shadow password file
129