> 1. the userid isn't deleted or anything like that. > > 2. validuntil is only checked in password authentication methods; if you > are able to connect via a non-password auth method (eg IDENT) then it's > not checked. > > I've never been quite sure whether #2 is a bug or a feature, though.
Without knowing the history, I would have assumed that this was added to be the start of a 'password ageing' function. Similar fields exist in GCOS passwd files, but very few systems use them. I got bitten by this when some of my user account (in a 6.x DB) were invalidated after two years. Like I remembered to check... Peter ---------------------------(end of broadcast)--------------------------- TIP 3: if posting/reading through Usenet, please send an appropriate subscribe-nomail command to [EMAIL PROTECTED] so that your message can get through to the mailing list cleanly
