chage命令详细说明20241216

chage(1) — Linux manual page

CHAGE(1) User Commands CHAGE(1)

NAME         top

chage - change user password expiry information

SYNOPSIS         top

chage [options] LOGIN

DESCRIPTION         top

The chage command changes the number of days between password

changes and the date of the last password change. This

information is used by the system to determine when a user must

change their password.

OPTIONS         top

The options which apply to the chage command are:

-d, --lastday LAST_DAY

Set the number of days since January 1st, 1970 when the

password was last changed. The date may also be expressed in

the format YYYY-MM-DD (or the format more commonly used in

your area). If the LAST_DAY is set to 0 the user is forced to

change his password on the next log on.

-E, --expiredate EXPIRE_DATE

Set the date or number of days since January 1, 1970 on which

the user's account will no longer be accessible. The date may

also be expressed in the format YYYY-MM-DD (or the format

more commonly used in your area). A user whose account is

locked must contact the system administrator before being

able to use the system again.

For example the following can be used to set an account to

expire in 180 days:

chage -E $(date -d +180days +%Y-%m-%d)

Passing the number -1 as the EXPIRE_DATE will remove an

account expiration date.

-h, --help

Display help message and exit.

-i, --iso8601

When printing dates, use YYYY-MM-DD format.

-I, --inactive INACTIVE

Set the number of days of inactivity after a password has

expired before the account is locked. The INACTIVE option is

the number of days of inactivity. A user whose account is

locked must contact the system administrator before being

able to use the system again.

Passing the number -1 as the INACTIVE will remove an

account's inactivity.

-l, --list

Show account aging information.

-m, --mindays MIN_DAYS

Set the minimum number of days between password changes to

MIN_DAYS. A value of zero for this field indicates that the

user may change their password at any time.

-M, --maxdays MAX_DAYS

Set the maximum number of days during which a password is

valid. When MAX_DAYS plus LAST_DAY is less than the current

day, the user will be required to change their password

before being able to use their account. This occurrence can

be planned for in advance by use of the -W option, which

provides the user with advance warning.

Passing the number -1 as MAX_DAYS will remove checking a

password's validity.

-R, --root CHROOT_DIR

Apply changes in the CHROOT_DIR directory and use the

configuration files from the CHROOT_DIR directory. Only

absolute paths are supported.

-P, --prefix PREFIX_DIR

Apply changes to configuration files under the root

filesystem found under the directory PREFIX_DIR. This option

does not chroot and is intended for preparing a

cross-compilation target. Some limitations: NIS and LDAP

users/groups are not verified. PAM authentication is using

the host files. No SELINUX support.

-W, --warndays WARN_DAYS

Set the number of days of warning before a password change is

required. The WARN_DAYS option is the number of days prior to

the password expiring that a user will be warned their

password is about to expire.

If none of the options are selected, chage operates in an

interactive fashion, prompting the user with the current values

for all of the fields. Enter the new value to change the field,

or leave the line blank to use the current value. The current

value is displayed between a pair of [ ] marks.

NOTE         top

The chage program requires a shadow password file to be

available.

The chage program will report only the information from the

shadow password file. This implies that configuration from other

sources (e.g. LDAP or empty password hash field from the passwd

file) that affect the user's login will not be shown in the chage

output.

The chage program will also not report any inconsistency between

the shadow and passwd files (e.g. missing x in the passwd file).

The pwck can be used to check for this kind of inconsistencies.

The chage command is restricted to the root user, except for the

-l option, which may be used by an unprivileged user to determine

when their password or account is due to expire.

CONFIGURATION         top

The following configuration variables in /etc/login.defs change

the behavior of this tool:

FILES         top

/etc/passwd

User account information.

/etc/shadow

Secure user account information.

EXIT VALUES         top

The chage command exits with the following values:

0

success

1

permission denied

2

invalid command syntax

15

can't find the shadow password file

SEE ALSO         top

passwd(5), shadow(5).

COLOPHON         top

This page is part of the shadow-utils (utilities for managing

accounts and shadow password files) project. Information about

the project can be found at

⟨https://github.com/shadow-maint/shadow⟩. If you have a bug

report for this manual page, send it to

pkg-shadow-devel@alioth-lists.debian.net. This page was obtained

from the project's upstream Git repository

⟨https://github.com/shadow-maint/shadow⟩ on 2024-06-15. (At that

time, the date of the most recent commit that was found in the

repository was 2024-06-13.) If you discover any rendering

problems in this HTML version of the page, or you believe there

is a better or more up-to-date source for the page, or you have

corrections or improvements to the information in this COLOPHON

(which is not part of the original manual page), send a mail to

man-pages@man7.org