password aging under NIS
Good morning,
As NIS don齮 support password aging and i can齮 upgrade my systems to NIS+, i齧 looking for a way to implement password aging under NIS.
I齰e wrote two csh scripts to control the age of user齭 password in this way:
-The first script is called from the ?login?of user when he logs into the system, this script use a NFS shared file called 齯sers_nis?where I record all login name of users plus last julian day he changed his password. So, when the user log into the system, this script look into the 齯sers_nis?file for the record of the user who is logging in and read last day he changed his password, so if he have exceed 30 days from his last password change, he is forced to change his password executing the passwd command from the script. Due to security reasons, the ?login?have 444 permissions and own to root:other and the csh script own to root:other with 555 and is SUID.
-The second script is programmed in cron (in the server) an look all days for users who have exceed 30 days from his last password change into the 齯sers_nis?file, to this type of users, the system send an SMS advertising them to change his password and after one week if these users continue without change his password they are locked.
The problem is that my process work only works under a 齨on?x-window session, because if the password of user have expired, the script called from the ?login?execute automatically the passwd command which is NOT presented to the user during the CDE start (there齭 not interaction with user) so user can齮 change his password and CDE.
So the questions are:
-How can I interact with user from the ?login?script during a X-window session start?
-Is there any other way to implement password aging under NIS?.
Regard and thank for your time,
Jesus
