Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.
For bugs related to Red Hat Enterprise Linux 3 product line. The current stable release is 3.9. For Red Hat Enterprise Linux 6 and above, please visit Red Hat JIRA https://issues.redhat.com/secure/CreateIssue!default.jspa?pid=12332745 to report new issues.

Bug 216635

Summary: chage does not show the Account Expires if its shadow field is 0.
Product: Red Hat Enterprise Linux 3 Reporter: Jose Plans <jplans>
Component: shadow-utilsAssignee: Peter Vrabec <pvrabec>
Status: CLOSED ERRATA QA Contact: David Lawrence <dkl>
Severity: medium Docs Contact:
Priority: medium    
Version: 3.8CC: tao
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: RHSA-2007-0431 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2007-06-11 17:51:55 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 212183    
Attachments:
Description Flags
chage_account_expire none

Description Jose Plans 2006-11-21 09:45:32 UTC 
Description of problem:
Setting up in /etc/shadow :
 --
foo:pass:13454:0:99999:7::0:
 --

Will make chage not show the Account Expires field, as follows :
 --
Account Expires:        Never 
 --

My understanding is that Linux' based tools use -1 as the undefined value,
however on other UNIX platforms, 0 was used.
Checking on the source code there is still a bad condition that got fixed
upstream and is also fixed on RHEL4.

 --
if (expdays <= 0) {
 --

Which should be < to allow just -1. The fact 0 is included on the test makes
that date not shown, even if being that date a wrong setup, as by logic you
would expect the system administrator to have date + Days setup.
Otherwise the account gets blocked.

However, if there is a legacy application ported from another UNIX, that uses
shadow somehow and sets 0, then the account reset will be refused to access.

Version-Release number of selected component (if applicable):
shadow-utils-4.0.3-26.RHEL3

How reproducible:
Always

Steps to Reproduce:
1. Add a test user.
2. Edit manually /etc/shadow adding 0 in the sp_expire field.
3. chage the user. chage -l foo. 
  
Actual results:
Account Expires: Never.

Expected results:
Account Expires: Jan 01, 1970.

Additional info:
Patch attached.
Comment 1 Jose Plans 2006-11-21 09:45:33 UTC 
Created attachment 141745 [details]
chage_account_expire
Comment 9 Red Hat Bugzilla 2007-06-11 17:51:55 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2007-0431.html