Disable password expiration

To disable expiration for all accounts, set MAXWEEKS in /etc/default/passwd with an empty value:


To disable expiration just for a specific account, execute the following command (as root):

 passwd -x -1 <username>

Lock user after 'n' attempts

  1. Edit the RETRIES parameter in /etc/default/login
  2. Enable account lockout policy setting the LOCK_AFTER_RETRIES parameter in /etc/security/policy.conf

Unlock a locked account

Use the following command (as root):

 passwd -u <username>

To unlock the account, remove the current password and prompt for a new one after next login, use this command:

 passwd -df <username>

Allow regular users to use chown

To allow regular users to change ownership of files and directories they own, do the following:

  1. Add in /etc/system the line: set rstchown=0
  2. Reboot the system