Commit 6eca6567 authored by Leigh Stoller's avatar Leigh Stoller

Add EXPIRE_PASSWORDS config variable, which defaults to 1 for the moment.

When zero, we do not set an expiration on passwords.
parent e2d24242
......@@ -70,6 +70,7 @@ my $BUGDBSUPPORT= @BUGDBSUPPORT@;
my $OPSDBSUPPORT= @OPSDBSUPPORT@;
my $CHATSUPPORT = @CHATSUPPORT@;
my $MAILMANSUPPORT= @MAILMANSUPPORT@;
my $EXPIRE_PASSWORDS = @EXPIRE_PASSWORDS@;
my $THISHOMEBASE= "@THISHOMEBASE@";
my $PROTOUSER = 'elabman';
my $ELABINELAB = @ELABINELAB@;
......@@ -682,7 +683,7 @@ sub UpdatePassword()
if (! $target_user->SameUser($this_user)) {
$expires = "now()";
}
else {
elsif ($EXPIRE_PASSWORDS) {
$expires = "date_add(now(), interval 1 year)";
}
......
......@@ -660,6 +660,7 @@ BS_IQN_PREFIX
ATTENUATOR
CLUSTER_PORTAL
CLUSTER_PUBSUBD_PORT
EXPIRE_PASSWORDS
AMD_ROOT
WITHAMD
ZFS_NOEXPORT
......@@ -5154,6 +5155,7 @@ BS_IQN_PREFIX=iqn.2000-10.net.emulab
ATTENUATOR=""
CLUSTER_PORTAL=""
CLUSTER_PUBSUBD_PORT=""
EXPIRE_PASSWORDS=1
#
# XXX You really don't want to change these!
......
......@@ -315,6 +315,7 @@ AC_SUBST(BS_IQN_PREFIX)
AC_SUBST(ATTENUATOR)
AC_SUBST(CLUSTER_PORTAL)
AC_SUBST(CLUSTER_PUBSUBD_PORT)
AC_SUBST(EXPIRE_PASSWORDS)
#
# Offer both versions of the email addresses that have the @ escaped
......@@ -480,6 +481,7 @@ BS_IQN_PREFIX=iqn.2000-10.net.emulab
ATTENUATOR=""
CLUSTER_PORTAL=""
CLUSTER_PUBSUBD_PORT=""
EXPIRE_PASSWORDS=1
#
# XXX You really don't want to change these!
......
......@@ -60,6 +60,7 @@ my $MIN_UNIX_UID = @MIN_UNIX_UID@;
my $MIN_UNIX_GID = @MIN_UNIX_GID@;
my $tbacct = "$TB/sbin/tbacct";
my $MKUSERCERT = "$TB/sbin/mkusercert";
my $EXPIRE_PASSWORDS = @EXPIRE_PASSWORDS@;
# Create() flags.
$NEWUSER_FLAGS_PROJLEADER = 0x01;
......@@ -1476,8 +1477,14 @@ sub SetPassword($$;$)
my $uid_idx = $self->uid_idx();
$expires = "date_add(now(), interval 1 year)"
if (!defined($expires));
if (!defined($expires)) {
if ($EXPIRE_PASSWORDS) {
$expires = "date_add(now(), interval 1 year)";
}
else {
$expires = "null";
}
}
# Clear the chpasswd stuff anytime passwd is set.
return -1
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment