In order to enable password aging in Linux, the shadow file is used. Password aging is not managed in the /etc/passwd file with Linux, unlike other systems.
1. In /etc/login.defs, define PASS_MAX_DAYS to 90 instead of the default 9999:
# vi /etc/login.defs PASS_MAX_DAYS=90
The above data from /etc/login.defs is used by useradd command and it creates the users with the mentioned password age.
2. For existing users reset the password aging using the following comand:
# chage -M 90 username
3. Run the command authconfig and make sure shadow passwords are enabled. NIS by default will not build the shadow file. Edit the file /var/yp/Makefile and make the following changes:
# vi /var/yp/Makefile MERGE_PASSWD=false
In the line all:, add shadow as follows:
all: shadow passwd group hosts rpc services netid protocols mail
4. Run the makefile. It will create a new map shadow.
5. Now NIS holds the password aging information, which can be seen by the following command:
# ypcat shadow.byname | grep user