Spurious warnings about "Warning: your password will expire in 0 days."
Description:
As of yesterday (2024-01-18) I'm getting spurious "Warning: your password will expire in 0 days." from su and login (not sudo though!).
It happens when the password change date (third field) is empty in /etc/shadow. According to man shadow(5) this should be explicitly allowed "An empty field means that password aging features are disabled.". I have a custom automated config management tool, where I never implemented support for putting anything in that third column (since it was optional according to the man page), which is likely the reason I ran into this.
My PAM config is default (apart from also adding fprintd support for graphical login and sudo, no changes to su/login or their included files).
Based on grep the string "Warning: your password will expire in" comes from pam_unix.so. So something is buggy in pam it seems. I don't know if it is a Arch bug or an upstream bug.
Additional info:
- package version(s): pam 1.6.0-3
- config and/or log files:
- link to upstream bug report, if any: https://github.com/linux-pam/linux-pam/issues/743
Steps to reproduce:
- Create an user with empty password change date in /etc/shadow. E.g.
root:PASSWORD-HASH-HERE:::::::
- su to that user, or login on the VT (outside X/Wayland) as that user
- Observe incorrect warning