Spurious warnings about "Warning: your password will expire in 0 days."

Description:

As of yesterday (2024-01-18) I'm getting spurious "Warning: your password will expire in 0 days." from su and login (not sudo though!).

It happens when the password change date (third field) is empty in /etc/shadow. According to man shadow(5) this should be explicitly allowed "An empty field means that password aging features are disabled.". I have a custom automated config management tool, where I never implemented support for putting anything in that third column (since it was optional according to the man page), which is likely the reason I ran into this.

My PAM config is default (apart from also adding fprintd support for graphical login and sudo, no changes to su/login or their included files).

Based on grep the string "Warning: your password will expire in" comes from pam_unix.so. So something is buggy in pam it seems. I don't know if it is a Arch bug or an upstream bug.

Additional info:

package version(s): pam 1.6.0-3
config and/or log files:
link to upstream bug report, if any: https://github.com/linux-pam/linux-pam/issues/743

Steps to reproduce:

Create an user with empty password change date in /etc/shadow. E.g. root:PASSWORD-HASH-HERE:::::::
su to that user, or login on the VT (outside X/Wayland) as that user
Observe incorrect warning

Edited Jan 19, 2024 by Arvid Norlander

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information

Admin message

Spurious warnings about "Warning: your password will expire in 0 days."

Description:

Additional info:

Steps to reproduce: