Manage the shadow file
Returns the default hash used for unset passwords
CLI Example:
salt '*' shadow.default_hash
Return information for the specified user
CLI Example:
salt '*' shadow.info root
sets the value for the date the password was last changed to the epoch (January 1, 1970). See man chage.
CLI Example:
salt '*' shadow.set_date username 0
Set the number of days of inactivity after a password has expired before the account is locked. See man chage.
CLI Example:
salt '*' shadow.set_inactdays username 7
Set the maximum number of days during which a password is valid. See man chage.
CLI Example:
salt '*' shadow.set_maxdays username 90
Set the minimum number of days between password changes. See man chage.
CLI Example:
salt '*' shadow.set_mindays username 7
Set the password for a named user. The password must be a properly defined hash. The password hash can be generated with this command:
python -c "import crypt; print crypt.crypt('password', '\$6\$SALTsalt')"
SALTsalt is the 8-character crpytographic salt. Valid characters in the salt are ., /, and any alphanumeric character.
Keep in mind that the $6 represents a sha512 hash, if your OS is using a different hashing algorithm this needs to be changed accordingly
CLI Example:
salt '*' shadow.set_password root '$1$UYCIxa628.9qXjpQCjM4a..'
Set the number of days of warning before a password change is required. See man chage.
CLI Example:
salt '*' shadow.set_warndays username 7
Current Salt release: 2014.1.6
Docs for previous releases on salt.rtfd.org.