In order to comply with CIS Benchmark, the password minimum age should
be 1 day, maximum age should be no more than 365 days, inactive password
lock should be less than or equal to 45 days, and password encryption
should be set to SHA512.
This commit adds those requirements to the default user settings.
Test Plan:
PASS: Run build-pkgs -c -p shadow-utils-config.
PASS: Run build-image.
PASS: Run fresh install of AIO-SX with complete bootstrap and unlock of
the controller-0.
PASS: Run fresh install of AIO-DX with complete bootstrap and unlock of
controller-0 and controller-1.
PASS: Perform backup and restore and verify that the rules apply.
PASS: Run `chage -l sysadmin` after bootstrap and check if the password
expires 90 days in the future.
Story: 2011283
Task: 51443
Change-Id: Ic6e2d88d4317a565ea043caaac14e73b723171f3
Signed-off-by: Rodrigo Tavares <Rodrigo.DosSantosTavares@windriver.com>
6969881a60