I often forget about the Centos Linux chage utility, and it’s ability to manage the expiration data in /etc/shadow. In addition to being able to manage password policies, chage can be be run with the “-l” option to view the policy set for a user, and the date when a users password was last changed:
$ chage -l matty
Minimum: 0 Maximum: 99999 Warning: 7 Inactive: -1 Last Change: Dec 25, 2006 Password Expires: Never Password Inactive: Never Account Expires: Never
If you have a security organization, ‘chage -l’ is a great command to allow them to run through sudo.