Comment 3 for bug 349504

Trivial comments first: there's a duplicate patch file in the debdiff; it looks like the patch isn't consistently using the same tab/space conventions as the original source.

I checked glibc, and it does indeed consistently interpret an empty sp_lstchg field as -1.

I checked PAM (modules/pam_unix/passverify.c). It doesn't do anything special with sp_lstchg == -1; instead it's just as if you'd set a last changed date of 31 December 1969. Arguably this is a bug in PAM. That said, with a 99999-day expiry, we'll very probably all be dead before it matters.

Do you think we need to do anything with any of the other tools in shadow? shadow gets the time in several independent places. I'm perfectly happy for the answer to be "no", as long as we've thought about it.