You can find an updated list of issues here:
https://github.com/irods/irods/issues
Password lifetime
The current lifetime of a temporary password cannot be changed due to the following bugs:
- https://github.com/irods/irods/issues/3742 (pam_password_max_time not working)
- https://github.com/irods/irods/issues/4198 (please further document PAM Auth plugin settings)
- https://github.com/irods/irods/issues/5096 (pam_password_max_time does not allow pass_expiry_ts above 1209600)
- https://github.com/irods/irods/issues/4904 (iinit --ttl parameter overflow)
However an administrator can remove a temporary password of a specific user and force the user to re-authenticate again:
iadmin help rpp rpp Name (remove PAM-derived Password for user Name) Remove iRODS short-term (usually 2 weeks) passwords that are created when users authenticate via the iRODS PAM authentication method. For additional security, when using PAM (system passwords), 'iinit' will create a separate iRODS password that is then used (a subsequent 'iinit' extend its 'life'). If the user's system password is changed, you may want to use this rpp command to require the user to re-authenticate.
Login expiration time
- Logins are expiring more quickly than expected (not adhering to time to live (TTL) parameter).
- You may find your login expiring earlier than what you have specified through the TTL parameter. This is most likely because the value is being overwritten by the default configuration of "password_min_time", which is 121 seconds since a recent upgrade. This parameter can be easily changed by an administrator if desired using the following: https://docs.irods.org/4.3.2/icommands/administrator/#set_grid_configuration.