AlmaLinux OS 9 must automatically expire temporary accounts within 72 hours.

Temporary accounts are accounts created during a time of need when prompt action requires bypassing the normal account creation authorization process – such as during incident response. If these temporary accounts are left enabled (and may have elevated permissions via sudo, group membership or SSH keys) and are not automatically expired or manually removed, the security posture of the system will be degraded and left vulnerable to insider threat. Temporary accounts are not the same as "last resort" or "break glass" emergency accounts which are local system accounts to be used by and maintained by authorized system administrators when standard remote access/authentication is unavailable. Emergency accounts are not subject to removal or expiration requirements. Satisfies: SRG-OS-000002-GPOS-00002, SRG-OS-000123-GPOS-00064