What command allows an administrator to set password expiration policies?

The command that allows an administrator to set password expiration policies is chage. This command is specifically designed for managing user password aging and expiration details on a Linux system.

When an administrator uses chage, they can specify various parameters such as the maximum number of days a password remains valid before it must be changed, the minimum number of days that must pass before a user can change their password, the warning period before a password expires, and even account expiration dates. This level of control helps enforce security policies within an organization by ensuring that users regularly update their credentials.

The other commands listed do not pertain to password expiration. getenforce and sestatus are used for checking the status of SELinux, and setenforce is employed to change the SELinux mode between enforcing and permissive. None of these commands deal with password management or expiration policies. Therefore, chage stands out as the correct choice for managing password expiration settings.