Use and complete the template provided. The entire template must be completed. If you don't, your post may be deleted!

1. The problem statement, all variables and given/known data:

Hello guys

I am about to write a script that is based on "The Linux Administration Handbook" The exercise is as follows:

Write a shell script to help monitor the health of the /etc/passwd file.

Find entries that have UID0
Find entries that have no password (needs /etc/shadow)
Find any sets of entries that have duplicate UID's
Find entries that have duplicate login names
find entries that have no expiration date (needs /etc/shadow)

I finished point 1,3, and 4. What I am not able to figure out is how to access the shadow file without being root. I thought maybe by exec su | sh, and then access the file. But the user shouldn't have to interact with the script. Here is what I have so far



Any ideas, hints, advice etc. is greatly appreciated. Thank you.

-Daniel

2. Relevant commands, code, scripts, algorithms:

reg expr., flow control, branch statements, iteration through file, mechanism to provide shadow file check without user interference.

3. The attempts at a solution (include all code and scripts):

#!/usr/bin/sh
#
# SCRIPT:    lab5
# AUTHOR:    
# DATE:        8/15/2012
# REV:        1.0A
# PLATFORM:    Linux
# PURPOSE:    Maintain Health of the /etc/passwd file by checking for 
#        duplicate UID's, root ID, duplicate login names,
#        expiration date, entries with no password.
#
#
# REV LIST:
#    DATE:    8/16/2012
#    BY:    
#    MDIFICATION:    add awk for duplicate UID and login name check.
#
#
#
###############################################################################
##################### DEFINE FILES AND VARIABLES HERE #########################
###############################################################################

#    NO VARIABLES


###############################################################################
######################### DEFINE FUNCTIONS HERE ###############################
###############################################################################


#    NO FUNCTIONS


###############################################################################
######################### BEGINNING OF MAIN ###################################
###############################################################################

# This line checks for the root ID. It notifies the user if the root ID 
# exists or not.
echo "Check for root uid..."
awk -F: '$1 = ~/root/ {print "Found Root ID"} ' /etc/passwd        

# Check for duplicate UID by reading the records into an awk array
# and compare the predecessor with the successor. If the comparison 
# result is greater as 1 print the duplicate value.
echo "Check for duplicate UID's..."
awk -F:  'uname[$3]++ && uname[$3]>1 {print "duplicate user:", $1} ' /etc/passwd
echo "Duplicate UID check done"


# Check for duplicate UID by reading the records into an awk array
# and compare the predecessor with the successor. If the comparison 
# result is greater as 1 print the duplicate value.
echo "Check for duplicate user names..."
awk -F:  'uid[$3]++ && uid[$3]>1 {print "duplicate uid:", $3}' /etc/passwd
echo "Duplicate user name check done."

echo "Check for passwords..."

# I am not sure about that one !
#`exec su | sh | awk -F: '$2 ~/$\d$/ {print "User $1 has password}' /etc/shadow |  exit` 
exit 0

# End of Script

My 2 cents:
-About root: its not because your login name is root that you are...

- Finding entries without password, can be more tricky than you imagine: Some UID e.g. bin, lp have no... what are you to look at? all or true users without ?
how do you understand the sentance?

Is there a reason why you doing all using only awk? e.g.
looking for root accounts:
grep :0: /etc/passwd or grep :0:0: /etc/passwd ...

Maybe you should save your 2 cents, since I have no idea what you mean with this statement.

Passwords are usually encrypted using MD5, so passwords in shadow would be $\d$, that is all I need.

What are you trying to say here?

I don't want grep to print the line encountered with my criteria and does it really matter what I use? I use awk since it is convenient for me to use. I wonder why I have to discuss procedures and tools here rather than the problem itslef. A hint on how to ACCESS THE SHADOW FILE FOR REG EXPR COMPARISON WITHOUT ROOT PRIVILEGES is asked here.

You seem to be expecting the /etc/passwd entry for root to be something like:

root:*:0:0:System Administrator:/var/root:/bin/sh

super:*:0:0:System Administrator:/var/super:/bin/sh

I could check for UID 0, that might yield the root account in a variety of circumstances such as root and super as you described. I certainly understand the security threat this script might produce, I even don't understand why this book even thinks that this might be a good exercise. But I think the safest way is to execute this script while the user has root privileges already. I tried running the
as a normal user and then ask for root password in order to to check the passwords and expiration values. So far I couldn't find a way that this script might continue automatically after the su password has been provided. But I think running it as root right from the beginning might be the way to go and is less overhead.

The script that you gave included:

awk -F: '$1 = ~/root/ {print "Found Root ID"} ' /etc/passwd

awk -F: '$1 ~ "root" {print "Found Root ID"} ' /etc/passwd

The utility mentioned above for checking the passwd file is called pwck . There is a similar utility for checking the group file called grpck .
If these utilities are available on your Operating System (whatever that is?), they are very useful.