Check password age

Tornado · #1 (**permalink**) 12-18-2006

Hi Guys,

I hope one of you has already done this and is kind enough to share your script with me.

I have a Solaris8 server that uses password aging for its local user accounts. I need a script that checks the age of the password and then sends the user an email if the password is about to expire. It needs to send an email when the password will expire in 10 days then it needs to send a second email when there is 5 days left before it expires. It also needs to send an email to an admin account if a password has already expired, including the root password.

Thanks...

anbu23 · #2 (**permalink**) 12-18-2006

check this link
http://groups-beta.google.com/group/...d1564cb6?hl=en

Tornado · #3 (**permalink**) 12-18-2006

Thanks for that, I think I should be able to use it in a script to do what I want.

Tornado · #4 (**permalink**) 12-19-2006

For anyone that might be interested in doing the same thing.. Here is my script

Code:

#! /bin/sh
#
# Goran Cvetanoski - 19/12/2006
#
# pwage
#
# This script works out the time left before a password expires
#
# It will send a reminder email 10 days and 3 days before the password
# will expire. The email will go to unix.admin@mydomain.com.au unless an
# alternate email address is specified. An email will also be sent if a
# password has expired.
#
# The following command will send results to unix.admin@mydomain.com.au
# pwage oracle
#
# Specify an alternate email address if you would like the results to be
# sent to a different email address.
# ie:
# pwage oracle oracledba@mydomain.com.au
#
#
# CHANGE LOG
# =========================================================================
# 19/12/2006 - Goran Base script created
#

LOG=/tmp/pwage.log

DASHES="-----------------------------"

show()
{
    echo "$DASHES $1 $DASHES" >> $LOG
    shift
    eval "$@" >> $LOG
    echo "" >> $LOG
}

usage ()
{
    echo " Usage: pwage user [email]"
    echo ""
    echo " user : User id to check password age"
    echo " email: Users email address. If not specified Unix"
    echo "        Admin will receive the email"
    echo ""
    echo " In these two examples unix.admin will be notified"
    echo " pwage oracle unix.admin@mydomain.com.au"
    echo " pwage oracle"
    echo ""
    echo " In this example oracledba will be notified"
    echo " pwage oracle oracledba@mydomain.com.au"
}

scriptargs()
{
        echo Date: `date`
        echo System: `uname -a`
}

SendMail()
{
    cat $LOG | mailx -s "$1" $NOTIFY
}

reminder ()
{

echo "Date: `date`"
echo ""
echo "Please change your password within the next $EXPIRE days"
}

expired ()
{
echo "Date: `date`"
echo ""
echo "The password for $USER has expired"
echo "$USER last changed their password on $LSTCNG"
echo "The maximum age for the password is $MAX days"
echo "and it has expired $EXPIRE days ago"
}

cat /dev/null > $LOG

if [ "$1" = "" ]
    then
        NOTIFY=unix.admin@mydomain.com.au
        show "U S A G E" usage
        SendMail "Error from command pwage on `uname -n`"
        cat $LOG
        cat /dev/null > $LOG
        exit 1
fi

if [ "$2" = "" ]
    then
        USER=$1
        NOTIFY=unix.admin@mydomain.com.au
    else
        USER=$1
        NOTIFY=$2
fi

CURRENT_EPOCH=`grep $USER /etc/shadow | cut -d: -f3`

# Find the epoch time since the user's password was last changed
EPOCH=`/bin/perl -e 'print int(time/(60*60*24))'`

# Compute the age of the user's password
AGE=`echo $EPOCH - $CURRENT_EPOCH | /bin/bc`

# Compute and display the number of days until password expiration
MAX=`grep $USER /etc/shadow | cut -d: -f5`
EXPIRE=`echo $MAX - $AGE | /bin/bc`

CHANGE=`echo $CURRENT_EPOCH + 1 | /bin/bc`
LSTCNG="`perl -e 'print scalar localtime('$CHANGE' * 24 *3600);'`"

if [ "$EXPIRE" = 10 ]
    then
        show "R E M I N D E R" reminder
        SendMail "$USER Password Info On `uname -n`"
fi

if [ "$EXPIRE" = 3 ]
    then
        show "R E M I N D E R" reminder
        SendMail "URGENT: $USER Password Info On `uname -n`"
fi

if [ "$EXPIRE" -lt 0 ]
    then
        show "E X P I R E D" expired
        SendMail "WARNING: $USER Password Expired On `uname -n`"
fi

# Uncomment the 2 lines below to see the results from the script
#echo "$USER's password expires in $EXPIRE days"
#echo "$USER last changed their password on $LSTCNG"

cat /dev/null > $LOG
exit 0

More UNIX and Linux Forum Topics You Might Find Helpful
Thread	Thread Starter	Forum	Replies	Last Post
password complexity check	dbsora	SUN Solaris	1	08-29-2006 02:30 PM
password check	riya	UNIX for Dummies Questions & Answers	1	03-26-2006 09:44 PM
Script to check for a file, check for 2hrs. then quit	mmarsh	UNIX for Dummies Questions & Answers	2	09-16-2005 03:46 PM
Change password by pushing encrypted password to systems	benq70	UNIX for Dummies Questions & Answers	1	09-02-2005 10:08 AM
check root password	collins	High Level Programming	1	01-17-2005 11:55 AM

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Display Modes	Rate This Thread
Switch to Linear Mode Hybrid Mode Switch to Threaded Mode	Rate This Thread:


	Powered by