Have you tried the code snippet that I posted? It should run without problem, and you can use/assign the result to whatever variable you have.
Should you run into trouble with it or with any other code, please post the error msg in its context (e.g. shell's -x option), so we can help you. The forlorn syntax error on line 1, teletype does not tell me anything that could have gone wrong.
Have you tried the code snippet that I posted? It should run without problem, and you can use/assign the result to whatever variable you have.
Should you run into trouble with it or with any other code, please post the error msg in its context (e.g. shell's -x option), so we can help you. The forlorn syntax error on line 1, teletype does not tell me anything that could have gone wrong.
Hey, my apologies, I found the syntax error was for the built in calculator command "bc" it was what was complaining. I changed my code to below. and I also tried you method and it giving me the same numbers I get now, so thats good. However. I do not think I am doing the checking correctly because I get alot of negative numbers, EVERYTHING is less than the 7 or 0 we check for.
FUll code below:
Code:
#!/bin/ksh -x
#Author:Emmanuel Iroanya Jr
#Date:December 20th, 2012
#Purpose: The purpose of this is to check the Shadow table for the epoch value and warn the users / Email of Password Expiration seven days in advance
ID=`id | cut -d ' ' -f 1`
if [[ "${ID}" != "uid=0(root)" ]]
then
echo "You Need To Be Root To Run This Script, Please and Thank You"
exit 1
fi
export Shadow=/etc/shadow
export EpochSh=`perl -e 'print time, "\n"'`
export Hostname=`hostname`
#Our SSE Email Address that will get notification
export Email="mygroup@mycompany.com"
for line in `cat $Shadow | grep adm`
do
echo $line
done >passFile.txt
for i in `cat passFile.txt`
do
User=`echo $i |cut -d ':' -f 1`
MaxDay=`echo $i | cut -d ':' -f 5`
echo "$MaxDay"
Epoch=`echo $i |cut -d ':' -f 3`
echo "$Epoch"
Eval1=`expr $MaxDay + $Epoch`
Eval2=`expr $EpochSh / 86400`
Eval=`expr $Eval1 - $Eval2`
#export Eval=$(echo '( $MaxDay + $Epoch ) - ( $EpochSh / 86400 ) ' | bc)
echo "$Eval"
if [[ $Eval -lt 7 ]]
then
echo "Password for unix user $User on `hostname` is going to expire in less than a week. Please change it ASAP" | mailx -s 'Password Expiration ' $Email
elif [[ $Eval -le 0 ]]
then
echo "PASSWORD FOR USER $User HAS EXPIRED.PLEASE CHANGE IT ASAP TO AVOID PRODUCTION CRON JOBS FROM FAILING AND THE RESULTING LATE NIGHT CALLS" | mailx -s 'Password Expiration ' $Email
fi
done
---------- Post updated at 04:14 PM ---------- Previous update was at 04:08 PM ----------
You seem to dislike solutions handed to you on a silver plate by e.g. nails or by myself. Both offered a complete modul to you that you could easily grab and use. However, that's up to you.
The negative numbers that you get is because the passwordchange field in /etc/shadow is zero, indicating that newadm never changed it (or, cf. man shadow: The value 0 has a special meaning, which is that the user should change her pasword the next time she will log in the system.). Simple arithmetics show that 0 + 91 - 15729 is negative, so newadm is seriously overdue to change his or her password and will deserve your mail, and rightly. Actually, the password change was due on April 3rd, 1970, you tell me why.
You seem to dislike solutions handed to you on a silver plate by e.g. nails or by myself. Both offered a complete modul to you that you could easily grab and use. However, that's up to you.
The negative numbers that you get is because the passwordchange field in /etc/shadow is zero, indicating that newadm never changed it (or, cf. man shadow: The value 0 has a special meaning, which is that the user should change her pasword the next time she will log in the system.). Simple arithmetics show that 0 + 91 - 15729 is negative, so newadm is seriously overdue to change his or her password and will deserve your mail, and rightly. Actually, the password change was due on April 3rd, 1970, you tell me why.
I don't dislike using solutions handed to me per se, just a little head strong with the way i want it to look, plus didnt know how to use the suggestions properly
Thank you for the patience however.
the newadm example was a bad one, your explanation obviously made sense. I think my real question, and promise your solution will be used, is how to deal with a username like below where a
Code:
passwd -x -1
was used to set the password to never expire. So the MaxDay variable is blank and this is what is causing them all to alarm, it gets a blank value passes it in and the number obviously will be lower that 7 or 0 and causes the email
When admin users don't need to change their password regularly, you might want to reconsider your site's security policy.
However, you can intercept that - depending on your shell - by using e.g. default values for parameters, or, better, sending a mail to the system admininstrator notifying him of the fact.
Disregarding that discussion, you might want to try this:
This will use a default value of 99999 days should maxpw be left empty. Default parameters' availibility may depend on your shell. I've put in echoes for demo purposes; remove them if you want the real stuff...
And, voila, not c[au]ts at all!
When admin users don't need to change their password regularly, you might want to reconsider your site's security policy.
However, you can intercept that - depending on your shell - by using e.g. default values for parameters, or, better, sending a mail to the system admininstrator notifying him of the fact.
Disregarding that discussion, you might want to try this:
This will use a default value of 99999 days should maxpw be left empty. Default parameters may depend on your shell. I've put in echoes for demo purposes; remove them if you want the real stuff...
And, voila, not c[au]ts at all!
You sir are a Genius!! that worked perfectly.
Thanks alot everyone for help. and thanks for the patience.
Hi Lads,
I would like place the mechanism of force reset password to user when he login to the server after his password expired. Currently, We are resetting users once in every 60 days using cron job but I am thinking is there any other way to force reset passwords after it expires? I am using... (1 Reply)
Does anyone know if the default message displayed when a users password has expired can be changed? I am just assuming the message below is the default one. If so please tell.
Using username "justinxx".
justinxx@160.23.12.44's password:
WARNING: Your password has expired.
You must... (2 Replies)
Hi,
I am using sftp in batch script for which all configuration for public/private keys are done and it works fine without asking a password. No issues till this point. Now I the problem I have is that if the password expires/someone changes the authentication keys at reote server then the... (4 Replies)
Hi,
I have a small problem that I need to address regarding the password expiration for a number of different oracle accounts. Currently I have the MAXWEEKS set to 12 in the /etc/default/passwd file for all accounts. I also have sudo installed on the server and users access the oracle accounts... (2 Replies)
Hi All,
Is this true on chage command?
-M, MAX_DAYS
Passing the number -1 as MAX_DAYS will remove checking a password's validity.
Does this means password will not expire anymore?
Thanks for any comment you may add. (0 Replies)
Hello
I want to set the password for user never expire through the command line. For your information the box is running under Solaris 8 platform. (2 Replies)
Hi,
Is there any way to find out the UNIX user's password expire date?. It'll we helpful to inform the users to change the password before it get expires.(FYI - I am not having only admin previlege.) (1 Reply)
Hi,
How to disable passwd expire in HP UNIX by not using SAM ?
In our system SAM have some strange bugs. However due to some reason, we cannot add that patch.
B. Rgds
Christina (3 Replies)
login: TEST7
TEST7's Password:
Your password will expire: Wed Feb 19 14:28:08 2003
How can I the same information become in a script (as example
in the .profile)?????????
My login starts with .profile. These File is a menue with 24 lines and the message " Your password ....." disappear
to... (8 Replies)
01-25-2013
