hey Guys, I haven't posted in a while, But you guys were really helpful alst time.
I have had a issue with User Passwords expiring, and since I dont check /var/cron/log on the regular I never know these suers are expiring, making certain nightly jobs not run.
With this script, I want to be able to check for these particular users password expiration and mail ourselves a reminder.
I saw plenty of examples online, but I have a thing of borrowing from or editing code I cant understand as I want to understand what I am writing, and what the code is doing, helps me learn better.
Below is some code I've written to a way I can understand and work with. This code is dependent on a epoch Perl script I found online. But I dont think that is my problem presently. My problem is that right now, it does through every user in /etc/shadow and checks. I want it to only check a particular set of users our Admin usersnames all end in adm. so I want to only search for users in /etc/shadow ending in adm (for example testbedadm) and check for its expiration dates.
Any Suggestions? And sorry if this was lengthy
#!/bin/ksh
#Author:Emmanuel Iroanya Jr
#Edited:
#Date:December 20th, 2012
#Purpose: The purpose of this is to check the Shadow table for the epoch value and warn the users / Email of Password Expiration seven days in advance
#This script needs the epoch.pl I found on google to work
ID=`id | cut -d ' ' -f 1`
if [[ "${ID}" != "uid=0(root)" ]]
then
echo "You Need To Be Root To Run This Script, Please and Thank You"
exit 1
fi
export Shadow=/etc/shadow
#Location of the epoch.pl script I found from Google to Compare the Date
export EpochSh=/usr/local/bin/epoch.pl
export Hostname=`hostname`
#Our SSE Email Address that will get notification
export Email="!SysEngGrp@mycompany.com"
for i in `cat $Shadow`
do
export User=`echo $i |cut -d ':' -f 1`
export MaxDay=`echo $i | cut -d ':' -f 5`
echo "$MaxDay"
export Epoch=`echo $i |cut -d ':' -f 3`
export Eval=`$EpochSh $Epoch | cut -d ':' -f 2`
echo "$Eval"
if [[ $Eval == `expr $MaxDay - 7` ]]
then
echo "Password for unix user $User on `hostname` is going to expire in a week. Please change it ASAP" | mailx -s 'Password Expiration ' $Email
elif [[ $Eval == `expr $MaxDay - 6` ]]
then
echo "Password for unix user $User on `hostname` is going to expire in 6 days. Please change it ASAP" | mailx -s 'Password Expiration ' $Email
elif [[ $Eval == `expr $MaxDay - 5` ]]
then
echo "Password for unix user $User on `hostname` is going to expire in 5 days. Please change it ASAP" | mailx -s 'Password Expiration ' $Email
elif [[ $Eval == `expr $MaxDay - 4` ]]
then
echo "Password for unix user $User on `hostname` is going to expire in 4 days. Please change it ASAP" | mailx -s 'Password Expiration ' $Email
elif [[ $Eval == `expr $MaxDay - 3` ]]
then
echo "Password for unix user $User on `hostname` is going to expire in 3 days. Please change it ASAP" | mailx -s 'Password Expiration ' $Email
elif [[ $Eval == `expr $MaxDay - 2` ]]
then
echo "Password for unix user $User on `hostname` is going to expire in 2 days. Please change it ASAP" | mailx -s 'Password Expiration ' $Email
elif [[ $Eval == `expr $MaxDay - 1` ]]
then
echo "Password for unix user $User on `hostname` is going to expire in 1 day. Please change it ASAP" | mailx -s 'Password Expiration ' $Email
elif [[ $Eval == "$MaxDay" ]]
then
echo "PASSWORD FOR USER $User HAS EXPIRED.PLEASE CHANGE IT ASAP TO AVOID PRODUCTION CRON JOBS FROM FAILING AND THE RESULTING LATE NIGHT CALLS"
fi
done
---------- Post updated at 05:14 PM ---------- Previous update was at 04:50 PM ----------
So I think I answered my question on how to look for the specific admin user with the below part,
for line in `cat $Shadow | grep adm`
do
echo $line
done >passFile.txt
for i in `cat passFile.txt`
do
rest of my logic etc...
However, when I run it I get a bunch of varying errors like below:
I am assuming the Day Part is from the epoch.pl portion that reads the days the expr syntax error, is that from my math in my if/elseif logic?