I hope one of you has already done this and is kind enough to share your script with me.
I have a Solaris8 server that uses password aging for its local user accounts. I need a script that checks the age of the password and then sends the user an email if the password is about to expire. It needs to send an email when the password will expire in 10 days then it needs to send a second email when there is 5 days left before it expires. It also needs to send an email to an admin account if a password has already expired, including the root password.
For anyone that might be interested in doing the same thing.. Here is my script
#! /bin/sh
#
# Goran Cvetanoski - 19/12/2006
#
# pwage
#
# This script works out the time left before a password expires
#
# It will send a reminder email 10 days and 3 days before the password
# will expire. The email will go to unix.admin@mydomain.com.au unless an
# alternate email address is specified. An email will also be sent if a
# password has expired.
#
# The following command will send results to unix.admin@mydomain.com.au
# pwage oracle
#
# Specify an alternate email address if you would like the results to be
# sent to a different email address.
# ie:
# pwage oracle oracledba@mydomain.com.au
#
#
# CHANGE LOG
# =========================================================================
# 19/12/2006 - Goran Base script created
#
LOG=/tmp/pwage.log
DASHES="-----------------------------"
show()
{
echo "$DASHES $1 $DASHES" >> $LOG
shift
eval "$@" >> $LOG
echo "" >> $LOG
}
usage ()
{
echo " Usage: pwage user "
echo ""
echo " user : User id to check password age"
echo " email: Users email address. If not specified Unix"
echo " Admin will receive the email"
echo ""
echo " In these two examples unix.admin will be notified"
echo " pwage oracle unix.admin@mydomain.com.au"
echo " pwage oracle"
echo ""
echo " In this example oracledba will be notified"
echo " pwage oracle oracledba@mydomain.com.au"
}
scriptargs()
{
echo Date: `date`
echo System: `uname -a`
}
SendMail()
{
cat $LOG | mailx -s "$1" $NOTIFY
}
reminder ()
{
echo "Date: `date`"
echo ""
echo "Please change your password within the next $EXPIRE days"
}
expired ()
{
echo "Date: `date`"
echo ""
echo "The password for $USER has expired"
echo "$USER last changed their password on $LSTCNG"
echo "The maximum age for the password is $MAX days"
echo "and it has expired $EXPIRE days ago"
}
cat /dev/null > $LOG
if [ "$1" = "" ]
then
NOTIFY=unix.admin@mydomain.com.au
show "U S A G E" usage
SendMail "Error from command pwage on `uname -n`"
cat $LOG
cat /dev/null > $LOG
exit 1
fi
if [ "$2" = "" ]
then
USER=$1
NOTIFY=unix.admin@mydomain.com.au
else
USER=$1
NOTIFY=$2
fi
CURRENT_EPOCH=`grep $USER /etc/shadow | cut -d: -f3`
# Find the epoch time since the user's password was last changed
EPOCH=`/bin/perl -e 'print int(time/(60*60*24))'`
# Compute the age of the user's password
AGE=`echo $EPOCH - $CURRENT_EPOCH | /bin/bc`
# Compute and display the number of days until password expiration
MAX=`grep $USER /etc/shadow | cut -d: -f5`
EXPIRE=`echo $MAX - $AGE | /bin/bc`
CHANGE=`echo $CURRENT_EPOCH + 1 | /bin/bc`
LSTCNG="`perl -e 'print scalar localtime('$CHANGE' * 24 *3600);'`"
if [ "$EXPIRE" = 10 ]
then
show "R E M I N D E R" reminder
SendMail "$USER Password Info On `uname -n`"
fi
if [ "$EXPIRE" = 3 ]
then
show "R E M I N D E R" reminder
SendMail "URGENT: $USER Password Info On `uname -n`"
fi
if [ "$EXPIRE" -lt 0 ]
then
show "E X P I R E D" expired
SendMail "WARNING: $USER Password Expired On `uname -n`"
fi
# Uncomment the 2 lines below to see the results from the script
#echo "$USER's password expires in $EXPIRE days"
#echo "$USER last changed their password on $LSTCNG"
cat /dev/null > $LOG
exit 0