basically there are several different versions of hpux, this script is for particular version that is non-trusted but also does not use any shadow files.This one is a little harder to do.
Usually the time stamp of the last password change is stored as an epoch number in the shadow file, for non-shadow untrusted servers the
only clue is the date in the third field from "passwd -s" command
#passwd -s sparcguy
sparcguy PS 06/02/11 0 91
06/02/11 this date I believe is stored in encrypted password in the format as month/day/year
I'm using a perl function str2time() which can convert dates to epoch numbers but takes the format of year(xxxx)/month(xx)/day(xx)
it will not work without this perl str2time module, so you need to check under "HTTP : Date" if you the module installed and if not you have to download it.
So to get this to work we first need to do a little formatting of the date.
As usual the description field of your userid must contain an email in the form of \+email@domain.com
example:
sparcguy:<encrypted passwd>:100:100:+sparcguy@unix.com:/home/sparcguy:/usr/bin/ksh
#! /bin/sh
# Script to check password aging for non-trusted hpux servers WITHOUT shadow file
########################
#Notes:
# date format for perl function str2time(year/month/day)
# date format for passwd -s (third field ) month/day/year
########################
cp -p /etc/passwd /etc/passwd.ORG
for i in `cat /etc/passwd.ORG | grep \@ | sed 's/:/+/g' | cut -d+ -f1`
do
OLASTPWCHG=`passwd -s $i | awk '{ print $3 }' | sed 's/\// /g' | awk '{print "20"$3"/"$1"/"$2}'`
export OLASTPWCHG
CVLASTPWCHG=`/usr/bin/perl -le 'use HTTP::Date; {print str2time($ENV{'OLASTPWCHG'});}'`
DAYSEC=`echo "60*60*24" | bc`
DAWNOFTIME=`/usr/bin/perl -e 'print int(time)'`
SECSAGO=`echo "$DAWNOFTIME - $CVLASTPWCHG" | bc`
DAYSAGO=`echo $SECSAGO/$DAYSEC | bc`
#
#we use 90 day password aging chg to yours
MAXAGE=91
LEFTDAYS=`echo "$MAXAGE - $DAYSAGO" | bc`
if [[ "$LEFTDAYS" = 7 ]]
then
EMAILID=`cat /etc/passwd.ORG | grep $i | sed 's/:/+/g' | cut -d+ -f6`
echo "Your unix id $i will expire in $LEFTDAYS days" | mailx -s "`uname -n` Password aging Reminder" $EMAILID
fi
if [[ "$LEFTDAYS" = 3 ]]
then
EMAILID=`cat /etc//passwd.ORG | grep $i | sed 's/:/+/g' | cut -d+ -f6`
echo "Your unix id $i will expire in $LEFTDAYS days" | mailx -s "`uname -n` Password aging Reminder" $EMAILID
fi
if [[ "$LEFTDAYS" -lt 0 ]]
then
EMAILID=`cat /etc/passwd.ORG | grep $i | sed 's/:/+/g' | cut -d+ -f6`
echo "Please note that your unix id $i has aleaady expired" | mailx -s "`uname -n` Password aging Reminder" $EMAILID
fi
done