system wide password change

Shell Programming and Scripting
1

Hello,

I am new to shell scripting and I was trying to write a script that would force a system wide password change except for admins. I am having some trouble and any help that someone could give me would be greatly appreciated. I am trying to do it by using the UID as the marker for anyone but admins. Here is what I have so far. Thank you.

#!/bin/ksh
typeset=i
awk -F: '{print $3}' /etc/passwd > /tmp/userlist
for i in `cat /tmp/userlist`
do
if (( $i > 100 )); then continue; fi
passwd -f $i
done
rm -f /tmp/userlist

2 
 #! /usr/bin/ksh
exec < /etc/passwd
while IFS=":" read name epass uid gid gcos uhome ushell ; do
          ((100 < uid && uid < 60000)) && echo passwd -f $name
done
exit 0

Leave that echo in as you run it the first time to be sure it is right.

3

Perderabo,

Thank you for your reply. I wanted to know if I was on the right track in my other script, if so, where was I going wrong and why did you decide to do it the way that you did. I am just learning and any information would be great. Thanks again!

kilemark

4

You had several errors. You were working only with a lists of uid's. You cannot use uid with the passwd command like that as far as I know. The man page clearly states that it wants a user name, not a uid. "typeset=i" is probably an error, but I really don't know what that is supposed to be doing. You don't say what os you are using, but it looks like SunOS. If so you probably have some system uid's above 60k that should be left alone. It is mostly personal preference, but with a powerful shell like ksh, I don't like using cat to read a file nor awk to select a field. External programs like that do consume some resources. Here it wouldn't matter much, but in some scripts, it can save hours of time.

5

Perderabo,

Well, I guess I have a long way to go :slight_smile: I have a decent understanding of the script but would you mind breaking it down a little? For example why the use of the exec command. Thank you for your time.

6

I had a typo which I fixed. It shoulda been 60000. Not too much to this script. The exec sets the script's stdin to /etc/passwd. The "while read" loop just reads the passwd file. The fields are separated by a : and the IFS variable tells "read" statement that. Then if the uid looks good, it issues the command.

7

Thanks for the help.