LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - General (http://www.linuxquestions.org/questions/linux-general-1/)
-   -   User expiry Script. (http://www.linuxquestions.org/questions/linux-general-1/user-expiry-script-4175436717/)

gsiva 11-11-2012 08:47 PM

User expiry Script.
 
Hi Folks,

With reference to the link below,
http://www.linuxquestions.org/questi...locked-294627/

I got the below error message while executing the script.

user_expiry.sh: line 63: 15566 + : syntax error: operand expected (error token is " ")

towheedm 11-11-2012 09:08 PM

That script references /etc/shadow so it must be run with root privileges.

I also got the invalid date format error as mentioned in the thread.

gsiva 11-11-2012 09:12 PM

Thanks Towheedm, I am running as a root only.

towheedm 11-11-2012 09:31 PM

Are you getting the error while running as root?

gsiva 11-11-2012 09:47 PM

yeup, getting the error while running as the root.

towheedm 11-11-2012 10:08 PM

Try passing a username as an argument to the script. I'll pass user lfs to the script:
Code:

sudo ./user_expiry.sh lfs
date: invalid date ` 99846 day'

===Information for user lfs===
Full name:
User ID: 1001
Password last changed: 14.04.2013
Minumum password age: 0
Maximum password age: 99999
Password warning age: 7
Password expires on:
The account expires on: NEVER

If that works set the script to trace and post the output:
Code:

#! /bin/bash
set -x
.
.
.

This will expose lines from your /etc/passwd and /etc/shadow file in the trace output.

gsiva 11-11-2012 11:21 PM

I am getting the exact output, while running the script has
sh user_expiry.sh test

But, still coming up with the same error message at the bottom as

user_expiry.sh: line 64: 15155 + : syntax error: operand expected (error token is " ")

catkin 11-12-2012 12:56 AM

The error occurs when the 5th field, maximum password age, of /etc/shadow is empty. Assuming that means there is no point in processing users for which this data does not exist, the script can be fixed by
Code:

    c=`echo -e $uname | awk -F: '{print$5}'`
    [[ $c = '' ]] && continue

Another problem discovered with the script was that it fails on line 53 for users that are listed in /etc/password but not in /etc/shadow. In this case
Code:

uname=`cat /etc/shadow | grep -r "^$name:" | awk -F":" '{print}'`
sets uname empty. On my netbook running Slackware 13.37 there are 3 such users:
Code:

root@CW9:~# wc -l /etc/passwd
28 /etc/passwd
root@CW9:~# wc -l /etc/shadow
25 /etc/shadow

EDIT: all three users have been added since OS installation. Two have not had a password set. The other changed its own password using the passwd command; its passwd is in /etc/passwd, encrypted. Not ideal!

EDIT2:
The script could be modified to generate an error message for users not listed in /etc/shadow
Code:

  if [[ $uname = '' ]]; then
      echo "ERROR: $name is not listed in /etc/shadow" >&2
      continue
  fi


linosaurusroot 11-13-2012 08:04 AM

What do you get from pwck ?

gsiva 11-19-2012 10:39 PM

I have fixed the problem. thanks folks.

Now, how can I set the password output to be save in the file name "chk_users_expiry.HOSTNAME.log" under /var/log. I tried with below, that doesn't work.

HOST=`hostname`

# create output file name
OUTPUT="/var/log/chk_users_expiry.$HOST.log"


and I want to grep two users like test1 and test2, where their output should be like below.

Password for test will expire on Thu Dec 20 00:22:17 2012

chrism01 11-20-2012 01:36 AM

Can you show the current version of your script?
In any case, for embedded vars, you should really use {} thus
Code:

OUTPUT="/var/log/chk_users_expiry.${HOST}.log"
so the parser can tell when the varname starts/stops.

linosaurusroot 11-20-2012 03:35 AM

Quote:

Originally Posted by chrism01 (Post 4833061)
Can you show the current version of your script?
In any case, for embedded vars, you should really use {} thus
Code:

OUTPUT="/var/log/chk_users_expiry.${HOST}.log"
so the parser can tell when the varname starts/stops.


The variable name starts at $ and ends at the first character that's not legal in a variable name - in this case the dot. Supposing the next character after the variable had been [a-zA-Z0-9_] then you'd need the {}.

gsiva 11-21-2012 12:01 AM

Hi,

I have just following up with the same link as below for script.

With reference to the link below,
http://www.linuxquestions.org/questi...locked-294627/

I tried to change as the OUTPUT value, but the output is not being generated under the /var/log.

catkin 11-21-2012 09:10 AM

That link is malformed. It results in "Unexpected response code received". The ... appears in the underlying link as well as the displayed link.


All times are GMT -5. The time now is 07:35 AM.