LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices

Reply
 
Search this Thread
Old 03-23-2005, 03:15 AM   #1
szahri
LQ Newbie
 
Registered: Mar 2005
Posts: 11

Rep: Reputation: 0
Password aging help


Hello all
I need to change the password expiry period for my existing users. Is there any other way I could do it, so that I dont need to change password aging setting one by one? I mean...a script that takes a variable from a file and update it on the /etc/shadow...


Any ideas? All help is very appreciated!

- Suze
 
Old 03-23-2005, 03:25 AM   #2
druuna
LQ Veteran
 
Registered: Sep 2003
Posts: 10,532
Blog Entries: 7

Rep: Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373
Hi,

Code:
for USERNAME in `cat file_with_usernames`
do
chage <options> $USERNAME
done
This example takes a file with usernames only. If more info is in that file, you need to cut out the username part.

Hope this helps.
 
Old 03-23-2005, 03:43 AM   #3
szahri
LQ Newbie
 
Registered: Mar 2005
Posts: 11

Original Poster
Rep: Reputation: 0
Thanks for the help!

I'm wondering if I can just take the name variable from the /etc/passwd or shadow file...coz writing a separate file for the names seems to defeat the purpose of making it an easy task

Something like :

Code:
cat /etc/passwd |awk -F: '{print$1}' |\
while read name ; do

uname=`cat /etc/shadow | grep $name | awk -F":" '{print}'`
chage <options> $uname
done
I'm sorry, my shell script abilities are very limited. Will the script above work?

Thanks a lot again for the code!

- Suze

Last edited by szahri; 03-23-2005 at 03:44 AM.
 
Old 03-23-2005, 04:08 AM   #4
szahri
LQ Newbie
 
Registered: Mar 2005
Posts: 11

Original Poster
Rep: Reputation: 0
This code seems to do the trick:

Code:
#!/bin/bash
cat /etc/shadow |awk -F: '{print$1}' |\
while read name ; do
 
uname=`cat /etc/shadow | grep $name | awk -F":" '{print$1}'`
/usr/bin/chage -M 2 $uname
done
But when i checked /etc/shadow, I found that some users' password aging werent changed. I did notice the errors below when running the script :

Usage: chage [-l] [-m min_days] [-M max_days] [-W warn]
[-I inactive] [-E expire] [-d last_day] user
Usage: chage [-l] [-m min_days] [-M max_days] [-W warn]
[-I inactive] [-E expire] [-d last_day] user
Usage: chage [-l] [-m min_days] [-M max_days] [-W warn]
[-I inactive] [-E expire] [-d last_day] user
Usage: chage [-l] [-m min_days] [-M max_days] [-W warn]
[-I inactive] [-E expire] [-d last_day] user


There were incidentally 4 users whose password aging didnt change...so I guess that was why it was giving me those errors. Any ideas how i can fix it?

Thanks in advance!
- Suze
 
Old 03-23-2005, 04:09 AM   #5
druuna
LQ Veteran
 
Registered: Sep 2003
Posts: 10,532
Blog Entries: 7

Rep: Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373Reputation: 2373
Hi again,

Besides the syntax and some coding isuues, there's another thing you need to be aware of:

You probably do not want to change the aging info for non-users (root, daemon,sys,lp etc etc). You need to exclude these from your list.

Most distro's use UID's that are 500 or greater for normal users (nobody being an exception, this non-user could have a very high uid, should also be excluded). Check this for your distro!

If 500 is the lowest UID for normal users this will get them from your /etc/passwd file:
awk -F":" '$3 >= 500 { print $1 }' /etc/passwd

Command breakdown:
-F":" <= set seperator to : (colon)
$3 >= 500 <= check if field 3 is greater or equal to 500
{ print $1 }' <= print field 1 (only if $3 >= 500)

You will end up with this:
Code:
for USERNAME in `awk -F":" '$3 >= 500 { print $1 }' /etc/passwd`
do
echo $USERNAME
#chage <options> $USERNAME
done
I commented out the chmod part and added an echo statement. This is for testing. Make sure all is well before actually using the chage ....... line!!!

If you have any doubts/questions: Just ask

Hope this helps.
 
Old 03-23-2005, 08:02 PM   #6
szahri
LQ Newbie
 
Registered: Mar 2005
Posts: 11

Original Poster
Rep: Reputation: 0
That works beautifully!! Thank you so much for your help, you've saved me from a great headache!

- Suze
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Disable password aging check in MSEC Seube Mandriva 1 12-15-2004 09:39 PM
Last Hope for an Aging Computer SSTwinrova Linux - General 11 11-30-2004 04:57 PM
LRU and aging algorithms testing maniac01 Programming 0 04-25-2004 12:03 PM
I'm in need of a good, fast, reliable, and relatively painless distro for my aging PC johnnyblade Linux - Distributions 4 03-18-2004 06:58 PM
How do you implement password aging in samba? colpaarm Linux - Software 1 07-30-2003 10:37 AM


All times are GMT -5. The time now is 12:29 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration