LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Software (https://www.linuxquestions.org/questions/linux-software-2/)
-   -   Password Notification Script E-Mail Question (https://www.linuxquestions.org/questions/linux-software-2/password-notification-script-e-mail-question-608146/)

kaplan71 12-20-2007 11:11 AM
Password Notification Script E-Mail Question
 
Hi there --

I am using a script that checks the age of the password for the user accounts on one of our servers, and if its expiration date is fourteen days or less, the user gets notified. Here is text of the script:

#########################################################################
#!/bin/bash

users=`grep -v ":\!\!:" /etc/shadow|grep -v ":\*." |grep -v root|cut -f1 -d:` echo $users expire_time=90 today=$((`perl -le 'print time'` / 86400 ))

for user in $users ; do
last_change=$((`grep $user /etc/shadow |cut -f3 -d:`)) echo $user echo $last_change

days_left=$(( $expire_time - $today + $last_change )) echo $days_left if [ $days_left -lt 15 -a $days_left -ge 0 ]; then echo "passwd expired $user"
mail -s "Your password on <server> will expire in $days_left days." $ user << EOF Hello,

Your password of account $user, which is used for access and email on host `uname -n`, will expire in $days_left days.

Please updated your password through the webmail interface at http://<hostname>/webmail.

Log in using your account and passowrd, and select the Options tab.
You will be taken to a screen that has a link that reads Change Password.
Click on that link, and follow the onscreen prompts.


Thank-you for your support.

EOF

fi
done
#########################################################################

The script works well, but I also get an email indicating that two accounts are unknown. Here is text of the message:

#########################################################################
$@<server> on 12/20/2007 11:27 AM
The e-mail account does not exist at the organization this message was sent to. Check the e-mail address, or contact the recipient directly to find out the correct address.
< <server> #5.1.1 SMTP; 550 5.1.1 <$@server>... User unknown>

user@<server>on 12/20/2007 11:27 AM
The e-mail account does not exist at the organization this message was sent to. Check the e-mail address, or contact the recipient directly to find out the correct address.
< <server> #5.1.1 SMTP; 550 5.1.1 <user@<server>... User unknown>
#########################################################################

Does anyone have an idea what the cause is, and how I can correct it?

unSpawn 12-20-2007 04:43 PM
If you run the script as 'sh -x scriptname' (best make the line not send mail but echo what it should do) you'll see what is needed: check output, scrub strings, that can't be (complete) user@host type addresses. The final username you can check back in /etc passwd like 'getent passwd $USERNAME 2>&1>/dev/null || { echo "Not a valid or exisiting user."; break; }' and behind the at sign you need at least four chars to make up a FQDN, IIRC. BTW next time please post your script between BB code tags for readability. Right now it doesn't look like a wellformatted script to me.

chrism01 12-20-2007 06:06 PM
$ user << EOF Hello,

I hope that first space is a typo ?

MartinBall 06-14-2011 06:40 AM
Sorry to resurrect an old thread but I am having a bit of difficulty using this script.

Whenever I try to run the script I get the following output:

Code:
expire_time=90 today=15139
./passwdcheck: line 8: syntax error near unexpected token `then'
./passwdcheck: line 8: `days_left=$(( $expire_time - $today + $last_change )) echo $days_left if [ $days_left -lt 15 -a $days_left -ge 0 ]; then echo "passwd expired $user"'
Is this due to incorrect formatting or is it something else?

catkin 06-14-2011 08:01 AM
For once a valid reason for necroposting! :)

Try (the here document is in green for ease of identification; indentation and new lines are added for clarity and syntax validity; debug echos are identified as such; variable host added; some spelling and English language corrections. Not tested):
Code:
#!/bin/bash

users=`grep -v ":\!\!:" /etc/shadow|grep -v ":\*." |grep -v root|cut -f1 -d:`
echo "DEBUG: users: $users"
expire_time=90
today=$((`perl -le 'print time'` / 86400 ))
host=`uname -n`

for user in $users
do
    last_change=$((`grep $user /etc/shadow |cut -f3 -d:`))
    echo "DEBUG: user: $user:
    echo "DEBUG: last_change: $last_change"

    days_left=$(( $expire_time - $today + $last_change ))
    echo "DEBUG: days_left: $days_left"
    if [ $days_left -lt 15 -a $days_left -ge 0 ]; then
        echo "passwd expired $user"
        # Note: space before EOF and user removed in line below
        mail -s "Your password on $host will expire in $days_left days." $user <<EOF Hello,

Your password of account $user, which is used for access and email on $host, will expire in $days_left days.

Please update your password through the webmail interface at http://$host/webmail.

Log in using your account and password, and select the Options tab.
You will be taken to a screen that has a link that reads Change Password.
Click on that link, and follow the on-screen prompts.


Thank you for your support.

EOF

    fi
done

MartinBall 06-14-2011 08:56 AM
Thank you catkin for a most excellent and prompt reply, although a slightly different error is now thrown up when I run it.

The first time round I got this:

Code:
DEBUG: users: apache
<<TRUNCATED USERS LIST>>
./passwdcheck: line 20: unexpected EOF while looking for matching `"'
./passwdcheck: line 32: syntax error: unexpected end of file
This was rectified by simply changing this line and adding a closing quote mark at the end of the line.

Code:
echo "DEBUG: user: $user:
However I am no faced with this error:

Code:
DEBUG: users: apache
<<TRUNCATED USERS LIST>>
DEBUG: user: apache:
DEBUG: last_change: 15083
DEBUG: days_left: 34
DEBUG: user: cjo:
DEBUG: last_change: 15083
DEBUG: days_left: 34
DEBUG: user: kka:
DEBUG: last_change: 15083
DEBUG: days_left: 34
DEBUG: user: pbs:
DEBUG: last_change: 15127
DEBUG: days_left: 78
./passwdcheck: line 11: 15083
15083: syntax error in expression (error token is "15083")
I cannot see any apparent reason for this in the code as it seems to start to output the debug for the calculation?

catkin 06-14-2011 09:20 AM
Sorry about the missing double quote; that's a risk with untested code.

At a command prompt, try running grep $user /etc/shadow |cut -f3 -d: with $user a) as pbs so grep pbs /etc/shadow |cut -f3 -d: and b) with $user set to the user after pbs in the $users list and post the output here. Probably the first will be a valid bash arithmetic expression and the second will not. The workaround will depend on what they actually are. I'm just going out for the evening ...

MartinBall 06-14-2011 09:23 AM
Thanks for you help catkin, below is the output :)

Code:
[root@Stephenson Scripts]# grep pbs /etc/shadow |cut -f3 -d:
15127
[root@Stephenson Scripts]# grep rca /etc/shadow |cut -f3 -d:
15083
15083
[root@Stephenson Scripts]#
Enjoy your night out, I'm hours away from finishing work - roll on 5pm :D

catkin 06-14-2011 12:20 PM
Probably there is more than one user with a name including the string rca. For greater robustness, try changing grep $user /etc/shadow to grep "^$user:" /etc/shadow. That might not work well with command substitution using backticks so better change to $( ... ) which is preferred anyway so try last_change=$(( $(grep "^$user:" /etc/shadow |cut -f3 -d:) )). Actually IDK why $(( ... )) is being used when the value inside it is a simple number and not an arithmetic expression so for the neatest solution try simply last_change=$(grep "^$user:" /etc/shadow | cut -f3 -d:)


All times are GMT -5. The time now is 08:00 PM.