Password expiry mail

tshepang · 07-08-2015, 10:42 AM

I wrote the below,I am trying to automate password expiry warning.The script is supposed to send warning 7 days before the password expires.But for somehow reason it is not working..

cat /etc/shadow | cut -d: -f1,8 | sed /:$/d > /tmp/expirelist.txt
totalaccounts=`cat /tmp/expirelist.txt | wc -l`
for((i=1; i<=$totalaccounts; i++ ))
do
tuserval=`head -n $i /tmp/expirelist.txt | tail -n 1`
username=`echo $tuserval | cut -f1 -d:`
userexp=`echo $tuserval | cut -f2 -d:`
userexpireinseconds=$(( $userexp * 86400 ))
todaystime=`date +%s`
#check if the user expired or not?
if [ $userexpireinseconds -ge $todaystime ] ;
then
timeto7days=$(( $todaystime + 604800 ))
if [ $userexpireinseconds -le $timeto7days ];
then
mail -s "The account $username will expire less than 7 days" root
fi
else
mail -s "The user account $username already expired" root
fi
done

rtmistler · 07-08-2015, 12:03 PM

Firstly use [code][/code] tags to enclose your script please.

My suggestion is to perform this with a test against your file when you have the three conditions you know of:

Some users are fine
At least one user has expired already
At least one user is within the warning period

Then add "set -xv" after your #!/bin/sh line to enable debug.

Run the script from a command line and observe what's going on when it makes decisions.

Check out the link for My BASH Blog in my signature for other debug ideas.

You can also echo out variables like totalaccounts, and put echo statements in the if-else parts where you make a decision on a particular user and print out the username and userexp variables per user you are testing.

Yet another thing I'd recommend is that you comment out the cat of /etc/shadow and just make a /tmp/expirelist.txt file once, make sure it has the 3 conditions of OK, expired, and soon to expire, and then test against that until you get correct results.

millgates · 07-09-2015, 03:06 AM

A few other minor comments:
1/ "It is not working" is a very poor problem description and the best possible answer to that is "Fix it". You need to be more specific.
How do you run the script? Manually, at, cron, ... ?
What is the result? Nothing happens, you get error messages, the mail is empty, the script selects wrong accounts,... ?
What shell are you using?

If you don't run the script manually from terminal, redirect its stdout and stderr to files.
If you use cron, make sure you either use full paths for all commands used or set the PATH variable as necessary.

2/ all the cats and echos in your script are useless.

Instead of

Code:

cat /etc/shadow | cut -d: -f1,8

you can just use

Code:

cut -d: -f1,8 /etc/shadow

3/ instead of the for loop and reading the file n+1 times, a while read loop would be much more convenient:

Code:

while read -r username userexp; do
  ...
done </tmp/expirelist.txt

pan64 · 07-09-2015, 03:26 AM

you can use:

Code:

#!/bin/bash
set -xv  # this is used to debug your code

# do it only once
todaystime=(date +%s)
timeto7days=$(( $todaystime + 604800 ))

while IFS=:  read -a array;
do
username=${array[0]}
userexp=${array[1]}  # or something like this

userexpireinseconds=$(( $userexp * 86400 ))

...
done </etc/shadow

(not tested)