This script requires password's aging in days and then reports accounts whose password has expired.
#!/bin/bash #set -x # dudicz April 05 2013 # look for expired passwd usage() { echo ; echo "Usage: ${programname} <aging days>" ; echo ; exit 1 } programname=`/usr/bin/basename $0` # check if argument is provided if [ $# != 1 ]; then usage fi aging_days=$1 today_epoch_sec=`truss date 2>&1 | grep ^time | awk -F= '{print $2}'` today_epoch_days=`(echo "scale=0; ${today_epoch_sec}/60/60/24" | bc -l)` target_days=`(echo "scale=0; ${today_epoch_days} - ${aging_days}" | bc -l)` for i in `cat /etc/shadow` do user=`echo $i |awk -F: '{print $1}'` days=`echo $i |awk -F: '{print $3}'` maxdays=`echo $i |awk -F: '{print $5}'` # continue if max passwd age is not setup, like for root if [ -z ${maxdays} ] then echo "Password never expires: ${user}" elif [ ${days} -lt ${target_days} ] then echo "Password EXPIRED: ${user}" else echo "Password OK: ${user}" fi done exit 0 |
This is how it works.
# bash expiredpasswd.sh Usage: expiredpasswd.sh <aging days> |
# bash expiredpasswd.sh 90 Password never expires: root Password never expires: rootc Password never expires: rootmo Password never expires: daemon Password never expires: bin Password never expires: sys Password never expires: adm Password never expires: lp Password never expires: uucp Password never expires: nuucp Password never expires: smmsp Password never expires: listen Password never expires: gdm Password never expires: webservd Password never expires: postgres Password never expires: svctag Password never expires: nobody Password never expires: noaccess Password never expires: nobody4 Password never expires: hpsmh Password never expires: mlodge Password never expires: paw Password never expires: pooles1 Password never expires: roberts Password never expires: stevewag Password never expires: femino Password never expires: cullinan Password never expires: itms Password never expires: dano Password never expires: mikec Password never expires: cullinan Password never expires: sysinfo Password EXPIRED: troyc Password OK: irvingr Password EXPIRED: miserw Password EXPIRED: parkerd Password EXPIRED: santhsu Password OK: dudicz |