Re: Identifying users with expired passwords

From: Darren Dunham (ddunham_at_redwood.taos.com)
Date: 09/29/03

• Next message: Philip Brown: "Re: Ximian Evolution on Solaris 9 Sparc (installed but aborts)"
• Previous message: Juergen Keil: "Re: Sun Solaris USB Flash Drive mount command (scsa2usb driver)"
• In reply to: Matt: "Identifying users with expired passwords"
• Next in thread: Francois Napoleoni: "Re: Identifying users with expired passwords"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

Date: Mon, 29 Sep 2003 16:55:39 GMT

Matt <nospam@fred.net> wrote:
> Is there an easy way of identifying users with expired passwords from
> /etc/shadow or via other means?

Hmm... I don't know of one. Seems like there should be some such
facility.

Except for the "days of inactivity" (which I'm not sure where that's
stored), you could manually calculate "expiration" and "max passwd days"
and display them.

This *might* work (no guarantees, and I'm worried that the date
calculation may be off-by-one).

#!/bin/perl -w
use strict;

my $epoch_days = int(time / (60 * 60 * 24));

open(SHADOW, "/etc/shadow") or die "Cannot open shadow file. $!\n";
while(<SHADOW>)
{
   my @line = split('\:');
   if ($line[7] ne "" and $epoch_days > ($line[7] + 0))
   {
     print "Account $line[0] has expired.\n";
     next;
   }
   if ($line[2] ne "" and $line[4] ne "" and
       $epoch_days > ($line[2] + $line[4]))
   {
     print "Account $line[0] has exceeded the time to change
     passwds.\n";
     next;
   }
}

-- 
Darren Dunham                                           ddunham@taos.com
Unix System Administrator                    Taos - The SysAdmin Company
Got some Dr Pepper?                           San Francisco, CA bay area
         < This line left intentionally blank to confuse you. >

---

• Next message: Philip Brown: "Re: Ximian Evolution on Solaris 9 Sparc (installed but aborts)"
• Previous message: Juergen Keil: "Re: Sun Solaris USB Flash Drive mount command (scsa2usb driver)"
• In reply to: Matt: "Identifying users with expired passwords"
• Next in thread: Francois Napoleoni: "Re: Identifying users with expired passwords"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

Relevant Pages Re: im going muning tomorrow! ... monkeyman wrote: ... with is Matt....he lives a few blocks away from me. ... hmm maybe we should ... (rec.sport.unicycling) Re: Sign conventions ... > Your pet beliefs when shown to be wrong, ... Hmm ... ... Matt ... > James Harris ... (sci.math) Re: what does "sinclair" mean in English ? ... That's pretty much the definition of "pure", ... Hmm, I think I'm in need of Matt Rudge's patented Mandic translator. ... (comp.sys.sinclair) Re: Empty array ... Hmm, probably go back to the temporary variable ... copying 2 bytes only could potentially cause ... VB chokes when it ... Matt ... (microsoft.public.vb.general.discussion)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• Mailing-Lists
• Newsgroups
• About
• Privacy
• Search
• Imprint

unix.derkeiler.com  > Newsgroups  > comp.unix.solaris  > 2003-09