Wednesday, November 19, 2014

Shell script for search for no password entries and lock all accounts

  1. #!/bin/bash
  2. # Shell script for search for no password entries and lock all accounts
  3. # -------------------------------------------------------------------------
  4. # Copyright (c) 2005 nixCraft project <http://cyberciti.biz/fb/>
  5. # This script is licensed under GNU GPL version 2.0 or above
  6. # -------------------------------------------------------------------------
  7. # This script is part of nixCraft shell script collection (NSSC)
  8. # Visit http://bash.cyberciti.biz/ for more information.
  9. # -------------------------------------------------------------------------
  10. # Set your email
  11. ADMINEMAIL="admin@somewhere.com"
  12.  
  13. ### Do not change anything below ###
  14. #LOG File
  15. LOG="/root/nopassword.lock.log"
  16. STATUS=0
  17. TMPFILE="/tmp/null.mail.$$"
  18.  
  19. echo "-------------------------------------------------------" >>$LOG
  20. echo "Host: $(hostname), Run date: $(date)" >> $LOG
  21. echo "-------------------------------------------------------" >>$LOG
  22.  
  23. # get all user names
  24. USERS="$(cut -d: -f 1 /etc/passwd)"
  25.  
  26. # display message
  27. echo "Searching for null password..."
  28. for u in $USERS
  29. do
  30. # find out if password is set or not (null password)
  31. passwd -S $u | grep -Ew "NP" >/dev/null
  32. if [ $? -eq 0 ]; then # if so
  33. echo "$u" >> $LOG
  34. passwd -l $u #lock account
  35. STATUS=1 #update status so that we can send an email
  36. fi
  37. done
  38. echo "========================================================" >>$LOG
  39. if [ $STATUS -eq 1 ]; then
  40. echo "Please see $LOG file and all account with no password are locked!" >$TMPFILE
  41. echo "-- $(basename $0) script" >>$TMPFILE
  42. mail -s "Account with no password found and locked" "$ADMINEMAIL" < $TMPFILE
  43. # rm -f $TMPFILE
  44. fi

0 comments: