-2
root@node033:~# vi exppass
root@node033:~# bash exppass
exppass: line 7: syntax error: unexpected end of file
root@node033:~# cat exppass
cat /etc/shadow |
while IFS=":" read col1 col2 col3 col4 col5 col6 col8;
do
echo $col3 $col8 
if [ $expire -lt $today ];
then

I am trying to remove the expiration passwd using to compare the date and time. adjust your script to do something along the lines:

if [ $expire -lt $today ]; then        
#delete the password

I think $expire above is equivalent to one of the columns you're reading. and you can get today's date by doing something like today=$(date +%s)

Nic3500
  • 8,144
  • 10
  • 29
  • 40
Ana C
  • 3
  • 1
  • 1
    exppass: line 6: syntax error near unexpected token `done' exppass: line 6: `done' root@node033:~# cat exppass cat /etc/shadow while IFS=":" read col1 col2 col3 col4 col5 col6 col7 col8 do echo $expire $today if [$expire -lt $today ]; done – Ana C Feb 17 '23 at 18:48
  • Read up on the shadow file, and its format. You will see what each column is for. But there are commands to do that, you should not have to parse shadow for anything ever. Do some research based on your flavor of linux. See https://www.cyberciti.biz/faq/linux-howto-check-user-password-expiration-date-and-time/ for example. – Nic3500 Feb 17 '23 at 20:05

1 Answers1

0

If you're happy w/ an awk & bash solution rather than doing the hard lifting in a loop:

awk -F: -v today=$(( $( date "+%s" ) / 86400 ))  '$8!=""{print $1, today-$8}' /etc/shadow

Explanation: -F: defines the input field separator to be a colon.

-v today=$(( $( date "+%s" ) / 86400 )) expresses today's date in days since epoch (which is the format used in /etc/shadow) and assigns it to an awk variable called today.

Now for the awk logic:

$8!="" if the 8th field (Account Expiry) isn't unset, {print $1, today-$8} print the username and the difference between today and the expiry date in days. If the date lies in the past, you get a positive value, if it's in the future, a negative one.

Edit:

Looking at the jumble above it appears that you're trying to check for both password and account expiry:

This should do:

awk -F: -v today=$(( $( date "+%s" ) / 86400 ))  '$3!="" || $8!=""{printf "%s\tpw: %s\tacc: %s\n", $1,today - $3, today-$8}' /etc/shadow

The 2nd field now shows the age of the password, the 3rd the account expiration. If this still isn't what you're after you'll need to sit down and rephrase your question so it reflects what you're actually after.

tink
  • 14,342
  • 4
  • 46
  • 50
  • t8391:$y$j9T$mdmVXUNYpz5iKbxWn1XLn.$.Cpexmko1kRQUPC7dfW3g9D/Plsh1ruWOXc/yYPUEi.:19404:0:99999:7::19564: bn5424:$y$j9T$bZX10lFFtIiGrrSkZYd2b0$wuR3Owdk1exTwq3vVl9iXT0yC.XlR5d1Rx0lN01wiN1:19404:0:99999:7::19214: nm5699:$y$j9T$x62nrTE14nz3ALVK09n4f0$YIo8g4oWmaxlY6r/y3Mfa3HaYqMCh2S74ikafeO4RK8:19404:0:99999:7::19594: root@node033:~# – Ana C Feb 17 '23 at 23:23
  • Thank you for sharing password hashes and stuff - what are you trying to tell me? @AnaC – tink Feb 17 '23 at 23:24
  • root@node033:~# cat /etc/shadow | wc -l 1033 (The number indicates that the passwd was not removed) – Ana C Feb 17 '23 at 23:29
  • You were talking about account expiration, not passwords, in your title. Just change both occurrences of `$8` to `$3`. – tink Feb 17 '23 at 23:34
  • the output is username and 1 all of them – Ana C Feb 17 '23 at 23:45
  • still hve 1033 usernames with old account or expired passwd – Ana C Feb 17 '23 at 23:45
  • how can I remove the old account? – Ana C Feb 18 '23 at 00:07
  • By "old" you mean accounts that have password. account or both expired? @AnaC – tink Feb 18 '23 at 02:56
  • @AnaC - and a second thought. None of the accounts you posted have a useful max_age set, so checking the "last changed date" makes no sense - it will be the time of user creation (most likely) and all of them will be lower than "today" unless you only want to give people access on the day you're checking. – tink Feb 18 '23 at 18:05