cancel
Showing results for 
Search instead for 
Did you mean: 

Last password change date

SOLVED
Go to solution
Arunabha Banerjee
Valued Contributor

Last password change date

Hi Gurus,

 

Please share the script to check last password change date for all user in the system.

 

Thanks

AB
4 REPLIES
Matti_Kurkela
Honored Contributor

Re: Last password change date

In newer Linux distributions, you don't need a script: a single command can do it.

 

passwd -S -a

 On each line, 1st field is the username, 2nd tells if the account is locked or not: L = locked, P = usable password, NP = no password (note: some modern Linux distributions won't allow logins to accounts that have no password, so NP may be effectively same as L). 3rd filed is the last password change date.

 

If the passwd command in your Linux distribution (what is its name?) does not support the -a option, you need to run "passwd -S <username>" separately for each user.

 

For that, you first need a list of users. That is available to you in /etc/passwd. It contains colon-separated fields, and you only need the usernames in the first field of each line. So:

cut -d : -f 1 </etc/passwd

 will give you a list of users.

 

You could save the list to a file, use a text editor to add "passwd -S " to the beginning of each line, save the result, and run it as a script. That works, but must be done again if the list of users changes.

 

Fortunately, there is a command that can take a list of things and make a series of commands out of it: the command is called "xargs".

 

We can pipe the list of users to xargs, and tell it to run a series of commands, inserting one item from the list in place of {} each time, and give it a command template "passwd -S {}":

cut -d : -f 1 </etc/passwd | xargs -I{} passwd -S {}

 

There are certainly many other ways to solve your problem, but learning "cut" and "xargs" will help you to solve other similar problems in the future.

MK
Arunabha Banerjee
Valued Contributor

Re: Last password change date

It's giving following output. But I want exact date.

 

[root@server1 ~]# passwd -S root
Password set, DES crypt.

[root@server1 ~]# cat /etc/redhat-release
Red Hat Enterprise Linux ES release 4 (Nahant Update 9)

 

 

AB
Matti_Kurkela
Honored Contributor
Solution

Re: Last password change date

Looks like the "passwd -S <username>" does not display the password change date in RHEL 4. (It works on RHEL 5 and newer.) You can use "chage -l <username>" instead.

 

The problem is, "chage -l" does not output the username at all, and it outputs multiple lines about the user.

 

So you'll have to do this a bit differently, e.g. using a "while loop" which makes it easier to execute multiple commands for each username in the list:

#!/bin/sh
cut -d : -f 1 </etc/passwd | while read USER
do
    echo "Username: $USER"
    chage -l "$USER" | grep "^Last Change"
    echo
done

 This script is tested on RHEL 4 Update 8.

MK
Arunabha Banerjee
Valued Contributor

Re: Last password change date

It works perfectly on RHEL 4.9

 

I have some older version of Linux (Red hat 7 / Red Hat 9/ RHEL3). So I will check and update.

 

Thanks for your help.

 

 

AB