HPE Community
Operating System - HP-UX
1826404 Members
3999 Online
109692 Solutions
New Discussion

passwd file cleanup

 
SOLVED
Go to solution
Wilfred Chau_1
Respected Contributor

‎01-16-2002 09:25 AM

‎01-16-2002 09:25 AM

passwd file cleanup

How do you guys cleanup your /etc/passwd and remove users who have not logon for a long time?
0 Kudos
Reply
10 REPLIES 10
Kevin Wright
Honored Contributor

‎01-16-2002 09:28 AM

‎01-16-2002 09:28 AM

Re: passwd file cleanup

vipw, or much easier is userdel.
see the man page for userdel.
0 Kudos
Reply
James R. Ferguson
Acclaimed Contributor

‎01-16-2002 09:34 AM

‎01-16-2002 09:34 AM

Re: passwd file cleanup

Hi:

If you like SAM, you can do it there. SAM will offer you the option of removing or transfering ownership of a user's files to another.

Remember that if you merely remove a user from /etc/passwd manually, then the user's files remain on the system. The file's inode contains the uid even though /etc/passwd can no longer translate number-to-name. If you have ever done this, you can look for "orphaned" files with:

# find /home /usr /var /tmp -nouser

...or for a specific uid:

# find /home /usr /var /tmp -user 103

Regards!

...JRF...
0 Kudos
Reply
Wilfred Chau_1
Respected Contributor

‎01-16-2002 09:41 AM

‎01-16-2002 09:41 AM

Re: passwd file cleanup

Do you have a script of some sort to determine a user has not been logging on for a long time? We have well over 50+ servers here, doing it manually is a pain.

I am using finger and has attempted to use last but I am just wondering if there is any better solution. How can I get the atime of .sh_history?
0 Kudos
Reply
Joseph C. Denman
Honored Contributor

‎01-16-2002 09:45 AM

‎01-16-2002 09:45 AM

Re: passwd file cleanup

Another thing to check. If you are removing an admin user and he/she was assigned a uid of 0. Then DO NOT let sam remove his/her files. You could wipe out everything.

Just a gotcha

...jcd...
If I had only read the instructions first??
0 Kudos
Reply
Kevin Wright
Honored Contributor

‎01-16-2002 10:04 AM

‎01-16-2002 10:04 AM

Solution

Re: passwd file cleanup

for i in `cat /etc/passwd| awk -F: '{print $1}`
do
expr=ls -la /home/kwright |awk '{print $6" "$7}'
if [ date < $exp ];then
userdel $i
done

This will give you an idea..but you need to get the MATH part right to fit your need. date could be the current date - 50 days or something.

Reply
Christopher Caldwell
Honored Contributor

‎01-16-2002 10:54 AM

‎01-16-2002 10:54 AM

Re: passwd file cleanup

If you're running trusted, the getprpwent function (man 3 getprpwent) will give you the last successful login (see fd_slogin).

Once you get a list of who can be removed, we use userdel (man 1m userdel) in a script to remove the users.
Reply
Wilfred Chau_1
Respected Contributor

‎01-16-2002 11:19 AM

‎01-16-2002 11:19 AM

Re: passwd file cleanup

I have a better picture now. But unfortunately I am not running trusted.
0 Kudos
Reply
Christopher Caldwell
Honored Contributor

‎01-16-2002 11:57 AM

‎01-16-2002 11:57 AM

Re: passwd file cleanup

BTW, even if you're not running trusted, given that you can determine last login (see the last command - man last) to produce a list of inactive folks, you can still user userdel.
0 Kudos
Reply
Mark Greene_1
Honored Contributor

‎01-16-2002 03:31 PM

‎01-16-2002 03:31 PM

Re: passwd file cleanup

if you run pwchk -a, you will get a list of login ids with no home dir, or with password problems if you have tcb enabled.

HTH
mark
the future will be a lot like now, only later
0 Kudos
Reply
Bill Hassell
Honored Contributor

‎01-16-2002 06:46 PM

‎01-16-2002 06:46 PM

Re: passwd file cleanup

Since I backup my systems regularly, I am ruthless about non-users. I find $HOME directories where all the files (especially shell history) are older than 3 months. I script userdel to remove the user and related files, and as mentioned, always verify the user ID. Someone may have hacked into the system and created an ID=0 user. Trust me: you DON'T want to remove files owned by this user!

If the user complains, that's good. Now I can find out why $HOME is not being changed. I can always restore the user once I understand the usage.


Bill Hassell, sysadmin
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.