HPE Community
Operating System - HP-UX
1843921 Members
1293 Online
110226 Solutions
New Discussion

Scripting help...

 
SOLVED
Go to solution
Dwyane Everts_1
Honored Contributor

‎09-25-2005 11:17 PM

‎09-25-2005 11:17 PM

Scripting help...

Hi, gang...

I'm needing some help writing a script. For security reasons, I have to extract some info from /etc/passwd so the user acct manager can verify it against the application user accounts. I guess they got out of sync somehow. Anyway, I need a script to do the following:

1. Extract fields 1, 2, 4, and 5 from /etc/passwd.
2. Convert field 2 (password) into "Deactivated," "Activated," or "Blank."
3. Remove the system accounts from the final list.

Sounds easy enough, but I'm having a difficult time getting awk and cut to work in a desirable way.

Thanks!
Dwyane
0 Kudos
Reply
9 REPLIES 9
RAC_1
Honored Contributor

‎09-25-2005 11:24 PM

‎09-25-2005 11:24 PM

Re: Scripting help...

This takes care of all requirements.

for i in $(logins -u|awk '{print 1}')
do
grep -i $i /etc/passwd| awk -F : '{print $1," ",$4,$5}'
done
There is no substitute to HARDWORK
Reply
Muthukumar_5
Honored Contributor

‎09-25-2005 11:27 PM

‎09-25-2005 11:27 PM

Re: Scripting help...

You can do with awk / perl or cut + scripting easily. However, how to do the second requirement of,

Convert field 2 (password) into "Deactivated," "Activated," or "Blank."

based on passwd -s

or ?

It will return only PS=passworded; LK=locked; and NP=no password.

Get back to get suitable script promptly.

hth.
Easy to suggest when don't know about the problem!
0 Kudos
Reply
Muthukumar_5
Honored Contributor

‎09-25-2005 11:46 PM

‎09-25-2005 11:46 PM

Re: Scripting help...

To make the second tab to blank then,

# cp -p /etc/passwd /etc/passwd.bak
# grep -E "$(logins -u | awk '{ printf $1"|";} END { printf " " }')" /etc/passwd | awk -F":" '{ print $1," ",$4,$5 }'

hth.
Easy to suggest when don't know about the problem!
0 Kudos
Reply
Muthukumar_5
Honored Contributor

‎09-25-2005 11:57 PM

‎09-25-2005 11:57 PM

Solution

Re: Scripting help...

You can use this as,

#!/bin/ksh
# script.ksh
for user in `logins -u | cut -d" " -f1`
do

status=$(passwd -s $user | cut -d " " -f3)

case $status in
NP)
code="blank";
;;
LK)
code="Deactivated";
;;
PS)
code="Activated";
;;
esac

grep $user /etc/passwd | awk -F ":" -v var=$code '{ print $1,var,$4,$5 }'

done

exit 0
# END #

# chmod u+x script.ksh
# ./script.ksh

# Ouput #
smbnull Deactivated 101 DO NOT USE OR DELETE - needed by Samba
mysql Deactivated 102
iwww Deactivated 1
owww Deactivated 1
muthu blank 20

hth.
Easy to suggest when don't know about the problem!
Reply
Jean-Luc Oudart
Honored Contributor

‎09-26-2005 12:10 AM

‎09-26-2005 12:10 AM

Re: Scripting help...

Just a note :
to grep on /etc/passwd

say "user" is the variable
grep ^${user}":" /etc/passwd

Regards
Jean-Luc
fiat lux
Reply
James R. Ferguson
Acclaimed Contributor

‎09-26-2005 12:22 AM

‎09-26-2005 12:22 AM

Re: Scripting help...

Hi Dwyane:

Try this:

# logins -uxo|perl -aF":" -ne 'printf("%10s %2s %3d %s\n",$F[0],$F[7],$F[3],$F[4]) if $F[1] > 100' -

The logins() utility shows PS for a valid password; LK for locked and NP for no password. These appear in the output above.

By limiting users to those with UID > 100, you effectively get (by default) a list without system users.

Regards!

...JRF...
Reply
Dwyane Everts_1
Honored Contributor

‎09-26-2005 02:38 AM

‎09-26-2005 02:38 AM

Re: Scripting help...

It's amazing how requirements change when you start a project. Here is the final solution:

#!/bin/ksh
# set -x

> /tmp/passwd.bak

for user in `logins -uo | cut -d":" -f1`
do
status=$(passwd -s $user | cut -d " " -f3)
case $status in

NP)
code="BLANK";
;;

LK)
code="DEACT";
;;

PS)
code="ACT";
;;

esac
grep $user /etc/passwd | awk -F ":" -v var=$code '{ print $1," : ",var,"
: ",$5 }' >> /tmp/passwd.bak
done
# cat /tmp/passwd.bak

exit 0


Thanks to all for your help!

Dwyane
0 Kudos
Reply
B.Mahendra Kumar_2
Occasional Advisor

‎09-26-2005 09:48 PM

‎09-26-2005 09:48 PM

Re: Scripting help...

Dwyane,

I hope this will be useful for you, I have taken this from the ITRC Forms...But it was helpful for me, You can put some more for your active accounts in this script.
Reply
Dwyane Everts_1
Honored Contributor

‎09-27-2005 02:49 AM

‎09-27-2005 02:49 AM

Re: Scripting help...

B.Mahendra Kumar,

Nice script! I made a copy for future use. This script requires a "trusted" system architecture. Mine aren't, currently...but will be in a few months.

Dwyane
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.