:: Linux User Password Expiry Monitoring ::
STEP 1: Create one file using bellow command
#touch expiry.sh
copy the below code and paste in expiry.sh file
#!/bin/bash
# Check Password expiry of specified user
# Author: Ankam Ravi Kumar
# Date: 6th July 2015
function check_usage {
if (( $# != 1 ))
then
echo "Usage: ./expiry.sh <username>"
exit 3
fi
}
function calculate_days_till_expiry {
get_expiry_date=$(/usr/sbin/lchage -l $1 | grep 'Password Expires' | cut -d: -f2)
#if [[ $get_expiry_date = 'Never' ]]
if [ $get_expiry_date = 'Never' ];
then
echo "Host Name: `hostname` User: $1 Password never expires"
exit 0
elif
password_expiry_date=`date -d "$get_expiry_date" "+%s"`
current_date=$(date "+%s")
diff=$(($password_expiry_date-$current_date))
let DAYS=$(($diff/(60*60*24)))
then
if (($DAYS>=15 && $DAYS<=90))
then
echo "OK - Host Name: `hostname` User: $1 Password is $DAYS days from expiry"
exit 0
elif (($DAYS>=5 && $DAYS<=14))
then
echo "WARNING - Host Name: `hostname` User: $1 Password is $DAYS days from expiry" > /tmp/tempuser
mail -s "WARNING - Host Name: `hostname` User: $1 Password is $DAYS days from expiry" aravikumar48@gmail.com,$1 < /tmp/tempuser
exit 1
elif (($DAYS>=0 && $DAYS<=4))
then
echo "CRITICAL - Host Name: `hostname` User: $1 Password is $DAYS days from expiry"
mail -s "CRITICAL - Host Name: `hostname` User: $1 Password is $DAYS days from expiry" aravikumar48@gmail.com,$1 < /tmp/tempuser
exit 2
fi
fi
}
check_usage $1
calculate_days_till_expiry $1
WARNING: Replace email address with your email address before execute
STEP 2: Then create one more called passwdcheck.sh using below command
#touch passwdcheck.sh
then copy the below code and paste in passwdcheck.sh file
#!/bin/bash
# Check All the existing users Password expiry status
# Author: Ankam Ravi Kumar
# Date: 6th July 2016
for line in `cat /etc/passwd | cut -d: -f1` ; do
sh expiry.sh $line
done
STEP3: Execute the above file using sh
# sh passwdcheck.sh
STEP4: Add user email address in the below file to sent alerts directly to user
#vi /etc/aliases
in Last line of above file add
root: ADMINEMAIL@DOMAIN.COM
Save & Exit
STEP 1: Create one file using bellow command
#touch expiry.sh
copy the below code and paste in expiry.sh file
#!/bin/bash
# Check Password expiry of specified user
# Author: Ankam Ravi Kumar
# Date: 6th July 2015
function check_usage {
if (( $# != 1 ))
then
echo "Usage: ./expiry.sh <username>"
exit 3
fi
}
function calculate_days_till_expiry {
get_expiry_date=$(/usr/sbin/lchage -l $1 | grep 'Password Expires' | cut -d: -f2)
#if [[ $get_expiry_date = 'Never' ]]
if [ $get_expiry_date = 'Never' ];
then
echo "Host Name: `hostname` User: $1 Password never expires"
exit 0
elif
password_expiry_date=`date -d "$get_expiry_date" "+%s"`
current_date=$(date "+%s")
diff=$(($password_expiry_date-$current_date))
let DAYS=$(($diff/(60*60*24)))
then
if (($DAYS>=15 && $DAYS<=90))
then
echo "OK - Host Name: `hostname` User: $1 Password is $DAYS days from expiry"
exit 0
elif (($DAYS>=5 && $DAYS<=14))
then
echo "WARNING - Host Name: `hostname` User: $1 Password is $DAYS days from expiry" > /tmp/tempuser
mail -s "WARNING - Host Name: `hostname` User: $1 Password is $DAYS days from expiry" aravikumar48@gmail.com,$1 < /tmp/tempuser
exit 1
elif (($DAYS>=0 && $DAYS<=4))
then
echo "CRITICAL - Host Name: `hostname` User: $1 Password is $DAYS days from expiry"
mail -s "CRITICAL - Host Name: `hostname` User: $1 Password is $DAYS days from expiry" aravikumar48@gmail.com,$1 < /tmp/tempuser
exit 2
fi
fi
}
check_usage $1
calculate_days_till_expiry $1
WARNING: Replace email address with your email address before execute
STEP 2: Then create one more called passwdcheck.sh using below command
#touch passwdcheck.sh
then copy the below code and paste in passwdcheck.sh file
#!/bin/bash
# Check All the existing users Password expiry status
# Author: Ankam Ravi Kumar
# Date: 6th July 2016
for line in `cat /etc/passwd | cut -d: -f1` ; do
sh expiry.sh $line
done
STEP3: Execute the above file using sh
# sh passwdcheck.sh
STEP4: Add user email address in the below file to sent alerts directly to user
#vi /etc/aliases
in Last line of above file add
root: ADMINEMAIL@DOMAIN.COM
Save & Exit
No comments:
Post a Comment