?
Solved

Users finding out attributes of their own password

Posted on 1999-01-19
12
Medium Priority
?
203 Views
Last Modified: 2010-04-21
I am trying to write a script to use within a user's .profile to test when a password is due to expire.

I know about password -s but that needs to run as root which is not acceptable within our systems.
0
Comment
Question by:small
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
12 Comments
 
LVL 51

Expert Comment

by:ahoffmann
ID: 2009290
make it a own script called from within .profile.
make this script setuid root (Note that most modern UNIX do not allow running setuid-root scripts by default, you have to change kernel settings).

I'm not shure if /etc/.profile is executed as root or as $user, you may try to call your script here.
0
 

Author Comment

by:small
ID: 2009291
Yeah, I thought of doing that way, however, I am trying to reduce the numebr of scripts that need to run as root.  Are there any other ways?

0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 2009292
You need a setuid-root program to do it.
Which UNIX do you have?
What does password do? can you post:  ls -l `which password` ?
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:small
ID: 2009293
I need to do this on Solaris 2.5/2.6 and AIX.

Sorry I meant passwd not password.

0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 2009294
Solaris and AIX? there are different behaviors for -s option !!
You also need to know if your passwd information is locally, or via NIS(+).
As I said: a setuid-root programm. no more ideas, sorry.
0
 

Author Comment

by:small
ID: 2009295
The passwords are always held locally.

OK its looks like a setuid program.

ahoffmann, answer back and I'll give you the points, unless someone has a better idea to solve the problem.

0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 2009296
so I wait with an answer 'til my suggestion works, or someone gives a better one.
0
 

Expert Comment

by:sluggo662
ID: 2009297
You might want to use a perl script using the getpwnam operation. I don't think you have to be root to get it..but if you wanted to get a quota this is what I would use...or a variant of it.

#!/usr/bin/perl

($expire) = (getpwnam ("yourusernamehere"))[4]; #the 4 pulls the quota information
print "$expire \n";

Hope this helps you out
0
 

Author Comment

by:small
ID: 2009298
The perl didn't work because the expiry info is the shadow file not the passwd file.  I think the perl command only reads the passwd file.

Any other ideas?

0
 

Expert Comment

by:eranklonover
ID: 2009299
solaris as a passwd switch: -w <days>

which can be used to Set warn field for user.
the user will be notified by the system and
there is no need for any setuid scripts.
0
 

Author Comment

by:small
ID: 2009300
eranklonover,

Nice solution except those losers, sorry, users, usually ignore the os type messages.  What I want to do was to check the expiry time in their .profile and then force them to change it.

It looks like it will need to be a set-uid script.

ahoffmann step forward, answer and collect your points.
0
 
LVL 51

Accepted Solution

by:
ahoffmann earned 300 total points
ID: 2009301
make it a own script called from within .profile.
make this script setuid root (Note that most modern UNIX do not allow running
setuid-root scripts by default, you have to change kernel settings).
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I promised to write further about my project, and here I am.  First, I needed to setup the Primary Server.  You can read how in this article: Setup FreeBSD Server with full HDD encryption (http://www.experts-exchange.com/OS/Unix/BSD/FreeBSD/A_3660-S…
Every server (virtual or physical) needs a console: and the console can be provided through hardware directly connected, software for remote connections, local connections, through a KVM, etc. This document explains the different types of consol…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Suggested Courses
Course of the Month12 days, 5 hours left to enroll

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question