Users finding out attributes of their own password

I am trying to write a script to use within a user's .profile to test when a password is due to expire.

I know about password -s but that needs to run as root which is not acceptable within our systems.
smallAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
ahoffmannConnect With a Mentor Commented:
make it a own script called from within .profile.
make this script setuid root (Note that most modern UNIX do not allow running
setuid-root scripts by default, you have to change kernel settings).
0
 
ahoffmannCommented:
make it a own script called from within .profile.
make this script setuid root (Note that most modern UNIX do not allow running setuid-root scripts by default, you have to change kernel settings).

I'm not shure if /etc/.profile is executed as root or as $user, you may try to call your script here.
0
 
smallAuthor Commented:
Yeah, I thought of doing that way, however, I am trying to reduce the numebr of scripts that need to run as root.  Are there any other ways?

0
Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

 
ahoffmannCommented:
You need a setuid-root program to do it.
Which UNIX do you have?
What does password do? can you post:  ls -l `which password` ?
0
 
smallAuthor Commented:
I need to do this on Solaris 2.5/2.6 and AIX.

Sorry I meant passwd not password.

0
 
ahoffmannCommented:
Solaris and AIX? there are different behaviors for -s option !!
You also need to know if your passwd information is locally, or via NIS(+).
As I said: a setuid-root programm. no more ideas, sorry.
0
 
smallAuthor Commented:
The passwords are always held locally.

OK its looks like a setuid program.

ahoffmann, answer back and I'll give you the points, unless someone has a better idea to solve the problem.

0
 
ahoffmannCommented:
so I wait with an answer 'til my suggestion works, or someone gives a better one.
0
 
sluggo662Commented:
You might want to use a perl script using the getpwnam operation. I don't think you have to be root to get it..but if you wanted to get a quota this is what I would use...or a variant of it.

#!/usr/bin/perl

($expire) = (getpwnam ("yourusernamehere"))[4]; #the 4 pulls the quota information
print "$expire \n";

Hope this helps you out
0
 
smallAuthor Commented:
The perl didn't work because the expiry info is the shadow file not the passwd file.  I think the perl command only reads the passwd file.

Any other ideas?

0
 
eranklonoverCommented:
solaris as a passwd switch: -w <days>

which can be used to Set warn field for user.
the user will be notified by the system and
there is no need for any setuid scripts.
0
 
smallAuthor Commented:
eranklonover,

Nice solution except those losers, sorry, users, usually ignore the os type messages.  What I want to do was to check the expiry time in their .profile and then force them to change it.

It looks like it will need to be a set-uid script.

ahoffmann step forward, answer and collect your points.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.