We help IT Professionals succeed at work.

Shell or Perl script in Linux to update a password in scripts / environment files

sunhux
sunhux asked
on
Medium Priority
426 Views
Last Modified: 2012-06-22
I have a RHES 4.6 which has Perl installed:
# which perl
/usr/bin/perl


I'll need to update lots of scripts & environment data files (called by scripts
to set variables) with a new password.

The script needs to prompt me for the current existing password & then
prompt for the new password & then update those files.

/db/jobdir1/xxxxx.yyy
/db/jobdir2/iiiiii.jjj
/db/jobdir3/aaaaa.bbb

where xxxxx.yyy, iiiii.jjj & aaaaa.bbb are filenames of the
environment files or scripts & the lines in them which have
the current existing passwords can come in various formats:

PASS="aaa!@#$6789"    change to ===>  PASS="BBB!_#$3210"
(in above case the password is enclosed in double-quotes)

SVR_PASS=aaa!@#$6789   change to ===> SVR_PASS=aaa!@#$6789
(in above case the password follows


The difficulty I faced is the password can contain special characters
such as _, @, |, #, $, %, ^, &, *, (, ), {, }, [, ], ;, \, :, ?, numeric digits & alphabets
but we'll avoid double-quotes & single quote & =


So, kindly provide me a Shell or Perl script to handle these updates
as I may now be required to change the passwords every 3 months



Comment
Watch Question

CERTIFIED EXPERT
Distinguished Expert 2019

Commented:
Instead of updating the password, why not add a line to your perl script that includes a single configuration file where that information is set while removing the variable setting.

require "configuration.pl";

#configuration.pl
#!/usr/bin/perl
$PASS="";
$SVR_PASS="";
1;
 

This approach will mean you only have to modify the scripts once.

Author

Commented:

Hi Arnold, I don't have any script currently, so I'll need a script.

Don't quite get your message.  Perhaps let me give a more detailed
example:

/db/abc_job/script1.sh  
/db/def_job/def_env.dat
/db/ghk_job/ghk_script.scr
......

So the above 3 files, script1.sh, def_env.dat & ghk_script.scr (can be a
Shell script or any other scripts)  will contain the password.


You may assume that the current password & the new password
are unique, ie there's no commands or filenames or directory names
that are the same as these passwords.


Btw, there's one more important requirement which I missed:
the script that updates the passwords in all those files must
retain the permissioning, owner & group of the file.

Suppose a file containing the password has the ownership
oracle:dba  with rw-r--r-- , then after updating the file, it
should still has these attributes.


CERTIFIED EXPERT
Distinguished Expert 2019

Commented:
Instead of having each script contain the username/password, you would use a common file that will set the parameter used in all.
i.e. for .sh
#!/bin/sh
#configuration.sh
PASS="password"
SVR_PASS="Password"

in the shell scripts

your second or third line will be
source configuration.sh

This way when you need to make the change, you will make it in these include configuration files which will reduce the number of scripts.

Because it sounds as through the existing scripts are a mix, using perl to go line by line of each file looking for a parameter, is extremely risky.

Author

Commented:

Ok, I got what you mean but I have only 5-10 minutes to update
that password in all the files (about 60 of them) as we have
jobs running every 10 minutes.

So I'll still need a script as what I originally need.

To use the common file, I'll still need to amend quite a number of
items to refer to this common file & this is going to take me more
than 10 minutes.
CERTIFIED EXPERT
Distinguished Expert 2019

Commented:
Ok, you create the replacement configuration files

as applicable for .sh, .pl presumably these are the variations.
Do all use the same script?

http://perldoc.perl.org/functions/stat.html
This is how you can copy and preserver the ownership, mode of the script.

Are the entries necessarily on their own line?

password=test
perl -ibak -pe 's/^(PASS|SVR_PASS)=\"(.*)\"$/\$1=\"$password\"/' list_of_files



perl -i.bak -pe '$password="newpassword"; s/^(PASS|SVR_PASS)=\"(.*)\"$/$1=\"$password\"/'

Open in new window

Author

Commented:

How is the "list_of_files" substituted?  


Or shall I do :

password=newpassword
perl -ibak -pe 's/^(PASS|SVR_PASS)=\"(.*)\"$/\$1=\"$password\"/' /path1/file1
perl -ibak -pe 's/^(PASS|SVR_PASS)=\"(.*)\"$/\$1=\"$password\"/' /path2/file2
perl -ibak -pe 's/^(PASS|SVR_PASS)=\"(.*)\"$/\$1=\"$password\"/' /path3/file3
. . . . .

Author

Commented:
Also, if the new password contains special characters,
I won't be able to set a value at all as shown below :

$ newpassword=!~321;:()=
-bash: !~321: event not found

$ newpassword="!~321;:()="
-bash: !~321: event not found

Author

Commented:
> Are the entries necessarily on their own line?

Browsing through that dozens of files (scripts & environment data files), all
the entries  (ie   SVR_PASS=current_passwd   &  PASS="current_passwd" )
are on a line by themselves ie there's no other preceding text/characters &
no other text/characters at the end of the line or anywhere in between


I tested the perl script given on one single file & it gave an error :

script g.sh that contains the password:
-----------------------------------------------
any test line
SVR_PASS=xxx@!#_8989
PASS="xxx@!#_8989"

PAS
pass=
PASS=
<<<<<< end of the file g.sh >>>>>>


upd_passwd.pl :
------------------
password=p&*()@wD
perl -ibak -pe 's/^(PASS|SVR_PASS)=\"(.*)\"$/\$1=\"$password\"/' ./g.sh


./upd_passwd.pl :
$ ./chgpw.pl
./chgpw.pl: line 1: syntax error near unexpected token `@wX'
./chgpw.pl: line 1: `passwd=p&*()@wX'


Author

Commented:

Slight typo, corrected below upd_passwd.pl :
------------------------------------------------------
passwd=p&*()@wD
perl -ibak -pe 's/^(PASS|SVR_PASS)=\"(.*)\"$/\$1=\"$passwd\"/' .
CERTIFIED EXPERT
Distinguished Expert 2019
Commented:
Unlock this solution and get a sample of our free trial.
(No credit card required)
UNLOCK SOLUTION

Author

Commented:
excellent
Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a sample view!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.