Shell or Perl script in Linux to update a password in scripts / environment files

I have a RHES 4.6 which has Perl installed:
# which perl

I'll need to update lots of scripts & environment data files (called by scripts
to set variables) with a new password.

The script needs to prompt me for the current existing password & then
prompt for the new password & then update those files.


where xxxxx.yyy, iiiii.jjj & aaaaa.bbb are filenames of the
environment files or scripts & the lines in them which have
the current existing passwords can come in various formats:

PASS="aaa!@#$6789"    change to ===>  PASS="BBB!_#$3210"
(in above case the password is enclosed in double-quotes)

SVR_PASS=aaa!@#$6789   change to ===> SVR_PASS=aaa!@#$6789
(in above case the password follows

The difficulty I faced is the password can contain special characters
such as _, @, |, #, $, %, ^, &, *, (, ), {, }, [, ], ;, \, :, ?, numeric digits & alphabets
but we'll avoid double-quotes & single quote & =

So, kindly provide me a Shell or Perl script to handle these updates
as I may now be required to change the passwords every 3 months

Who is Participating?
Sorry, it seems that I left two options while I only meant to do the one that works. for your example you need to escape the reserved characters

The setting of the variable within the shell did not work, so I tried setting the variable in the script.

find | xargs perl -i.bak.... {} \; might work as well.
Note the line of perl command line find/replace is below.
perl -i.bak -pe '$password="p\&\*\(\)\@wD"; s/^(PASS|SVR_PASS)=\"(.*)\"$/$1=\"$password\"/' file1 file2 file3 file4

Open in new window

Instead of updating the password, why not add a line to your perl script that includes a single configuration file where that information is set while removing the variable setting.

require "";

This approach will mean you only have to modify the scripts once.
sunhuxAuthor Commented:

Hi Arnold, I don't have any script currently, so I'll need a script.

Don't quite get your message.  Perhaps let me give a more detailed


So the above 3 files,, def_env.dat & ghk_script.scr (can be a
Shell script or any other scripts)  will contain the password.

You may assume that the current password & the new password
are unique, ie there's no commands or filenames or directory names
that are the same as these passwords.

Btw, there's one more important requirement which I missed:
the script that updates the passwords in all those files must
retain the permissioning, owner & group of the file.

Suppose a file containing the password has the ownership
oracle:dba  with rw-r--r-- , then after updating the file, it
should still has these attributes.

Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

Instead of having each script contain the username/password, you would use a common file that will set the parameter used in all.
i.e. for .sh

in the shell scripts

your second or third line will be

This way when you need to make the change, you will make it in these include configuration files which will reduce the number of scripts.

Because it sounds as through the existing scripts are a mix, using perl to go line by line of each file looking for a parameter, is extremely risky.

sunhuxAuthor Commented:

Ok, I got what you mean but I have only 5-10 minutes to update
that password in all the files (about 60 of them) as we have
jobs running every 10 minutes.

So I'll still need a script as what I originally need.

To use the common file, I'll still need to amend quite a number of
items to refer to this common file & this is going to take me more
than 10 minutes.
Ok, you create the replacement configuration files

as applicable for .sh, .pl presumably these are the variations.
Do all use the same script?
This is how you can copy and preserver the ownership, mode of the script.

Are the entries necessarily on their own line?

perl -ibak -pe 's/^(PASS|SVR_PASS)=\"(.*)\"$/\$1=\"$password\"/' list_of_files

perl -i.bak -pe '$password="newpassword"; s/^(PASS|SVR_PASS)=\"(.*)\"$/$1=\"$password\"/'

Open in new window

sunhuxAuthor Commented:

How is the "list_of_files" substituted?  

Or shall I do :

perl -ibak -pe 's/^(PASS|SVR_PASS)=\"(.*)\"$/\$1=\"$password\"/' /path1/file1
perl -ibak -pe 's/^(PASS|SVR_PASS)=\"(.*)\"$/\$1=\"$password\"/' /path2/file2
perl -ibak -pe 's/^(PASS|SVR_PASS)=\"(.*)\"$/\$1=\"$password\"/' /path3/file3
. . . . .
sunhuxAuthor Commented:
Also, if the new password contains special characters,
I won't be able to set a value at all as shown below :

$ newpassword=!~321;:()=
-bash: !~321: event not found

$ newpassword="!~321;:()="
-bash: !~321: event not found
sunhuxAuthor Commented:
> Are the entries necessarily on their own line?

Browsing through that dozens of files (scripts & environment data files), all
the entries  (ie   SVR_PASS=current_passwd   &  PASS="current_passwd" )
are on a line by themselves ie there's no other preceding text/characters &
no other text/characters at the end of the line or anywhere in between

I tested the perl script given on one single file & it gave an error :

script that contains the password:
any test line

<<<<<< end of the file >>>>>> :
perl -ibak -pe 's/^(PASS|SVR_PASS)=\"(.*)\"$/\$1=\"$password\"/' ./

./ :
$ ./
./ line 1: syntax error near unexpected token `@wX'
./ line 1: `passwd=p&*()@wX'

sunhuxAuthor Commented:

Slight typo, corrected below :
perl -ibak -pe 's/^(PASS|SVR_PASS)=\"(.*)\"$/\$1=\"$passwd\"/' .
sunhuxAuthor Commented:
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.