Re: Automatic password changing
On Wed, Mar 22, 2000 at 11:33:04AM +0100, Neil D. Roberts wrote:
> Thanks Tim ! :)
>
> So this line changes the root password ? Ok, the password has a nice length,
> with upper and lower case, numbers and a couple simbols. Pretty solid ?
Good, way to go.
> Anyway, so what does
perl -npi.bak -e 's/^root:[^:]*:/root:pants/o' /etc/shadow
> actually do, does it create a file, or is it this which appears in the cron
> ? Sorry for the questions, I´m not quite iniciated in perl yet. So, if this
> does create a file, what would I find in, say, cron.daily ? Thanks a lot
> for this information.
Rightyho, it's like this:
perl : wonder-command ;)
-n : for each line of input, do the executable program
-p : print lines
-i : do inline editing of a file, in this case also taking a .bak
copy first
-e : the program to be executed, see -n.
s/// : a regexp-based search & replace just like vi/vim/sed/perl.
/o: only compile the regexp once, for speed (hic!).
The regexp is chosen to match exactly that line (should really only be one
although it'll work for all lines) that start "root:" and it replaces the next
colon-separated "word" with "pants", ie the encrypted root password.
So to implement this,
* su - root # or use sudo, it's cuter
* do a passwd root NOW to your funky new passwd
* take a look at /etc/shadow and isolate the encrypted password that
'passwd' generated.
* create a shell script eg /usr/local/sbin/fixpw.sh that looks like
#!/bin/sh
perl -npi.bak -e ..... yadda
* chmod 700 /usr/local/sbin/fixpw.sh # important!!
* crontab -e
* put a line like
0 * * * * /usr/local/sbin/fixpw.sh
in the crontab file and away you go!
HTH :)
~Tim
--
| Geek Code: GCS dpu s-:+ a-- C++++ UBLUAVHSC++++ P+++ L++ E--- W+++(--) N++
| w--- O- M-- V-- PS PGP++ t--- X+(-) b D+ G e++(*) h++(*) r--- y-
| The sun is melting over the hills, | http://piglet.is.dreaming.org/
| All our roads are waiting / To be revealed | piglet@glutinous.custard.org
Reply to: