Re: alerting users of expiring passwords
martin f krafft wrote:
> when a user's shadow password is about to expire, PAM prints
> a message about the expiration e.g. at login via SSH. However, if
> there is also a /etc/motd, the fact that it follows the warning
> obscures the warning and nobody sees it.
>
> What I would like to do is provide a more readily noticable warning,
> e.g. a notice before every shell command, or something along those
> lines. The question is: how do I check whether a user's password is
> about to expire from a script?
Hi
from shadow man page:
NAME
shadow - encrypted password file
DESCRIPTION
shadow contains the encrypted password information for user's
accounts and optional the
password aging information. Included is
Login name
Encrypted password
Days since Jan 1, 1970 that password was last changed
Days before password may be changed
Days after which password must be changed
Days before password is to expire that user is warned
Days after password expires that account is disabled
Days since Jan 1, 1970 that account is disabled
A reserved field
-------------------------------------------------------
I guess you can get it with 'cut' command. something like:
TIME=`grep <username> /etc/shadow | cut -d":" -f 5`
echo "your password will expire in $TIME days"
the problem is that you can run this commands only as root (users don't have
read permissions on shadow file), so you can redirect it to their mails.
Bye
--
Haim
>
> Or does anyone have a better solution?
>
Reply to: