diff options
| author | Jonas Smedegaard <dr@jones.dk> | 2006-08-31 22:51:03 +0000 |
|---|---|---|
| committer | Jonas Smedegaard <dr@jones.dk> | 2006-08-31 22:51:03 +0000 |
| commit | 3570eb5b841dc045f0e2cb8824f803890126e1c4 (patch) | |
| tree | 058ba7d1817143fe1b77870d4aab58e2fa5a2920 | |
| parent | 2d318969f4ff92f5361004419053fd09f46ed39b (diff) | |
Fix password expiry routine. Separate password setting and password expiry setting routines.
| -rwxr-xr-x | localadduser | 24 | ||||
| -rwxr-xr-x | localresetpasswd | 48 | ||||
| -rwxr-xr-x | localresetpasswdexpiry | 35 |
3 files changed, 87 insertions, 20 deletions
diff --git a/localadduser b/localadduser index 433315c..1cce0db 100755 --- a/localadduser +++ b/localadduser @@ -3,7 +3,7 @@ # /usr/local/bin/localadduser # Copyright 2003 Jonas Smedegaard <dr@jones.dk> # -# $Id: localadduser,v 1.3 2006-08-25 04:36:44 jonas Exp $ +# $Id: localadduser,v 1.4 2006-08-31 22:51:03 jonas Exp $ # # Execute adduser noninteractively through sudo # @@ -14,10 +14,6 @@ set -e -pass_len=11 -pass_expire=30 -pass_warn=14 - verbose=1 #simulate=true interactive=0 @@ -27,13 +23,6 @@ vecho() { test -n "$verbose" && echo "$@" >&2 } -randompass() { - gpw 1 $pass_len 2>&- || - pwgen $pass_len 1 2>&- || - tr -d '[\000-\057][\072-\100][\133-\140][\173-\377]' < /dev/urandom | - dd bs=$pass_len count=1 2>&- -} - u=$1 shift @@ -84,11 +73,6 @@ else eval $simulate sudo "/usr/sbin/adduser --disabled-login \"$u\"" fi -vecho -n "generating password for $u..." -pass=$(randompass) -echo "$u:$pass" | eval $simulate sudo "/usr/sbin/chpasswd" -vecho -n "." -#eval $simulate sudo "/usr/bin/chage -M $pass_expire -d 2003-01-01 \"$u\"" -eval $simulate sudo "/usr/bin/chage -M$pass_expire -W$pass_warn -d 2003-01-01 \"$u\"" -vecho -n "." -vecho "$pass" +eval $simulate localresetpasswd "$u" + +#vecho "Account \"$u\" created succesfully! Password is $pass" diff --git a/localresetpasswd b/localresetpasswd new file mode 100755 index 0000000..17f41fe --- /dev/null +++ b/localresetpasswd @@ -0,0 +1,48 @@ +#!/bin/sh +# +# /usr/local/bin/localresetpasswd +# Copyright 2006 Jonas Smedegaard <dr@jones.dk> +# +# $Id: localresetpasswd,v 1.1 2006-08-31 22:51:03 jonas Exp $ +# +# Generate random password and apply to account through sudo +# +# TODO: Check for bad arguments +# TODO: Use getopts to offer help +# TODO: Support overriding options in /etc/local file +# + +set -e + +pass_len=11 + +verbose=1 +#simulate=true +interactive=0 + +# echo something, but only if in verbose mode +vecho() { + test -n "$verbose" && echo "$@" >&2 +} + +randompass() { + gpw 1 $pass_len 2>&- || + pwgen $pass_len 1 2>&- || + tr -d '[\000-\057][\072-\100][\133-\140][\173-\377]' < /dev/urandom | + dd bs=$pass_len count=1 2>&- +} + +u=$1 +shift + +vecho -n "Generating random password..." +pass=$(randompass) +vecho " Done!" + +vecho -n "Applying new password to account $u..." +echo "$u:$pass" | eval $simulate sudo "/usr/sbin/chpasswd" +vecho " Done!" + +eval $simulate localresetpasswdexpiry "$u" + +vecho "New password is $pass" diff --git a/localresetpasswdexpiry b/localresetpasswdexpiry new file mode 100755 index 0000000..f4b6223 --- /dev/null +++ b/localresetpasswdexpiry @@ -0,0 +1,35 @@ +#!/bin/sh +# +# /usr/local/bin/localresetpasswdexpiry +# Copyright 2006 Jonas Smedegaard <dr@jones.dk> +# +# $Id: localresetpasswdexpiry,v 1.1 2006-08-31 22:51:03 jonas Exp $ +# +# (re)set password expiry through sudo +# +# TODO: Check for bad arguments +# TODO: Use getopts to offer help +# TODO: Support overriding options in /etc/local file +# + +set -e + +pass_expire=365 +pass_warn=14 +pass_lastday="`date --date='11 months ago' '+%F'`" + +verbose=1 +#simulate=true +interactive=0 + +# echo something, but only if in verbose mode +vecho() { + test -n "$verbose" && echo "$@" >&2 +} + +u=$1 +shift + +vecho -n "Setting password expiry limits (expire: $pass_expire, warn: $pass_warn, lastday: $pass_lastday)..." +eval $simulate sudo "/usr/bin/chage -M$pass_expire -W$pass_warn -d$pass_lastday \"$u\"" +vecho " Done!" |