Automatically determine whether a user has a password in a shell script

in the recent completion of the teacher's assignments encountered how to let the shell script command automatically determine whether a user has set the password problem, although seemingly not a difficult problem, but in the process of implementation of this feature contains a lot of small and important knowledge. It's a headache at first, although it's not difficult for us to see if a user has a password, directlyCat/etc/shadoW This file to see if the password bit has encrypted characters on the line, but let the command to judge and match it is not very smooth, small series on the Internet to view, and did not get a good answer, most of them are manual view of the answer, and does not apply to the shell script automatic judgment, So in a serious contrast/etc/passwd and the/etc/shadow These two files, and combined with their own ideas, the realization of this automatic judgment function, the next small part of my process to realize the problems and expand the knowledge, list out, in order to give the same as the small part of the online to find the right answer to the children's shoes for reference, this article is purely personal thinking products, If there is a better way, please enlighten me. 650) this.width=650; "src=" Http://img.baidu.com/hi/face/i_f30.gif "alt=" i_f30.gif "/>

we know that the user's password is stored in the/etc/passwdand the/etc/shadowWhy do you say that in these two files? Because the user's projection password is turned on by the system, the password is mapped toShadowin this file, if no projection password is turned on, the user's password is saved inpasswdin this file, in order to improve the security of the system, generally this feature is turned on by default, but we can manually turn it off:Pwconvturn on the projection password,PwunconvClose the projection password.

In order to achieve the following command, the small series will be passwd files and Shadow The relationships of the files are graphically detailed so that the small partners can read:

650) this.width=650; "src=" Https://s4.51cto.com/wyfs02/M00/9D/C4/wKioL1mFlSqjz_e3AAAp7G4WvOE619.png "title=" 2.png "alt=" Wkiol1mflsqjz_e3aaap7g4wvoe619.png "/>

If the shadow password feature is not turned on, there will be noShadowThis file, the password is saved in thepasswdon the password bit of the file, at this point, the user who created the password has not been set password, it is two!! symbol, if the user's password is passedpasswd-d username If this command is cleared, there is nothing on the password bit.

If the shadow password feature is turned on,passwdPassword bit in the password will be projected into the shadow, similarly, if the user has not set the password, the password bit is two!! Symbol, if the user's password is passed passwd-d username emptied of the words, inShadowis empty on the password bit.

There is a picture of the truth:

650) this.width=650; "src=" Https://s2.51cto.com/wyfs02/M01/9D/C4/wKioL1mFlW-CIt_aAABRlmL9UMg074.png "title=" 1.png "alt=" Wkiol1mflw-cit_aaabrlml9umg074.png "/>

shell script, scripts to be written with high accuracy and portability, So the execution of the command must have absolute certainty, if we define a view matching shadow file, that if there is no shadow password feature on the host, The hadow This file, the command execution result is not correct, so in order to ensure the absolute nature of the order, the small part of the following ideas:

regardless of whether the system has a shadow projection function, we perform the Pwconv command to turn on the shadow password feature. In this way, we have completely determined that the password exists in the shadow file, and we can do something about the shadow file.

" Span style= "font-family: ' The song Body '; Line-height:150%;color:rgb (255,0,0); font-size:19px;" >$ encryption method number $salt$ password bit " So we can extract the parameters of the password bit to use the regular expression to compare, if not " $ encryption method number $salt$ password bit

the command to turn on the shadow password is: Pwconv

The command to extract the password bit parameters in the shadow file is:getent Shadow |grep ^username |cut-d:-f2

Here are the figures: 650) this.width=650; "src=" Http://img.baidu.com/hi/face/i_f30.gif "alt=" I_f30.gif "/>

650) this.width=650; "src=" Https://s1.51cto.com/wyfs02/M02/9D/C4/wKiom1mFleKi1U73AAAUCS99eyM110.png "style=" float : none; "title=" 3.png "alt=" Wkiom1mfleki1u73aaaucs99eym110.png "/>

this intercepts a user's password bit.

match the extracted parameters to determine if there is a password: [["$ (pwconv; Getent shadow |grep ^username |cut-d:-f2)" =~ ^ ' $ '. *]] && echo true | | echo False

Used in this command:

$ (): Call the result of the command execution in parentheses

[[]]: Conditional tests, which can be tested for conditions, are also [], but we use extended regular expressions and [] do not support referencing regular expressions, so we use the conditional test of double quotes.

=~: The symbol is a test of the string, meaning: whether the left string can be matched by the pattern on the right.

&& : , and then According to the return value of the previous command, the return value is True ( 0 Span style= "font-family: ' The song body '; line-height:150%;font-size:19px;" >

| | : OR ELSE If the return value of the previous command is False (not

The result of the command execution is: (two results show)

650) this.width=650; "src=" Https://s1.51cto.com/wyfs02/M01/9D/C4/wKioL1mFleKA1tFPAAASnJcNY50640.png "style=" float : none; "title=" 4.png "alt=" Wkiol1mfleka1tfpaaasnjcny50640.png "/>

650) this.width=650; "src=" Https://s1.51cto.com/wyfs02/M02/9D/C4/wKioL1mFleKyeL0LAAATeUlm9ME559.png "style=" float : none; "title=" 5.png "alt=" Wkiol1mflekyel0laaateulm9me559.png "/>

we can set the user name to a variable, by passing the user name parameter, to achieve the specified user's view, the method user in the shell script, you can make conditional judgment. hehe ~

Learn sparse, if there are insufficient please advice, if you find a better way, remember to tell small series Oh! 650) this.width=650; "src=" Http://img.baidu.com/hi/face/i_f13.gif "alt=" I_f13.gif "/>

This article is from the Linux OPS blog, so be sure to keep this source http://jk6627.blog.51cto.com/12002684/1953876

Automatically determine whether a user has a password in a shell script