Monitor the/etc/passwd file and the etcpasswd File

Source: Internet
Author: User
Tags dovecot

Monitor the/etc/passwd file and the etcpasswd File

Help to monitor whether the/etc/passwd file is normal (P90 exercise 6.7)

1) Find all items with UID0

2) Find all items with duplicate UID

3) Find all items with duplicate login names

4) Find all items without a password

5) Find all items with no expiration date

 

The following is an implemented shell script:

#! /Bin/bash
# Monitoring/etc/passwd normal

# Find the user with UID 0
Echo "----------------------------------"
User1 = 'less/etc/passwd | awk-F: '$3 = 0 {print $1 }''
If [-z $ user1]; then
Echo "1. there is no user's UID equals 0"
Else
Echo-n "1.the user of UID equals 0 have:" $ user1
Echo ""
Fi

# Identify users with duplicate UID
Echo "----------------------------------"
User2 = 'awk-F: 'In in {ORS = ", "} NR = FNR {a [$3] ++} NR> FNR & a [$3]> 1 {print $1, $3} '/etc/passwd/etc/passwd'
If [-z $ user2]; then
Echo "2. there is no user's UID repeat"
Else
Echo-n "2.the user of repeat UID have:" $ user2
Echo ""
Fi

# Identify users with duplicate login names
Echo "---------------------------------"
User3 = 'awk-F: 'In in {ORS = ", "} NR = FNR {a [$1] ++} NR> FNR & a [$1]> 1 {print $1, $3} '/etc/passwd/etc/passwd'
If [-z $ user3]; then
Echo "3. there is no user's login name repeat"
Else
Echo-n "3.the user of repeat login name have:" $ user3
Echo ""
Fi

# Identify all users without a password
Echo "---------------------------------"
User4 = 'sudo awk-F: 'In in {ORS = ","} length ($2) <30 {print $1} '/etc/shadow'
If [-z $ user4]; then
Echo "4. there is no user have no password"
Else
Echo-n "4.the user of no password have:" $ user4
Echo ""
Fi

# Find all users with no expiration date
Echo "---------------------------------"
User5 = 'sudo awk-F: 'In in {ORS = ","} length ($7) <1 {print $1} '/etc/shadow'
If [-z $ user5]; then
Echo "5. there is no user have no outdate time"
Else
Echo-n "5.the user of no outdate time have:" $ user5
Echo ""
Fi
Echo "---------------------------------"


What is the use of the/etc/passwd file? It has segments

/Etc/passwd
This directory stores operating system user information, which is visible to all users.
Add an account to the linux system:
Useradd-g mysql-d/home/test-m test (: create a user test, which belongs to the mysql group and the start directory is/home/test)
Enter/etc/passwd and you will see the following information. You can see the information of the newly added user in the last line. As follows:
Sshd: x: 74: 74: Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
Dovecot: x: 97: 97: dovecot:/usr/libexec/dovecot:/sbin/nologin
Webalizer: x: 67: 67: Webalizer:/var/www/usage:/sbin/nologin
Squid: x: 23: 23:/var/spool/squid:/sbin/nologin
Pcap: x: 77: 77:/var/arpwatch:/sbin/nologin
Haldaemon: x: 68: 68: HAL daemon: // sbin/nologin
Xfs: x: 43: 43: X Font Server:/etc/X11/fs:/sbin/nologin
Hsqldb: x: 96: 96:/var/lib/hsqldb:/sbin/nologin
EM: x: 42: 42:/var/EM:/sbin/nologin
Hzmc: x: 500: 500: hzmc:/home/hzmc:/bin/bash
Mysql: x: 501: 501:/home/mysql:/bin/bash
Chenhua: x: 503: 501:/home/chenhua:/bin/bash
Test: x: 504: 501:/home/test:/bin/bash
It can be seen that the/etc/passwd file stores user information, which consists of 7 pieces of information consisting of 6 semicolons. The explanation is as follows:
(1): user name.
(2): Password (encrypted)
(3): UID (User ID), which is used by the operating system
(4): GID group ID.
(5): full user name or local account
(6): Start directory
(7): The Shell used for logon is a tool for parsing logon commands.
Set the password for the test user and run the following command:
Passwd test
[Root @ localhost etc] # passwd test
Changing password for user test.
New UNIX password:
Retype new UNIX password:
Passwd: all authentication tokens updated succ ...... the remaining full text>

Group ID in the/etc/passwd file in linux

It can belong to different groups.
In passwd, gid is the master group, other groups are Extension Groups, and the extension groups are described in/etc/group.
If useradd username is not specified, a gid with the same uid is created by default.
Other groups can be added to other groups through-G when creating users, or you can use usermod-G groupname username to modify existing users.

For example, the main group of user1 is 500, and the extended group is 501 and 502.
The main group of user2 is 501, and the extended group is 502.
The master group of user3 is 502.

The passwd format is as follows:
User1: x: 500: 500:/home/user1:/bin/bash
User2: x: 501: 501:/home/user2:/bin/bash
User3: x: 502: 502:/home/user3:/bin/bash

The group format is as follows:
User1: x: 500:
User 2: x: 501: user1
User3: x: 502: user1, user2

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.