Triggering scripts and password expirations
Some interesting questions were posed to HP-UX expert Roc Paez on the Ask-the-Experts page and they resulted in some equally interesting answers. In one, Roc gives an example of how to trigger a shell script without using cron and, in another, Roc explains how to set up password expiration.
Question: I would like to now how to trigger any shell script without using the cron or the at command?
The only other way to trigger a shell script without using cron, would be to have a script/program run in the background checking for a certain condition, and when that condition is true, it triggers the shell script. A sample script is shown below:
#!/usr/bin/sh while [ $(date +%m%d%y) = 042402 ] then echo "The date has arrived, trigger the script" /usr/local/bin/what_ever_the_script_name else echo "The date is not yet April 24, 2002" sleep 60 fi
The above script has not be checked for errors, so please do not use as is. It is merely intended to illustrate the idea. Take the
Question: In HP 10.20 or 11.0, how can I interpret information in the password file in regards to password aging? This is not a trusted host. We have a new requirement within the company for password expiration to be set at 90 days on all user accounts. I'm trying to audit how many users have password expiration set and what the setting is on their accounts. I see some letter after a comma. How can I find out if joe user's password will automatically expire in XYZ days? Thanks much!
The command to setup password aging for a user on a non-trusted system is:
# passwd -x 50 -n 10 joeuser
This will set password aging to 50 days maximum (i.e. password must be changed every 50 days) and 10 days minimum (i.e. at min of 10 days must pass before the password can be changed).
If you want to see when joeuser password will expire, enter:
# passwd -s joeuser
joeuser PS 04/06/02 14 56
The output indicates that the password can be changed 14 days after 4/6/02, and MUST be changed 56 days after 4/6/02.
Take the Practical UNIX and Network Security class in Anaheim on June 24-28, 2002. I will be the instructor for that class, and we will be going over all the security issues related to managing users, including password aging.
Roc Paez is the US UNIX Program Manager responsible for the Core and Advanced UNIX curriculums within Hewlett-Packard's Educational Services Practice. He helps plan and determine course content for HP-UX-based classes offered by Hewlett Packard's Customer Education. Roc has been with Hewlett-Packard since 1993. His classes are offered at http://education.hp.com/.
Visit the his Ask-the-Experts page to ask him a question or view other answers.
This was first published in April 2002