Triggering scripts and password expirations

Find out how to trigger scripts without cron and how to set expirations for passwords.

 

Triggering scripts and password expirations
Roc Paez

Some interesting questions were posed to HP-UX expert Roc Paez on the Ask-the-Experts page and they resulted in some equally interesting answers. In one, Roc gives an example of how to trigger a shell script without using cron and, in another, Roc explains how to set up password expiration.


Question: I would like to now how to trigger any shell script without using the cron or the at command?

Roc's answer:
The only other way to trigger a shell script without using cron, would be to have a script/program run in the background checking for a certain condition, and when that condition is true, it triggers the shell script. A sample script is shown below:

#!/usr/bin/sh
while
[ $(date +%m%d%y) = 042402 ]
then
echo "The date has arrived, trigger the script"
/usr/local/bin/what_ever_the_script_name
else
echo "The date is not yet April 24, 2002"
sleep 60
fi

The above script has not be checked for errors, so please do not use as is. It is merely intended to illustrate the idea. Take the Shell Programming course for more information on writing shell scripts.

Question: In HP 10.20 or 11.0, how can I interpret information in the password file in regards to password aging? This is not a trusted host. We have a new requirement within the company for password expiration to be set at 90 days on all user accounts. I'm trying to audit how many users have password expiration set and what the setting is on their accounts. I see some letter after a comma. How can I find out if joe user's password will automatically expire in XYZ days? Thanks much!

Roc's answer:
The command to setup password aging for a user on a non-trusted system is:

# passwd -x 50 -n 10 joeuser

This will set password aging to 50 days maximum (i.e. password must be changed every 50 days) and 10 days minimum (i.e. at min of 10 days must pass before the password can be changed).

If you want to see when joeuser password will expire, enter:

# passwd -s joeuser
joeuser PS 04/06/02 14 56

The output indicates that the password can be changed 14 days after 4/6/02, and MUST be changed 56 days after 4/6/02.

Take the Practical UNIX and Network Security class in Anaheim on June 24-28, 2002. I will be the instructor for that class, and we will be going over all the security issues related to managing users, including password aging.


Roc Paez is the US UNIX Program Manager responsible for the Core and Advanced UNIX curriculums within Hewlett-Packard's Educational Services Practice. He helps plan and determine course content for HP-UX-based classes offered by Hewlett Packard's Customer Education. Roc has been with Hewlett-Packard since 1993. His classes are offered at http://education.hp.com/.

Visit the his Ask-the-Experts page to ask him a question or view other answers.


This was first published in April 2002
This Content Component encountered an error

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchSDN

SearchEnterpriseWAN

SearchUnifiedCommunications

SearchMobileComputing

SearchDataCenter

SearchITChannel

Close