Skip to content
Advertisement

Bash Scripting: How to display output for the passwords expiry every 2 week

My question is, how do i edit the script such that if PASS_MAX_DAYS is equals to 14 days or less then it equals to “Vulnerability: No”?

Output

My Script

#!/bin/bash

passwordexpiry=`grep "^PASS_MAX_DAYS" /etc/login.defs`

if [[ $(passwordexpiry) == "PASS_MAX_DAYS    99999" ]]
then
      isVulnerable="Yes"
else 
      isVulnerable="No"
fi
  echo "Audit criteria: The passowrds expires every 2 weeks"
  echo "Vulnerability: ${isVulnerable}"
  echo "Details: See below"
  echo
  echo "Command:"
  echo "grep "^PASS_MAX_DAYS" /etc/login.defs"
  echo
  echo "Output:"
  echo ${passwordexpiry}
  echo

Advertisement

Answer

You can use grep -oP "^PASS_MAX_DAYSs+K([0-9]+)" /etc/login.defs to extract the value :

#!/bin/bash

max=14
passwordexpiry=`grep -oP "^PASS_MAX_DAYSs+K([0-9]+)" /etc/login.defs`

if [ "$passwordexpiry" -le "$max" ]
then
      isVulnerable="No"
else 
      isVulnerable="Yes"
fi

echo "$isVulnerable"

K starts the match from the position of the value ([0-9]+)

Advertisement