My question is, how do i edit the script such that if PASS_MAX_DAYS is equals to 14 days or less then it equals to “Vulnerability: No”?
My Script
#!/bin/bash passwordexpiry=`grep "^PASS_MAX_DAYS" /etc/login.defs` if [[ $(passwordexpiry) == "PASS_MAX_DAYS 99999" ]] then isVulnerable="Yes" else isVulnerable="No" fi echo "Audit criteria: The passowrds expires every 2 weeks" echo "Vulnerability: ${isVulnerable}" echo "Details: See below" echo echo "Command:" echo "grep "^PASS_MAX_DAYS" /etc/login.defs" echo echo "Output:" echo ${passwordexpiry} echo
Advertisement
Answer
You can use grep -oP "^PASS_MAX_DAYSs+K([0-9]+)" /etc/login.defs
to extract the value :
#!/bin/bash max=14 passwordexpiry=`grep -oP "^PASS_MAX_DAYSs+K([0-9]+)" /etc/login.defs` if [ "$passwordexpiry" -le "$max" ] then isVulnerable="No" else isVulnerable="Yes" fi echo "$isVulnerable"
K
starts the match from the position of the value ([0-9]+)