Oct 08

Linux command generates a message 14 days before root password expires

Most people use ‘chage -l root’ command to get information about root user password expiration; but that output tells you a calendar day the password expires, not how many days from now left until it expires.

Depending on which OS, you can use one of the one line commands below to alert with a message to exactly how many days remain, and only when the root user password is 14 days or less to expiring:

OLDER UNIX: (( `cat /etc/shadow|grep root | awk -F: ‘{print $8 – $3}’` < 15 )) && echo "root password expiring in `cat /etc/shadow|grep root | awk -F: '{print $8 - $3}'` days" Because the SE Linux shadow password has fewer fields, more math computation is needed, requiring more commands. We can still wrap into one ksh command: RHL/SUSE: EXP=`sudo grep ^root /etc/shadow | awk -F: '{ print $5 + $3 }'` ; SECS=`date '+%s'`; SECS=`expr $SECS / 86400`; VAL=`expr $EXP - $SECS`;(( $VAL < 15 )) && echo root password expiring in $VAL days

Leave a Reply