Expirovany account

[Pavel Kankovsky]

On Thu, 6 Aug 1998, Petr Novotny wrote:

> potrebuji prikaz shellu (nebo jeste lepe funkci v Perlu), ktera mi da 
> seznam expirovanych accountu (nebo treba pro kazdy account rekne, kdy 
> expiruje). Muzu prochazet /etc/shadow ale nezda se mi to elegantni - 
> myslel jsem, ze by to mohlo jit pres PAM, nebo se mylim? [Redhat 5.1]

PAM je na neco jineho. Pokud neco, tak by bylo PWDB.

Ale v tom Perlu to neni zadna raketova veda:

sub scan_shadow
{
  my $today = int(time() / 86400);
  while (<STDIN>) {
    chomp;
    if (/^(\w+):([^:]*):(\d*):[^:]*:(\d*):(\d*):(\d*):(\d*):$/) {
      my ($user, $pwd, $last_ch, $pwd_exp, $warning, $pwd_lck, $acc_exp) =
          ($1, $2, int($3), int($4), int($5),int($6), int($7));
      ... sem dopsat, co je libo ...
    }
    else {
      warn "unrecognized line in shadow!";
    }
  }
}

(Je to sice puvodne pro Solaris, ale format /etc/shadow je stejny.)

Cely account expiruje v den $acc_exp, heslo expiruje v den $last_ch +
$pwd_exp, a ucet bude zamcen v den $last_ch + $pwd_lck.

BTW: nejsem si jisty, jestli jsou getpw*(), co navrhoval Honza Pazdziora
nejak uzitecne, protoze pochybuji, ze extrahuji veci ze shadow, ale muzu
se mylit.

--Pavel Kankovsky aka Peak  [ Boycott Microsoft--http://www.vcnet.com/bms ]
"You can't be truly paranoid unless you're sure they have already got you."