Search This Blog

Tuesday, 17 February 2015

Solaris User password reset non-interactive script.

This script can be used for changing the password of Solaris system trough non-interactive script.

This can be run like


#/var/tmp/changepass.sh username password

Same script can be downloaded here


#!/usr/bin/bash
#owner:platheef@gmail.com
#Purpose:changing Oracle Solaris password using script. 
TS=`date +"%h-%d-%H-%M-%S-%Y"`
SHADOW=/etc/shadow
x=""
passtxt=$2;
user=$1;
if [ "$x$passtxt" == "$x" ]; then
        echo "Empty password provided, Existing"
        exit 8
fi
if [ "$x$user" == "$x" ]; then
        echo "Empty user provided, Existing"
        exit 7
fi
id $user >/dev/null
if [ $? -gt 0 ]; then
        echo "Wrong user name, User does not exists"
        exit 6
fi
export user=$user
echo $passtxt |perl -nle 'print crypt($_, "\$1\$".join "", (".", "/", 0..9, "A".."Z", "a".."z")[rand 64, rand 64, rand 64, rand 64, rand 64, rand 64, rand 64, rand 64]);' >/tmp/pass-$user
pass=`cat /tmp/pass-$user`
#echo $pass
if [ "$x$pass" == "$x" ]; then
        echo "Empty password hash, Existing"
        exit 5
fi
export pass=$pass
export today=`perl -e '$days=int((time()/86400)); print "$days"'`
perl -p -e 's#^$ENV{user}:.*?.:.*?:#$ENV{user}:$ENV{pass}:$ENV{today}:#' $SHADOW >/tmp/shadow.$TS
Diff=`diff $SHADOW /tmp/shadow.$TS |grep -v ^[0-9]|wc -l`
if [ $Diff -gt 3 ]; then
        echo "Something wrong, trying to change more than 1 line of shadow  Exiting"
        exit 9
fi
#grep $user $SHADOW
perl -p -i.$TS -e 's#^$ENV{user}:.*?.:.*?:#$ENV{user}:$ENV{pass}:$ENV{today}:#' $SHADOW
passwd -u $user >/dev/null
Diff=`diff $SHADOW $SHADOW.$TS |grep -v ^[0-9]|wc -l`
if [ $Diff -eq 3 ]; then
        echo "Success....."
        exit 0
else
        echo "Error: Something wrong. Rolling back"
        cp $SHADOW.$TS $SHADOW
        exit 4
fi

No comments:

Post a Comment