Unknown code in scriptBash escape from scriptScript Issue (Incrementation)Problem with bash scriptNew to script question: 'else' not expected in BASH scriptErrors in Averaging Function Script Code?Obfuscate a Bash scriptNot sure what this line of script code is doingExtracting source code by using script languageError return code of bash script is not the value I sendClear “unknown” characters from bash script

What *exactly* is electrical current, voltage, and resistance?

Does a large simulator bay have standard public address announcements?

How can I wire a 9-position switch so that each position turns on one more LED than the one before?

How much of a wave function must reside inside event horizon for it to be consumed by the black hole?

As an international instructor, should I openly talk about my accent?

std::unique_ptr of base class holding reference of derived class does not show warning in gcc compiler while naked pointer shows it. Why?

"The cow" OR "a cow" OR "cows" in this context

Will I lose my paid in full property

Where was the County of Thurn und Taxis located?

What does a straight horizontal line above a few notes, after a changed tempo mean?

Multiple options vs single option UI

Multiple fireplaces in an apartment building?

Why is the underscore command _ useful?

How can I practically buy stocks?

What is this word supposed to be?

Is there metaphorical meaning of "aus der Haft entlassen"?

Why did Rep. Omar conclude her criticism of US troops with the phrase "NotTodaySatan"?

Apply a different color ramp to subset of categorized symbols in QGIS?

Double-nominative constructions and “von”

A Paper Record is What I Hamper

Is Electric Central Heating worth it if using Solar Panels?

Why did C use the -> operator instead of reusing the . operator?

How to keep bees out of canned beverages?

What makes accurate emulation of old systems a difficult task?



Unknown code in script


Bash escape from scriptScript Issue (Incrementation)Problem with bash scriptNew to script question: 'else' not expected in BASH scriptErrors in Averaging Function Script Code?Obfuscate a Bash scriptNot sure what this line of script code is doingExtracting source code by using script languageError return code of bash script is not the value I sendClear “unknown” characters from bash script






.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty margin-bottom:0;








6















I found some code in a script given to me by another person as a resource for lockdown/hardening of Ubuntu 16.04 for a project I am doing.



I have no idea what it does and do no want to run it if I can't identify the change it would make, is anyone aware of what it does or changes? Only code without a brief explanation comment, and it happens to be the only thing I do not know. Also, second function is identifiable by function but I don't understand the purpose or specifics.



function bacon.config.ubuntu.chage() 
CHAGE_SCRIPT='/etc/cron.daily/userchage'
if [ ! -e $CHAGE_SCRIPT ]; then
printf "#%c/bin/bash nfor i in $(awk -F: 'if(($3 >= 1000)&&($3 <65534)) print $1' /etc/passwd); do nchage -m 0 -M 60 -W 10 $i ndone n" ! > $CHAGE_SCRIPT
chmod +x $CHAGE_SCRIPT
fi


function bacon.config.ubuntu.log.rotate()
echo "bacon.config.ubuntu.log.rotate: [INFO] Installing logrotate..."

sudo apt-get install logrotate 1>/dev/null

echo "bacon.config.ubuntu.log.rotate: [INFO] Configuring logrotate..."
sed 's/rotate 4/rotate 60/' /etc/logrotate.conf > /etc/logrotate.conf.new
mv /etc/logrotate.conf.new /etc/logrotate.conf
sed 's/rotate 1/rotate 60/' /etc/logrotate.conf > /etc/logrotate.conf.new
mv /etc/logrotate.conf.new /etc/log.rotate.conf
sed 's/rotate 7/rotate 1825/' /etc/logrotate.d/rsyslog > /etc/logrotate.d/rsyslog.new
mv /etc/logrotate.d/rsyslog.new /etc/logrotate.d/rsyslog



Any help identifying these would be amazing.










share|improve this question









New contributor




Brendan77222 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.















  • 2





    I would ask the person who gave me the code what it does.

    – WinEunuuchs2Unix
    11 hours ago






  • 1





    @WinEunuuchs2Unix Normally I would as well, but they are away from the office for a while due to personal circumstances. Trust me, I know how much easier that would be. :)

    – Brendan77222
    11 hours ago






  • 2





    Well done on not running a script as root when you don't know what it does.

    – Wildcard
    3 hours ago

















6















I found some code in a script given to me by another person as a resource for lockdown/hardening of Ubuntu 16.04 for a project I am doing.



I have no idea what it does and do no want to run it if I can't identify the change it would make, is anyone aware of what it does or changes? Only code without a brief explanation comment, and it happens to be the only thing I do not know. Also, second function is identifiable by function but I don't understand the purpose or specifics.



function bacon.config.ubuntu.chage() 
CHAGE_SCRIPT='/etc/cron.daily/userchage'
if [ ! -e $CHAGE_SCRIPT ]; then
printf "#%c/bin/bash nfor i in $(awk -F: 'if(($3 >= 1000)&&($3 <65534)) print $1' /etc/passwd); do nchage -m 0 -M 60 -W 10 $i ndone n" ! > $CHAGE_SCRIPT
chmod +x $CHAGE_SCRIPT
fi


function bacon.config.ubuntu.log.rotate()
echo "bacon.config.ubuntu.log.rotate: [INFO] Installing logrotate..."

sudo apt-get install logrotate 1>/dev/null

echo "bacon.config.ubuntu.log.rotate: [INFO] Configuring logrotate..."
sed 's/rotate 4/rotate 60/' /etc/logrotate.conf > /etc/logrotate.conf.new
mv /etc/logrotate.conf.new /etc/logrotate.conf
sed 's/rotate 1/rotate 60/' /etc/logrotate.conf > /etc/logrotate.conf.new
mv /etc/logrotate.conf.new /etc/log.rotate.conf
sed 's/rotate 7/rotate 1825/' /etc/logrotate.d/rsyslog > /etc/logrotate.d/rsyslog.new
mv /etc/logrotate.d/rsyslog.new /etc/logrotate.d/rsyslog



Any help identifying these would be amazing.










share|improve this question









New contributor




Brendan77222 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.















  • 2





    I would ask the person who gave me the code what it does.

    – WinEunuuchs2Unix
    11 hours ago






  • 1





    @WinEunuuchs2Unix Normally I would as well, but they are away from the office for a while due to personal circumstances. Trust me, I know how much easier that would be. :)

    – Brendan77222
    11 hours ago






  • 2





    Well done on not running a script as root when you don't know what it does.

    – Wildcard
    3 hours ago













6












6








6


1






I found some code in a script given to me by another person as a resource for lockdown/hardening of Ubuntu 16.04 for a project I am doing.



I have no idea what it does and do no want to run it if I can't identify the change it would make, is anyone aware of what it does or changes? Only code without a brief explanation comment, and it happens to be the only thing I do not know. Also, second function is identifiable by function but I don't understand the purpose or specifics.



function bacon.config.ubuntu.chage() 
CHAGE_SCRIPT='/etc/cron.daily/userchage'
if [ ! -e $CHAGE_SCRIPT ]; then
printf "#%c/bin/bash nfor i in $(awk -F: 'if(($3 >= 1000)&&($3 <65534)) print $1' /etc/passwd); do nchage -m 0 -M 60 -W 10 $i ndone n" ! > $CHAGE_SCRIPT
chmod +x $CHAGE_SCRIPT
fi


function bacon.config.ubuntu.log.rotate()
echo "bacon.config.ubuntu.log.rotate: [INFO] Installing logrotate..."

sudo apt-get install logrotate 1>/dev/null

echo "bacon.config.ubuntu.log.rotate: [INFO] Configuring logrotate..."
sed 's/rotate 4/rotate 60/' /etc/logrotate.conf > /etc/logrotate.conf.new
mv /etc/logrotate.conf.new /etc/logrotate.conf
sed 's/rotate 1/rotate 60/' /etc/logrotate.conf > /etc/logrotate.conf.new
mv /etc/logrotate.conf.new /etc/log.rotate.conf
sed 's/rotate 7/rotate 1825/' /etc/logrotate.d/rsyslog > /etc/logrotate.d/rsyslog.new
mv /etc/logrotate.d/rsyslog.new /etc/logrotate.d/rsyslog



Any help identifying these would be amazing.










share|improve this question









New contributor




Brendan77222 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.












I found some code in a script given to me by another person as a resource for lockdown/hardening of Ubuntu 16.04 for a project I am doing.



I have no idea what it does and do no want to run it if I can't identify the change it would make, is anyone aware of what it does or changes? Only code without a brief explanation comment, and it happens to be the only thing I do not know. Also, second function is identifiable by function but I don't understand the purpose or specifics.



function bacon.config.ubuntu.chage() 
CHAGE_SCRIPT='/etc/cron.daily/userchage'
if [ ! -e $CHAGE_SCRIPT ]; then
printf "#%c/bin/bash nfor i in $(awk -F: 'if(($3 >= 1000)&&($3 <65534)) print $1' /etc/passwd); do nchage -m 0 -M 60 -W 10 $i ndone n" ! > $CHAGE_SCRIPT
chmod +x $CHAGE_SCRIPT
fi


function bacon.config.ubuntu.log.rotate()
echo "bacon.config.ubuntu.log.rotate: [INFO] Installing logrotate..."

sudo apt-get install logrotate 1>/dev/null

echo "bacon.config.ubuntu.log.rotate: [INFO] Configuring logrotate..."
sed 's/rotate 4/rotate 60/' /etc/logrotate.conf > /etc/logrotate.conf.new
mv /etc/logrotate.conf.new /etc/logrotate.conf
sed 's/rotate 1/rotate 60/' /etc/logrotate.conf > /etc/logrotate.conf.new
mv /etc/logrotate.conf.new /etc/log.rotate.conf
sed 's/rotate 7/rotate 1825/' /etc/logrotate.d/rsyslog > /etc/logrotate.d/rsyslog.new
mv /etc/logrotate.d/rsyslog.new /etc/logrotate.d/rsyslog



Any help identifying these would be amazing.







bash scripts






share|improve this question









New contributor




Brendan77222 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.











share|improve this question









New contributor




Brendan77222 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









share|improve this question




share|improve this question








edited 10 hours ago









serv-inc

1,7211521




1,7211521






New contributor




Brendan77222 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









asked 11 hours ago









Brendan77222Brendan77222

315




315




New contributor




Brendan77222 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.





New contributor





Brendan77222 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.






Brendan77222 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.







  • 2





    I would ask the person who gave me the code what it does.

    – WinEunuuchs2Unix
    11 hours ago






  • 1





    @WinEunuuchs2Unix Normally I would as well, but they are away from the office for a while due to personal circumstances. Trust me, I know how much easier that would be. :)

    – Brendan77222
    11 hours ago






  • 2





    Well done on not running a script as root when you don't know what it does.

    – Wildcard
    3 hours ago












  • 2





    I would ask the person who gave me the code what it does.

    – WinEunuuchs2Unix
    11 hours ago






  • 1





    @WinEunuuchs2Unix Normally I would as well, but they are away from the office for a while due to personal circumstances. Trust me, I know how much easier that would be. :)

    – Brendan77222
    11 hours ago






  • 2





    Well done on not running a script as root when you don't know what it does.

    – Wildcard
    3 hours ago







2




2





I would ask the person who gave me the code what it does.

– WinEunuuchs2Unix
11 hours ago





I would ask the person who gave me the code what it does.

– WinEunuuchs2Unix
11 hours ago




1




1





@WinEunuuchs2Unix Normally I would as well, but they are away from the office for a while due to personal circumstances. Trust me, I know how much easier that would be. :)

– Brendan77222
11 hours ago





@WinEunuuchs2Unix Normally I would as well, but they are away from the office for a while due to personal circumstances. Trust me, I know how much easier that would be. :)

– Brendan77222
11 hours ago




2




2





Well done on not running a script as root when you don't know what it does.

– Wildcard
3 hours ago





Well done on not running a script as root when you don't know what it does.

– Wildcard
3 hours ago










3 Answers
3






active

oldest

votes


















6














The first function checks whether file $CHAGE_SCRIPT exists, and if not attempts to create it with a printf statement. You can see what this statement does by running it in a terminal:



$ printf "#%c/bin/bash nfor i in $(awk -F: 'if(($3 >= 1000)&&($3 <65534)) print $1' /etc/passwd); do nchage -m 0 -M 60 -W 10 $i ndone n" !
#!/bin/bash
for i in $(awk -F: 'if(( >= 1000)&&( <65534)) print $1' /etc/passwd); do
chage -m 0 -M 60 -W 10 $i
done


You will notice that instances of $3 evaluate empty because (unlike $1) they are not protected from expansion by the shell. The use of %c to insert the ! in #!/bin/bash suggests the original author doesn't really understand how bash's history expansion works.



IMHO it would be simpler and clearer to use a here-document:



function bacon.config.ubuntu.chage() 
CHAGE_SCRIPT='/etc/cron.daily/userchage'
if [ ! -e "$CHAGE_SCRIPT" ]; then
cat << 'EOF' > "$CHAGE_SCRIPT"
#!/bin/bash
for i in $(awk -F: 'if(($3 >= 1000)&&($3 <65534)) print $1' /etc/passwd); do
chage -m 0 -M 60 -W 10 $i
done
EOF
chmod +x "$CHAGE_SCRIPT"
fi



The operation of the second function should be pretty obvious - it could be simplified by combining all the sed commands so that the file is only written / moved once.






share|improve this answer























  • If the $3 evaluates empty, is there a reason to include it? If I wanted something to complete the same task, without useless portions included how much would I need to change it?

    – Brendan77222
    10 hours ago






  • 1





    @Brendan77222 I'm assuming the empty evaluation of $3 was unintentional - since it would result in a syntax error from awk

    – steeldriver
    9 hours ago











  • would leaving it in or taking it out be something I need to be concerned with? Should I want it to function as intended at least.

    – Brendan77222
    6 hours ago


















3














The script contains two function definitions. The first function, bacon.config.ubuntu.chage, creates a script at /etc/cron.daily/userchage (comments added by me):



#!/bin/bash
# loop through users with uid >= 1000 and uid < 65534 theoretically, but $3 isn't escaped -> doesn't work
for i in $(awk -F: 'if(( >= 1000)&&( <65534)) print $1' /etc/passwd);do
# set password to expire after 60 days, warning after 50 days
chage -m 0 -M 60 -W 10 $i
done


The second function installs logrotate and creates a config file for it.






share|improve this answer










New contributor




FliegendeWurst is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.




















  • Awesome those comments help a lot. is there a reason for inserting a script at /etc/chron.daily/userchage rather than just executing the for loop you put here? I am unfamiliar with userchage file's function

    – Brendan77222
    10 hours ago






  • 1





    Yes, any scripts in /etc/cron.daily/ will be executed once per day.

    – FliegendeWurst
    10 hours ago











  • Awesome, thank you for the confirmation on what I suspected. Awesome help.

    – Brendan77222
    10 hours ago


















2














The chage program changes the password expiry for all users. That is, it only lets them keep their current password for at most 60 days. It is run daily. The minimum duration of 0 is questionable as of https://security.stackexchange.com/questions/78758/what-is-the-purpose-of-the-password-minimum-age-setting. Maybe ask on https://security.stackexchange.com if this is really recommended.



Why logrotate should improve security is a bit above me.






share|improve this answer


















  • 1





    Oh, we definitely want a minimum password age of 24 hours. I assume that is the -m flag? I can read the man page as well, just was confused on why it used a check for a script. But I now feel from your comment it does that to ensure this is checked daily rather than a one time thing.

    – Brendan77222
    10 hours ago






  • 1





    Exactly. And -m seems correct. If you can read the man pages, you can see man cron for the cron.daily folder.

    – serv-inc
    7 hours ago












Your Answer








StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "89"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);






Brendan77222 is a new contributor. Be nice, and check out our Code of Conduct.









draft saved

draft discarded


















StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1138035%2funknown-code-in-script%23new-answer', 'question_page');

);

Post as a guest















Required, but never shown

























3 Answers
3






active

oldest

votes








3 Answers
3






active

oldest

votes









active

oldest

votes






active

oldest

votes









6














The first function checks whether file $CHAGE_SCRIPT exists, and if not attempts to create it with a printf statement. You can see what this statement does by running it in a terminal:



$ printf "#%c/bin/bash nfor i in $(awk -F: 'if(($3 >= 1000)&&($3 <65534)) print $1' /etc/passwd); do nchage -m 0 -M 60 -W 10 $i ndone n" !
#!/bin/bash
for i in $(awk -F: 'if(( >= 1000)&&( <65534)) print $1' /etc/passwd); do
chage -m 0 -M 60 -W 10 $i
done


You will notice that instances of $3 evaluate empty because (unlike $1) they are not protected from expansion by the shell. The use of %c to insert the ! in #!/bin/bash suggests the original author doesn't really understand how bash's history expansion works.



IMHO it would be simpler and clearer to use a here-document:



function bacon.config.ubuntu.chage() 
CHAGE_SCRIPT='/etc/cron.daily/userchage'
if [ ! -e "$CHAGE_SCRIPT" ]; then
cat << 'EOF' > "$CHAGE_SCRIPT"
#!/bin/bash
for i in $(awk -F: 'if(($3 >= 1000)&&($3 <65534)) print $1' /etc/passwd); do
chage -m 0 -M 60 -W 10 $i
done
EOF
chmod +x "$CHAGE_SCRIPT"
fi



The operation of the second function should be pretty obvious - it could be simplified by combining all the sed commands so that the file is only written / moved once.






share|improve this answer























  • If the $3 evaluates empty, is there a reason to include it? If I wanted something to complete the same task, without useless portions included how much would I need to change it?

    – Brendan77222
    10 hours ago






  • 1





    @Brendan77222 I'm assuming the empty evaluation of $3 was unintentional - since it would result in a syntax error from awk

    – steeldriver
    9 hours ago











  • would leaving it in or taking it out be something I need to be concerned with? Should I want it to function as intended at least.

    – Brendan77222
    6 hours ago















6














The first function checks whether file $CHAGE_SCRIPT exists, and if not attempts to create it with a printf statement. You can see what this statement does by running it in a terminal:



$ printf "#%c/bin/bash nfor i in $(awk -F: 'if(($3 >= 1000)&&($3 <65534)) print $1' /etc/passwd); do nchage -m 0 -M 60 -W 10 $i ndone n" !
#!/bin/bash
for i in $(awk -F: 'if(( >= 1000)&&( <65534)) print $1' /etc/passwd); do
chage -m 0 -M 60 -W 10 $i
done


You will notice that instances of $3 evaluate empty because (unlike $1) they are not protected from expansion by the shell. The use of %c to insert the ! in #!/bin/bash suggests the original author doesn't really understand how bash's history expansion works.



IMHO it would be simpler and clearer to use a here-document:



function bacon.config.ubuntu.chage() 
CHAGE_SCRIPT='/etc/cron.daily/userchage'
if [ ! -e "$CHAGE_SCRIPT" ]; then
cat << 'EOF' > "$CHAGE_SCRIPT"
#!/bin/bash
for i in $(awk -F: 'if(($3 >= 1000)&&($3 <65534)) print $1' /etc/passwd); do
chage -m 0 -M 60 -W 10 $i
done
EOF
chmod +x "$CHAGE_SCRIPT"
fi



The operation of the second function should be pretty obvious - it could be simplified by combining all the sed commands so that the file is only written / moved once.






share|improve this answer























  • If the $3 evaluates empty, is there a reason to include it? If I wanted something to complete the same task, without useless portions included how much would I need to change it?

    – Brendan77222
    10 hours ago






  • 1





    @Brendan77222 I'm assuming the empty evaluation of $3 was unintentional - since it would result in a syntax error from awk

    – steeldriver
    9 hours ago











  • would leaving it in or taking it out be something I need to be concerned with? Should I want it to function as intended at least.

    – Brendan77222
    6 hours ago













6












6








6







The first function checks whether file $CHAGE_SCRIPT exists, and if not attempts to create it with a printf statement. You can see what this statement does by running it in a terminal:



$ printf "#%c/bin/bash nfor i in $(awk -F: 'if(($3 >= 1000)&&($3 <65534)) print $1' /etc/passwd); do nchage -m 0 -M 60 -W 10 $i ndone n" !
#!/bin/bash
for i in $(awk -F: 'if(( >= 1000)&&( <65534)) print $1' /etc/passwd); do
chage -m 0 -M 60 -W 10 $i
done


You will notice that instances of $3 evaluate empty because (unlike $1) they are not protected from expansion by the shell. The use of %c to insert the ! in #!/bin/bash suggests the original author doesn't really understand how bash's history expansion works.



IMHO it would be simpler and clearer to use a here-document:



function bacon.config.ubuntu.chage() 
CHAGE_SCRIPT='/etc/cron.daily/userchage'
if [ ! -e "$CHAGE_SCRIPT" ]; then
cat << 'EOF' > "$CHAGE_SCRIPT"
#!/bin/bash
for i in $(awk -F: 'if(($3 >= 1000)&&($3 <65534)) print $1' /etc/passwd); do
chage -m 0 -M 60 -W 10 $i
done
EOF
chmod +x "$CHAGE_SCRIPT"
fi



The operation of the second function should be pretty obvious - it could be simplified by combining all the sed commands so that the file is only written / moved once.






share|improve this answer













The first function checks whether file $CHAGE_SCRIPT exists, and if not attempts to create it with a printf statement. You can see what this statement does by running it in a terminal:



$ printf "#%c/bin/bash nfor i in $(awk -F: 'if(($3 >= 1000)&&($3 <65534)) print $1' /etc/passwd); do nchage -m 0 -M 60 -W 10 $i ndone n" !
#!/bin/bash
for i in $(awk -F: 'if(( >= 1000)&&( <65534)) print $1' /etc/passwd); do
chage -m 0 -M 60 -W 10 $i
done


You will notice that instances of $3 evaluate empty because (unlike $1) they are not protected from expansion by the shell. The use of %c to insert the ! in #!/bin/bash suggests the original author doesn't really understand how bash's history expansion works.



IMHO it would be simpler and clearer to use a here-document:



function bacon.config.ubuntu.chage() 
CHAGE_SCRIPT='/etc/cron.daily/userchage'
if [ ! -e "$CHAGE_SCRIPT" ]; then
cat << 'EOF' > "$CHAGE_SCRIPT"
#!/bin/bash
for i in $(awk -F: 'if(($3 >= 1000)&&($3 <65534)) print $1' /etc/passwd); do
chage -m 0 -M 60 -W 10 $i
done
EOF
chmod +x "$CHAGE_SCRIPT"
fi



The operation of the second function should be pretty obvious - it could be simplified by combining all the sed commands so that the file is only written / moved once.







share|improve this answer












share|improve this answer



share|improve this answer










answered 11 hours ago









steeldriversteeldriver

71.3k11115187




71.3k11115187












  • If the $3 evaluates empty, is there a reason to include it? If I wanted something to complete the same task, without useless portions included how much would I need to change it?

    – Brendan77222
    10 hours ago






  • 1





    @Brendan77222 I'm assuming the empty evaluation of $3 was unintentional - since it would result in a syntax error from awk

    – steeldriver
    9 hours ago











  • would leaving it in or taking it out be something I need to be concerned with? Should I want it to function as intended at least.

    – Brendan77222
    6 hours ago

















  • If the $3 evaluates empty, is there a reason to include it? If I wanted something to complete the same task, without useless portions included how much would I need to change it?

    – Brendan77222
    10 hours ago






  • 1





    @Brendan77222 I'm assuming the empty evaluation of $3 was unintentional - since it would result in a syntax error from awk

    – steeldriver
    9 hours ago











  • would leaving it in or taking it out be something I need to be concerned with? Should I want it to function as intended at least.

    – Brendan77222
    6 hours ago
















If the $3 evaluates empty, is there a reason to include it? If I wanted something to complete the same task, without useless portions included how much would I need to change it?

– Brendan77222
10 hours ago





If the $3 evaluates empty, is there a reason to include it? If I wanted something to complete the same task, without useless portions included how much would I need to change it?

– Brendan77222
10 hours ago




1




1





@Brendan77222 I'm assuming the empty evaluation of $3 was unintentional - since it would result in a syntax error from awk

– steeldriver
9 hours ago





@Brendan77222 I'm assuming the empty evaluation of $3 was unintentional - since it would result in a syntax error from awk

– steeldriver
9 hours ago













would leaving it in or taking it out be something I need to be concerned with? Should I want it to function as intended at least.

– Brendan77222
6 hours ago





would leaving it in or taking it out be something I need to be concerned with? Should I want it to function as intended at least.

– Brendan77222
6 hours ago













3














The script contains two function definitions. The first function, bacon.config.ubuntu.chage, creates a script at /etc/cron.daily/userchage (comments added by me):



#!/bin/bash
# loop through users with uid >= 1000 and uid < 65534 theoretically, but $3 isn't escaped -> doesn't work
for i in $(awk -F: 'if(( >= 1000)&&( <65534)) print $1' /etc/passwd);do
# set password to expire after 60 days, warning after 50 days
chage -m 0 -M 60 -W 10 $i
done


The second function installs logrotate and creates a config file for it.






share|improve this answer










New contributor




FliegendeWurst is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.




















  • Awesome those comments help a lot. is there a reason for inserting a script at /etc/chron.daily/userchage rather than just executing the for loop you put here? I am unfamiliar with userchage file's function

    – Brendan77222
    10 hours ago






  • 1





    Yes, any scripts in /etc/cron.daily/ will be executed once per day.

    – FliegendeWurst
    10 hours ago











  • Awesome, thank you for the confirmation on what I suspected. Awesome help.

    – Brendan77222
    10 hours ago















3














The script contains two function definitions. The first function, bacon.config.ubuntu.chage, creates a script at /etc/cron.daily/userchage (comments added by me):



#!/bin/bash
# loop through users with uid >= 1000 and uid < 65534 theoretically, but $3 isn't escaped -> doesn't work
for i in $(awk -F: 'if(( >= 1000)&&( <65534)) print $1' /etc/passwd);do
# set password to expire after 60 days, warning after 50 days
chage -m 0 -M 60 -W 10 $i
done


The second function installs logrotate and creates a config file for it.






share|improve this answer










New contributor




FliegendeWurst is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.




















  • Awesome those comments help a lot. is there a reason for inserting a script at /etc/chron.daily/userchage rather than just executing the for loop you put here? I am unfamiliar with userchage file's function

    – Brendan77222
    10 hours ago






  • 1





    Yes, any scripts in /etc/cron.daily/ will be executed once per day.

    – FliegendeWurst
    10 hours ago











  • Awesome, thank you for the confirmation on what I suspected. Awesome help.

    – Brendan77222
    10 hours ago













3












3








3







The script contains two function definitions. The first function, bacon.config.ubuntu.chage, creates a script at /etc/cron.daily/userchage (comments added by me):



#!/bin/bash
# loop through users with uid >= 1000 and uid < 65534 theoretically, but $3 isn't escaped -> doesn't work
for i in $(awk -F: 'if(( >= 1000)&&( <65534)) print $1' /etc/passwd);do
# set password to expire after 60 days, warning after 50 days
chage -m 0 -M 60 -W 10 $i
done


The second function installs logrotate and creates a config file for it.






share|improve this answer










New contributor




FliegendeWurst is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.










The script contains two function definitions. The first function, bacon.config.ubuntu.chage, creates a script at /etc/cron.daily/userchage (comments added by me):



#!/bin/bash
# loop through users with uid >= 1000 and uid < 65534 theoretically, but $3 isn't escaped -> doesn't work
for i in $(awk -F: 'if(( >= 1000)&&( <65534)) print $1' /etc/passwd);do
# set password to expire after 60 days, warning after 50 days
chage -m 0 -M 60 -W 10 $i
done


The second function installs logrotate and creates a config file for it.







share|improve this answer










New contributor




FliegendeWurst is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









share|improve this answer



share|improve this answer








edited 10 hours ago





















New contributor




FliegendeWurst is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









answered 11 hours ago









FliegendeWurstFliegendeWurst

11310




11310




New contributor




FliegendeWurst is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.





New contributor





FliegendeWurst is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.






FliegendeWurst is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.












  • Awesome those comments help a lot. is there a reason for inserting a script at /etc/chron.daily/userchage rather than just executing the for loop you put here? I am unfamiliar with userchage file's function

    – Brendan77222
    10 hours ago






  • 1





    Yes, any scripts in /etc/cron.daily/ will be executed once per day.

    – FliegendeWurst
    10 hours ago











  • Awesome, thank you for the confirmation on what I suspected. Awesome help.

    – Brendan77222
    10 hours ago

















  • Awesome those comments help a lot. is there a reason for inserting a script at /etc/chron.daily/userchage rather than just executing the for loop you put here? I am unfamiliar with userchage file's function

    – Brendan77222
    10 hours ago






  • 1





    Yes, any scripts in /etc/cron.daily/ will be executed once per day.

    – FliegendeWurst
    10 hours ago











  • Awesome, thank you for the confirmation on what I suspected. Awesome help.

    – Brendan77222
    10 hours ago
















Awesome those comments help a lot. is there a reason for inserting a script at /etc/chron.daily/userchage rather than just executing the for loop you put here? I am unfamiliar with userchage file's function

– Brendan77222
10 hours ago





Awesome those comments help a lot. is there a reason for inserting a script at /etc/chron.daily/userchage rather than just executing the for loop you put here? I am unfamiliar with userchage file's function

– Brendan77222
10 hours ago




1




1





Yes, any scripts in /etc/cron.daily/ will be executed once per day.

– FliegendeWurst
10 hours ago





Yes, any scripts in /etc/cron.daily/ will be executed once per day.

– FliegendeWurst
10 hours ago













Awesome, thank you for the confirmation on what I suspected. Awesome help.

– Brendan77222
10 hours ago





Awesome, thank you for the confirmation on what I suspected. Awesome help.

– Brendan77222
10 hours ago











2














The chage program changes the password expiry for all users. That is, it only lets them keep their current password for at most 60 days. It is run daily. The minimum duration of 0 is questionable as of https://security.stackexchange.com/questions/78758/what-is-the-purpose-of-the-password-minimum-age-setting. Maybe ask on https://security.stackexchange.com if this is really recommended.



Why logrotate should improve security is a bit above me.






share|improve this answer


















  • 1





    Oh, we definitely want a minimum password age of 24 hours. I assume that is the -m flag? I can read the man page as well, just was confused on why it used a check for a script. But I now feel from your comment it does that to ensure this is checked daily rather than a one time thing.

    – Brendan77222
    10 hours ago






  • 1





    Exactly. And -m seems correct. If you can read the man pages, you can see man cron for the cron.daily folder.

    – serv-inc
    7 hours ago
















2














The chage program changes the password expiry for all users. That is, it only lets them keep their current password for at most 60 days. It is run daily. The minimum duration of 0 is questionable as of https://security.stackexchange.com/questions/78758/what-is-the-purpose-of-the-password-minimum-age-setting. Maybe ask on https://security.stackexchange.com if this is really recommended.



Why logrotate should improve security is a bit above me.






share|improve this answer


















  • 1





    Oh, we definitely want a minimum password age of 24 hours. I assume that is the -m flag? I can read the man page as well, just was confused on why it used a check for a script. But I now feel from your comment it does that to ensure this is checked daily rather than a one time thing.

    – Brendan77222
    10 hours ago






  • 1





    Exactly. And -m seems correct. If you can read the man pages, you can see man cron for the cron.daily folder.

    – serv-inc
    7 hours ago














2












2








2







The chage program changes the password expiry for all users. That is, it only lets them keep their current password for at most 60 days. It is run daily. The minimum duration of 0 is questionable as of https://security.stackexchange.com/questions/78758/what-is-the-purpose-of-the-password-minimum-age-setting. Maybe ask on https://security.stackexchange.com if this is really recommended.



Why logrotate should improve security is a bit above me.






share|improve this answer













The chage program changes the password expiry for all users. That is, it only lets them keep their current password for at most 60 days. It is run daily. The minimum duration of 0 is questionable as of https://security.stackexchange.com/questions/78758/what-is-the-purpose-of-the-password-minimum-age-setting. Maybe ask on https://security.stackexchange.com if this is really recommended.



Why logrotate should improve security is a bit above me.







share|improve this answer












share|improve this answer



share|improve this answer










answered 10 hours ago









serv-incserv-inc

1,7211521




1,7211521







  • 1





    Oh, we definitely want a minimum password age of 24 hours. I assume that is the -m flag? I can read the man page as well, just was confused on why it used a check for a script. But I now feel from your comment it does that to ensure this is checked daily rather than a one time thing.

    – Brendan77222
    10 hours ago






  • 1





    Exactly. And -m seems correct. If you can read the man pages, you can see man cron for the cron.daily folder.

    – serv-inc
    7 hours ago













  • 1





    Oh, we definitely want a minimum password age of 24 hours. I assume that is the -m flag? I can read the man page as well, just was confused on why it used a check for a script. But I now feel from your comment it does that to ensure this is checked daily rather than a one time thing.

    – Brendan77222
    10 hours ago






  • 1





    Exactly. And -m seems correct. If you can read the man pages, you can see man cron for the cron.daily folder.

    – serv-inc
    7 hours ago








1




1





Oh, we definitely want a minimum password age of 24 hours. I assume that is the -m flag? I can read the man page as well, just was confused on why it used a check for a script. But I now feel from your comment it does that to ensure this is checked daily rather than a one time thing.

– Brendan77222
10 hours ago





Oh, we definitely want a minimum password age of 24 hours. I assume that is the -m flag? I can read the man page as well, just was confused on why it used a check for a script. But I now feel from your comment it does that to ensure this is checked daily rather than a one time thing.

– Brendan77222
10 hours ago




1




1





Exactly. And -m seems correct. If you can read the man pages, you can see man cron for the cron.daily folder.

– serv-inc
7 hours ago






Exactly. And -m seems correct. If you can read the man pages, you can see man cron for the cron.daily folder.

– serv-inc
7 hours ago











Brendan77222 is a new contributor. Be nice, and check out our Code of Conduct.









draft saved

draft discarded


















Brendan77222 is a new contributor. Be nice, and check out our Code of Conduct.












Brendan77222 is a new contributor. Be nice, and check out our Code of Conduct.











Brendan77222 is a new contributor. Be nice, and check out our Code of Conduct.














Thanks for contributing an answer to Ask Ubuntu!


  • Please be sure to answer the question. Provide details and share your research!

But avoid


  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.

To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1138035%2funknown-code-in-script%23new-answer', 'question_page');

);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







Popular posts from this blog

Nidaros erkebispedøme

Birsay

Was Woodrow Wilson really a Liberal?Was World War I a war of liberals against authoritarians?Founding Fathers...