Unknown code in scriptBash escape from scriptScript Issue (Incrementation)Problem with bash scriptNew to script question: 'else' not expected in BASH scriptErrors in Averaging Function Script Code?Obfuscate a Bash scriptNot sure what this line of script code is doingExtracting source code by using script languageError return code of bash script is not the value I sendClear “unknown” characters from bash script

What *exactly* is electrical current, voltage, and resistance?

Does a large simulator bay have standard public address announcements?

How can I wire a 9-position switch so that each position turns on one more LED than the one before?

How much of a wave function must reside inside event horizon for it to be consumed by the black hole?

As an international instructor, should I openly talk about my accent?

std::unique_ptr of base class holding reference of derived class does not show warning in gcc compiler while naked pointer shows it. Why?

"The cow" OR "a cow" OR "cows" in this context

Will I lose my paid in full property

Where was the County of Thurn und Taxis located?

What does a straight horizontal line above a few notes, after a changed tempo mean?

Multiple options vs single option UI

Multiple fireplaces in an apartment building?

Why is the underscore command _ useful?

How can I practically buy stocks?

What is this word supposed to be?

Is there metaphorical meaning of "aus der Haft entlassen"?

Why did Rep. Omar conclude her criticism of US troops with the phrase "NotTodaySatan"?

Apply a different color ramp to subset of categorized symbols in QGIS?

Double-nominative constructions and “von”

A Paper Record is What I Hamper

Is Electric Central Heating worth it if using Solar Panels?

Why did C use the -> operator instead of reusing the . operator?

How to keep bees out of canned beverages?

What makes accurate emulation of old systems a difficult task?



Unknown code in script


Bash escape from scriptScript Issue (Incrementation)Problem with bash scriptNew to script question: 'else' not expected in BASH scriptErrors in Averaging Function Script Code?Obfuscate a Bash scriptNot sure what this line of script code is doingExtracting source code by using script languageError return code of bash script is not the value I sendClear “unknown” characters from bash script






.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty margin-bottom:0;








6















I found some code in a script given to me by another person as a resource for lockdown/hardening of Ubuntu 16.04 for a project I am doing.



I have no idea what it does and do no want to run it if I can't identify the change it would make, is anyone aware of what it does or changes? Only code without a brief explanation comment, and it happens to be the only thing I do not know. Also, second function is identifiable by function but I don't understand the purpose or specifics.



function bacon.config.ubuntu.chage() 
CHAGE_SCRIPT='/etc/cron.daily/userchage'
if [ ! -e $CHAGE_SCRIPT ]; then
printf "#%c/bin/bash nfor i in $(awk -F: 'if(($3 >= 1000)&&($3 <65534)) print $1' /etc/passwd); do nchage -m 0 -M 60 -W 10 $i ndone n" ! > $CHAGE_SCRIPT
 chmod +x $CHAGE_SCRIPT
fi


function bacon.config.ubuntu.log.rotate() 
 echo "bacon.config.ubuntu.log.rotate: [INFO] Installing logrotate..."

 sudo apt-get install logrotate 1>/dev/null

 echo "bacon.config.ubuntu.log.rotate: [INFO] Configuring logrotate..."
 sed 's/rotate 4/rotate 60/' /etc/logrotate.conf > /etc/logrotate.conf.new
 mv /etc/logrotate.conf.new /etc/logrotate.conf
 sed 's/rotate 1/rotate 60/' /etc/logrotate.conf > /etc/logrotate.conf.new
 mv /etc/logrotate.conf.new /etc/log.rotate.conf
 sed 's/rotate 7/rotate 1825/' /etc/logrotate.d/rsyslog > /etc/logrotate.d/rsyslog.new
 mv /etc/logrotate.d/rsyslog.new /etc/logrotate.d/rsyslog



Any help identifying these would be amazing.






bash scripts







share|improve this question









New contributor




Brendan77222 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.















  • 2





    I would ask the person who gave me the code what it does.

    – WinEunuuchs2Unix
    11 hours ago






  • 1





    @WinEunuuchs2Unix Normally I would as well, but they are away from the office for a while due to personal circumstances. Trust me, I know how much easier that would be. :)

    – Brendan77222
    11 hours ago






  • 2





    Well done on not running a script as root when you don't know what it does.

    – Wildcard
    3 hours ago

















6















I found some code in a script given to me by another person as a resource for lockdown/hardening of Ubuntu 16.04 for a project I am doing.



I have no idea what it does and do no want to run it if I can't identify the change it would make, is anyone aware of what it does or changes? Only code without a brief explanation comment, and it happens to be the only thing I do not know. Also, second function is identifiable by function but I don't understand the purpose or specifics.



function bacon.config.ubuntu.chage() 
CHAGE_SCRIPT='/etc/cron.daily/userchage'
if [ ! -e $CHAGE_SCRIPT ]; then
printf "#%c/bin/bash nfor i in $(awk -F: 'if(($3 >= 1000)&&($3 <65534)) print $1' /etc/passwd); do nchage -m 0 -M 60 -W 10 $i ndone n" ! > $CHAGE_SCRIPT
 chmod +x $CHAGE_SCRIPT
fi


function bacon.config.ubuntu.log.rotate() 
 echo "bacon.config.ubuntu.log.rotate: [INFO] Installing logrotate..."

 sudo apt-get install logrotate 1>/dev/null

 echo "bacon.config.ubuntu.log.rotate: [INFO] Configuring logrotate..."
 sed 's/rotate 4/rotate 60/' /etc/logrotate.conf > /etc/logrotate.conf.new
 mv /etc/logrotate.conf.new /etc/logrotate.conf
 sed 's/rotate 1/rotate 60/' /etc/logrotate.conf > /etc/logrotate.conf.new
 mv /etc/logrotate.conf.new /etc/log.rotate.conf
 sed 's/rotate 7/rotate 1825/' /etc/logrotate.d/rsyslog > /etc/logrotate.d/rsyslog.new
 mv /etc/logrotate.d/rsyslog.new /etc/logrotate.d/rsyslog



Any help identifying these would be amazing.






bash scripts







share|improve this question









New contributor




Brendan77222 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.















  • 2





    I would ask the person who gave me the code what it does.

    – WinEunuuchs2Unix
    11 hours ago






  • 1





    @WinEunuuchs2Unix Normally I would as well, but they are away from the office for a while due to personal circumstances. Trust me, I know how much easier that would be. :)

    – Brendan77222
    11 hours ago






  • 2





    Well done on not running a script as root when you don't know what it does.

    – Wildcard
    3 hours ago













6












6








6


1






I found some code in a script given to me by another person as a resource for lockdown/hardening of Ubuntu 16.04 for a project I am doing.



I have no idea what it does and do no want to run it if I can't identify the change it would make, is anyone aware of what it does or changes? Only code without a brief explanation comment, and it happens to be the only thing I do not know. Also, second function is identifiable by function but I don't understand the purpose or specifics.



function bacon.config.ubuntu.chage() 
CHAGE_SCRIPT='/etc/cron.daily/userchage'
if [ ! -e $CHAGE_SCRIPT ]; then
printf "#%c/bin/bash nfor i in $(awk -F: 'if(($3 >= 1000)&&($3 <65534)) print $1' /etc/passwd); do nchage -m 0 -M 60 -W 10 $i ndone n" ! > $CHAGE_SCRIPT
 chmod +x $CHAGE_SCRIPT
fi


function bacon.config.ubuntu.log.rotate() 
 echo "bacon.config.ubuntu.log.rotate: [INFO] Installing logrotate..."

 sudo apt-get install logrotate 1>/dev/null

 echo "bacon.config.ubuntu.log.rotate: [INFO] Configuring logrotate..."
 sed 's/rotate 4/rotate 60/' /etc/logrotate.conf > /etc/logrotate.conf.new
 mv /etc/logrotate.conf.new /etc/logrotate.conf
 sed 's/rotate 1/rotate 60/' /etc/logrotate.conf > /etc/logrotate.conf.new
 mv /etc/logrotate.conf.new /etc/log.rotate.conf
 sed 's/rotate 7/rotate 1825/' /etc/logrotate.d/rsyslog > /etc/logrotate.d/rsyslog.new
 mv /etc/logrotate.d/rsyslog.new /etc/logrotate.d/rsyslog



Any help identifying these would be amazing.






bash scripts







share|improve this question









New contributor




Brendan77222 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.












I found some code in a script given to me by another person as a resource for lockdown/hardening of Ubuntu 16.04 for a project I am doing.



I have no idea what it does and do no want to run it if I can't identify the change it would make, is anyone aware of what it does or changes? Only code without a brief explanation comment, and it happens to be the only thing I do not know. Also, second function is identifiable by function but I don't understand the purpose or specifics.



function bacon.config.ubuntu.chage() 
CHAGE_SCRIPT='/etc/cron.daily/userchage'
if [ ! -e $CHAGE_SCRIPT ]; then
printf "#%c/bin/bash nfor i in $(awk -F: 'if(($3 >= 1000)&&($3 <65534)) print $1' /etc/passwd); do nchage -m 0 -M 60 -W 10 $i ndone n" ! > $CHAGE_SCRIPT
 chmod +x $CHAGE_SCRIPT
fi


function bacon.config.ubuntu.log.rotate() 
 echo "bacon.config.ubuntu.log.rotate: [INFO] Installing logrotate..."

 sudo apt-get install logrotate 1>/dev/null

 echo "bacon.config.ubuntu.log.rotate: [INFO] Configuring logrotate..."
 sed 's/rotate 4/rotate 60/' /etc/logrotate.conf > /etc/logrotate.conf.new
 mv /etc/logrotate.conf.new /etc/logrotate.conf
 sed 's/rotate 1/rotate 60/' /etc/logrotate.conf > /etc/logrotate.conf.new
 mv /etc/logrotate.conf.new /etc/log.rotate.conf
 sed 's/rotate 7/rotate 1825/' /etc/logrotate.d/rsyslog > /etc/logrotate.d/rsyslog.new
 mv /etc/logrotate.d/rsyslog.new /etc/logrotate.d/rsyslog



Any help identifying these would be amazing.






bash scripts




bash scripts






share|improve this question









New contributor




Brendan77222 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.











share|improve this question









New contributor




Brendan77222 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









share|improve this question




share|improve this question








edited 10 hours ago









serv-inc

1,7211521




1,7211521






New contributor




Brendan77222 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









asked 11 hours ago









Brendan77222Brendan77222

315




315




New contributor




Brendan77222 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.





New contributor





Brendan77222 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.






Brendan77222 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.







  • 2





    I would ask the person who gave me the code what it does.

    – WinEunuuchs2Unix
    11 hours ago






  • 1





    @WinEunuuchs2Unix Normally I would as well, but they are away from the office for a while due to personal circumstances. Trust me, I know how much easier that would be. :)

    – Brendan77222
    11 hours ago






  • 2





    Well done on not running a script as root when you don't know what it does.

    – Wildcard
    3 hours ago












  • 2





    I would ask the person who gave me the code what it does.

    – WinEunuuchs2Unix
    11 hours ago






  • 1





    @WinEunuuchs2Unix Normally I would as well, but they are away from the office for a while due to personal circumstances. Trust me, I know how much easier that would be. :)

    – Brendan77222
    11 hours ago






  • 2





    Well done on not running a script as root when you don't know what it does.

    – Wildcard
    3 hours ago







2




2





I would ask the person who gave me the code what it does.

– WinEunuuchs2Unix
11 hours ago





I would ask the person who gave me the code what it does.

– WinEunuuchs2Unix
11 hours ago




1




1





@WinEunuuchs2Unix Normally I would as well, but they are away from the office for a while due to personal circumstances. Trust me, I know how much easier that would be. :)

– Brendan77222
11 hours ago





@WinEunuuchs2Unix Normally I would as well, but they are away from the office for a while due to personal circumstances. Trust me, I know how much easier that would be. :)

– Brendan77222
11 hours ago




2




2





Well done on not running a script as root when you don't know what it does.

– Wildcard
3 hours ago





Well done on not running a script as root when you don't know what it does.

– Wildcard
3 hours ago










3 Answers
3






active

oldest

votes


















6














The first function checks whether file $CHAGE_SCRIPT exists, and if not attempts to create it with a printf statement. You can see what this statement does by running it in a terminal:



$ printf "#%c/bin/bash nfor i in $(awk -F: 'if(($3 >= 1000)&&($3 <65534)) print $1' /etc/passwd); do nchage -m 0 -M 60 -W 10 $i ndone n" !
#!/bin/bash 
for i in $(awk -F: 'if(( >= 1000)&&( <65534)) print $1' /etc/passwd); do 
chage -m 0 -M 60 -W 10 $i 
done


You will notice that instances of $3 evaluate empty because (unlike $1) they are not protected from expansion by the shell. The use of %c to insert the ! in #!/bin/bash suggests the original author doesn't really understand how bash's history expansion works.



IMHO it would be simpler and clearer to use a here-document:



function bacon.config.ubuntu.chage() 
CHAGE_SCRIPT='/etc/cron.daily/userchage'
if [ ! -e "$CHAGE_SCRIPT" ]; then
 cat << 'EOF' > "$CHAGE_SCRIPT"
#!/bin/bash 
for i in $(awk -F: 'if(($3 >= 1000)&&($3 <65534)) print $1' /etc/passwd); do 
chage -m 0 -M 60 -W 10 $i 
done
EOF
 chmod +x "$CHAGE_SCRIPT"
fi



The operation of the second function should be pretty obvious - it could be simplified by combining all the sed commands so that the file is only written / moved once.






share|improve this answer























  • If the $3 evaluates empty, is there a reason to include it? If I wanted something to complete the same task, without useless portions included how much would I need to change it?

    – Brendan77222
    10 hours ago






  • 1





    @Brendan77222 I'm assuming the empty evaluation of $3 was unintentional - since it would result in a syntax error from awk

    – steeldriver
    9 hours ago











  • would leaving it in or taking it out be something I need to be concerned with? Should I want it to function as intended at least.

    – Brendan77222
    6 hours ago


















3














The script contains two function definitions. The first function, bacon.config.ubuntu.chage, creates a script at /etc/cron.daily/userchage (comments added by me):



#!/bin/bash
# loop through users with uid >= 1000 and uid < 65534 theoretically, but $3 isn't escaped -> doesn't work
for i in $(awk -F: 'if(( >= 1000)&&( <65534)) print $1' /etc/passwd);do
 # set password to expire after 60 days, warning after 50 days
 chage -m 0 -M 60 -W 10 $i
done


The second function installs logrotate and creates a config file for it.






share|improve this answer










New contributor




FliegendeWurst is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.




















  • Awesome those comments help a lot. is there a reason for inserting a script at /etc/chron.daily/userchage rather than just executing the for loop you put here? I am unfamiliar with userchage file's function

    – Brendan77222
    10 hours ago






  • 1





    Yes, any scripts in /etc/cron.daily/ will be executed once per day.

    – FliegendeWurst
    10 hours ago











  • Awesome, thank you for the confirmation on what I suspected. Awesome help.

    – Brendan77222
    10 hours ago


















2














The chage program changes the password expiry for all users. That is, it only lets them keep their current password for at most 60 days. It is run daily. The minimum duration of 0 is questionable as of https://security.stackexchange.com/questions/78758/what-is-the-purpose-of-the-password-minimum-age-setting. Maybe ask on https://security.stackexchange.com if this is really recommended.



Why logrotate should improve security is a bit above me.






share|improve this answer


















  • 1





    Oh, we definitely want a minimum password age of 24 hours. I assume that is the -m flag? I can read the man page as well, just was confused on why it used a check for a script. But I now feel from your comment it does that to ensure this is checked daily rather than a one time thing.

    – Brendan77222
    10 hours ago






  • 1





    Exactly. And -m seems correct. If you can read the man pages, you can see man cron for the cron.daily folder.

    – serv-inc
    7 hours ago












Your Answer








StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "89"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);






Brendan77222 is a new contributor. Be nice, and check out our Code of Conduct.









draft saved

draft discarded


















StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1138035%2funknown-code-in-script%23new-answer', 'question_page');

);

Post as a guest















Required, but never shown

























3 Answers
3






active

oldest

votes








3 Answers
3






active

oldest

votes









active

oldest

votes






active

oldest

votes









6














The first function checks whether file $CHAGE_SCRIPT exists, and if not attempts to create it with a printf statement. You can see what this statement does by running it in a terminal:



$ printf "#%c/bin/bash nfor i in $(awk -F: 'if(($3 >= 1000)&&($3 <65534)) print $1' /etc/passwd); do nchage -m 0 -M 60 -W 10 $i ndone n" !
#!/bin/bash 
for i in $(awk -F: 'if(( >= 1000)&&( <65534)) print $1' /etc/passwd); do 
chage -m 0 -M 60 -W 10 $i 
done


You will notice that instances of $3 evaluate empty because (unlike $1) they are not protected from expansion by the shell. The use of %c to insert the ! in #!/bin/bash suggests the original author doesn't really understand how bash's history expansion works.



IMHO it would be simpler and clearer to use a here-document:



function bacon.config.ubuntu.chage() 
CHAGE_SCRIPT='/etc/cron.daily/userchage'
if [ ! -e "$CHAGE_SCRIPT" ]; then
 cat << 'EOF' > "$CHAGE_SCRIPT"
#!/bin/bash 
for i in $(awk -F: 'if(($3 >= 1000)&&($3 <65534)) print $1' /etc/passwd); do 
chage -m 0 -M 60 -W 10 $i 
done
EOF
 chmod +x "$CHAGE_SCRIPT"
fi



The operation of the second function should be pretty obvious - it could be simplified by combining all the sed commands so that the file is only written / moved once.






share|improve this answer























  • If the $3 evaluates empty, is there a reason to include it? If I wanted something to complete the same task, without useless portions included how much would I need to change it?

    – Brendan77222
    10 hours ago






  • 1





    @Brendan77222 I'm assuming the empty evaluation of $3 was unintentional - since it would result in a syntax error from awk

    – steeldriver
    9 hours ago











  • would leaving it in or taking it out be something I need to be concerned with? Should I want it to function as intended at least.

    – Brendan77222
    6 hours ago















6














The first function checks whether file $CHAGE_SCRIPT exists, and if not attempts to create it with a printf statement. You can see what this statement does by running it in a terminal:



$ printf "#%c/bin/bash nfor i in $(awk -F: 'if(($3 >= 1000)&&($3 <65534)) print $1' /etc/passwd); do nchage -m 0 -M 60 -W 10 $i ndone n" !
#!/bin/bash 
for i in $(awk -F: 'if(( >= 1000)&&( <65534)) print $1' /etc/passwd); do 
chage -m 0 -M 60 -W 10 $i 
done


You will notice that instances of $3 evaluate empty because (unlike $1) they are not protected from expansion by the shell. The use of %c to insert the ! in #!/bin/bash suggests the original author doesn't really understand how bash's history expansion works.



IMHO it would be simpler and clearer to use a here-document:



function bacon.config.ubuntu.chage() 
CHAGE_SCRIPT='/etc/cron.daily/userchage'
if [ ! -e "$CHAGE_SCRIPT" ]; then
 cat << 'EOF' > "$CHAGE_SCRIPT"
#!/bin/bash 
for i in $(awk -F: 'if(($3 >= 1000)&&($3 <65534)) print $1' /etc/passwd); do 
chage -m 0 -M 60 -W 10 $i 
done
EOF
 chmod +x "$CHAGE_SCRIPT"
fi



The operation of the second function should be pretty obvious - it could be simplified by combining all the sed commands so that the file is only written / moved once.






share|improve this answer























  • If the $3 evaluates empty, is there a reason to include it? If I wanted something to complete the same task, without useless portions included how much would I need to change it?

    – Brendan77222
    10 hours ago






  • 1





    @Brendan77222 I'm assuming the empty evaluation of $3 was unintentional - since it would result in a syntax error from awk

    – steeldriver
    9 hours ago











  • would leaving it in or taking it out be something I need to be concerned with? Should I want it to function as intended at least.

    – Brendan77222
    6 hours ago













6












6








6







The first function checks whether file $CHAGE_SCRIPT exists, and if not attempts to create it with a printf statement. You can see what this statement does by running it in a terminal:



$ printf "#%c/bin/bash nfor i in $(awk -F: 'if(($3 >= 1000)&&($3 <65534)) print $1' /etc/passwd); do nchage -m 0 -M 60 -W 10 $i ndone n" !
#!/bin/bash 
for i in $(awk -F: 'if(( >= 1000)&&( <65534)) print $1' /etc/passwd); do 
chage -m 0 -M 60 -W 10 $i 
done


You will notice that instances of $3 evaluate empty because (unlike $1) they are not protected from expansion by the shell. The use of %c to insert the ! in #!/bin/bash suggests the original author doesn't really understand how bash's history expansion works.



IMHO it would be simpler and clearer to use a here-document:



function bacon.config.ubuntu.chage() 
CHAGE_SCRIPT='/etc/cron.daily/userchage'
if [ ! -e "$CHAGE_SCRIPT" ]; then
 cat << 'EOF' > "$CHAGE_SCRIPT"
#!/bin/bash 
for i in $(awk -F: 'if(($3 >= 1000)&&($3 <65534)) print $1' /etc/passwd); do 
chage -m 0 -M 60 -W 10 $i 
done
EOF
 chmod +x "$CHAGE_SCRIPT"
fi



The operation of the second function should be pretty obvious - it could be simplified by combining all the sed commands so that the file is only written / moved once.






share|improve this answer













The first function checks whether file $CHAGE_SCRIPT exists, and if not attempts to create it with a printf statement. You can see what this statement does by running it in a terminal:



$ printf "#%c/bin/bash nfor i in $(awk -F: 'if(($3 >= 1000)&&($3 <65534)) print $1' /etc/passwd); do nchage -m 0 -M 60 -W 10 $i ndone n" !
#!/bin/bash 
for i in $(awk -F: 'if(( >= 1000)&&( <65534)) print $1' /etc/passwd); do 
chage -m 0 -M 60 -W 10 $i 
done


You will notice that instances of $3 evaluate empty because (unlike $1) they are not protected from expansion by the shell. The use of %c to insert the ! in #!/bin/bash suggests the original author doesn't really understand how bash's history expansion works.



IMHO it would be simpler and clearer to use a here-document:



function bacon.config.ubuntu.chage() 
CHAGE_SCRIPT='/etc/cron.daily/userchage'
if [ ! -e "$CHAGE_SCRIPT" ]; then
 cat << 'EOF' > "$CHAGE_SCRIPT"
#!/bin/bash 
for i in $(awk -F: 'if(($3 >= 1000)&&($3 <65534)) print $1' /etc/passwd); do 
chage -m 0 -M 60 -W 10 $i 
done
EOF
 chmod +x "$CHAGE_SCRIPT"
fi



The operation of the second function should be pretty obvious - it could be simplified by combining all the sed commands so that the file is only written / moved once.







share|improve this answer












share|improve this answer



share|improve this answer










answered 11 hours ago









steeldriversteeldriver

71.3k11115187




71.3k11115187












  • If the $3 evaluates empty, is there a reason to include it? If I wanted something to complete the same task, without useless portions included how much would I need to change it?

    – Brendan77222
    10 hours ago






  • 1





    @Brendan77222 I'm assuming the empty evaluation of $3 was unintentional - since it would result in a syntax error from awk

    – steeldriver
    9 hours ago











  • would leaving it in or taking it out be something I need to be concerned with? Should I want it to function as intended at least.

    – Brendan77222
    6 hours ago

















  • If the $3 evaluates empty, is there a reason to include it? If I wanted something to complete the same task, without useless portions included how much would I need to change it?

    – Brendan77222
    10 hours ago






  • 1





    @Brendan77222 I'm assuming the empty evaluation of $3 was unintentional - since it would result in a syntax error from awk

    – steeldriver
    9 hours ago











  • would leaving it in or taking it out be something I need to be concerned with? Should I want it to function as intended at least.

    – Brendan77222
    6 hours ago
















If the $3 evaluates empty, is there a reason to include it? If I wanted something to complete the same task, without useless portions included how much would I need to change it?

– Brendan77222
10 hours ago





If the $3 evaluates empty, is there a reason to include it? If I wanted something to complete the same task, without useless portions included how much would I need to change it?

– Brendan77222
10 hours ago




1




1





@Brendan77222 I'm assuming the empty evaluation of $3 was unintentional - since it would result in a syntax error from awk

– steeldriver
9 hours ago





@Brendan77222 I'm assuming the empty evaluation of $3 was unintentional - since it would result in a syntax error from awk

– steeldriver
9 hours ago













would leaving it in or taking it out be something I need to be concerned with? Should I want it to function as intended at least.

– Brendan77222
6 hours ago





would leaving it in or taking it out be something I need to be concerned with? Should I want it to function as intended at least.

– Brendan77222
6 hours ago













3














The script contains two function definitions. The first function, bacon.config.ubuntu.chage, creates a script at /etc/cron.daily/userchage (comments added by me):



#!/bin/bash
# loop through users with uid >= 1000 and uid < 65534 theoretically, but $3 isn't escaped -> doesn't work
for i in $(awk -F: 'if(( >= 1000)&&( <65534)) print $1' /etc/passwd);do
 # set password to expire after 60 days, warning after 50 days
 chage -m 0 -M 60 -W 10 $i
done


The second function installs logrotate and creates a config file for it.






share|improve this answer










New contributor




FliegendeWurst is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.




















  • Awesome those comments help a lot. is there a reason for inserting a script at /etc/chron.daily/userchage rather than just executing the for loop you put here? I am unfamiliar with userchage file's function

    – Brendan77222
    10 hours ago






  • 1





    Yes, any scripts in /etc/cron.daily/ will be executed once per day.

    – FliegendeWurst
    10 hours ago











  • Awesome, thank you for the confirmation on what I suspected. Awesome help.

    – Brendan77222
    10 hours ago















3














The script contains two function definitions. The first function, bacon.config.ubuntu.chage, creates a script at /etc/cron.daily/userchage (comments added by me):



#!/bin/bash
# loop through users with uid >= 1000 and uid < 65534 theoretically, but $3 isn't escaped -> doesn't work
for i in $(awk -F: 'if(( >= 1000)&&( <65534)) print $1' /etc/passwd);do
 # set password to expire after 60 days, warning after 50 days
 chage -m 0 -M 60 -W 10 $i
done


The second function installs logrotate and creates a config file for it.






share|improve this answer










New contributor




FliegendeWurst is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.




















  • Awesome those comments help a lot. is there a reason for inserting a script at /etc/chron.daily/userchage rather than just executing the for loop you put here? I am unfamiliar with userchage file's function

    – Brendan77222
    10 hours ago






  • 1





    Yes, any scripts in /etc/cron.daily/ will be executed once per day.

    – FliegendeWurst
    10 hours ago











  • Awesome, thank you for the confirmation on what I suspected. Awesome help.

    – Brendan77222
    10 hours ago













3












3








3







The script contains two function definitions. The first function, bacon.config.ubuntu.chage, creates a script at /etc/cron.daily/userchage (comments added by me):



#!/bin/bash
# loop through users with uid >= 1000 and uid < 65534 theoretically, but $3 isn't escaped -> doesn't work
for i in $(awk -F: 'if(( >= 1000)&&( <65534)) print $1' /etc/passwd);do
 # set password to expire after 60 days, warning after 50 days
 chage -m 0 -M 60 -W 10 $i
done


The second function installs logrotate and creates a config file for it.






share|improve this answer










New contributor




FliegendeWurst is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.










The script contains two function definitions. The first function, bacon.config.ubuntu.chage, creates a script at /etc/cron.daily/userchage (comments added by me):



#!/bin/bash
# loop through users with uid >= 1000 and uid < 65534 theoretically, but $3 isn't escaped -> doesn't work
for i in $(awk -F: 'if(( >= 1000)&&( <65534)) print $1' /etc/passwd);do
 # set password to expire after 60 days, warning after 50 days
 chage -m 0 -M 60 -W 10 $i
done


The second function installs logrotate and creates a config file for it.







share|improve this answer










New contributor




FliegendeWurst is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









share|improve this answer



share|improve this answer








edited 10 hours ago





















New contributor




FliegendeWurst is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









answered 11 hours ago









FliegendeWurstFliegendeWurst

11310




11310




New contributor




FliegendeWurst is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.





New contributor





FliegendeWurst is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.






FliegendeWurst is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.












  • Awesome those comments help a lot. is there a reason for inserting a script at /etc/chron.daily/userchage rather than just executing the for loop you put here? I am unfamiliar with userchage file's function

    – Brendan77222
    10 hours ago






  • 1





    Yes, any scripts in /etc/cron.daily/ will be executed once per day.

    – FliegendeWurst
    10 hours ago











  • Awesome, thank you for the confirmation on what I suspected. Awesome help.

    – Brendan77222
    10 hours ago

















  • Awesome those comments help a lot. is there a reason for inserting a script at /etc/chron.daily/userchage rather than just executing the for loop you put here? I am unfamiliar with userchage file's function

    – Brendan77222
    10 hours ago






  • 1





    Yes, any scripts in /etc/cron.daily/ will be executed once per day.

    – FliegendeWurst
    10 hours ago











  • Awesome, thank you for the confirmation on what I suspected. Awesome help.

    – Brendan77222
    10 hours ago
















Awesome those comments help a lot. is there a reason for inserting a script at /etc/chron.daily/userchage rather than just executing the for loop you put here? I am unfamiliar with userchage file's function

– Brendan77222
10 hours ago





Awesome those comments help a lot. is there a reason for inserting a script at /etc/chron.daily/userchage rather than just executing the for loop you put here? I am unfamiliar with userchage file's function

– Brendan77222
10 hours ago




1




1





Yes, any scripts in /etc/cron.daily/ will be executed once per day.

– FliegendeWurst
10 hours ago





Yes, any scripts in /etc/cron.daily/ will be executed once per day.

– FliegendeWurst
10 hours ago













Awesome, thank you for the confirmation on what I suspected. Awesome help.

– Brendan77222
10 hours ago





Awesome, thank you for the confirmation on what I suspected. Awesome help.

– Brendan77222
10 hours ago











2














The chage program changes the password expiry for all users. That is, it only lets them keep their current password for at most 60 days. It is run daily. The minimum duration of 0 is questionable as of https://security.stackexchange.com/questions/78758/what-is-the-purpose-of-the-password-minimum-age-setting. Maybe ask on https://security.stackexchange.com if this is really recommended.



Why logrotate should improve security is a bit above me.






share|improve this answer


















  • 1





    Oh, we definitely want a minimum password age of 24 hours. I assume that is the -m flag? I can read the man page as well, just was confused on why it used a check for a script. But I now feel from your comment it does that to ensure this is checked daily rather than a one time thing.

    – Brendan77222
    10 hours ago






  • 1





    Exactly. And -m seems correct. If you can read the man pages, you can see man cron for the cron.daily folder.

    – serv-inc
    7 hours ago
















2














The chage program changes the password expiry for all users. That is, it only lets them keep their current password for at most 60 days. It is run daily. The minimum duration of 0 is questionable as of https://security.stackexchange.com/questions/78758/what-is-the-purpose-of-the-password-minimum-age-setting. Maybe ask on https://security.stackexchange.com if this is really recommended.



Why logrotate should improve security is a bit above me.






share|improve this answer


















  • 1





    Oh, we definitely want a minimum password age of 24 hours. I assume that is the -m flag? I can read the man page as well, just was confused on why it used a check for a script. But I now feel from your comment it does that to ensure this is checked daily rather than a one time thing.

    – Brendan77222
    10 hours ago






  • 1





    Exactly. And -m seems correct. If you can read the man pages, you can see man cron for the cron.daily folder.

    – serv-inc
    7 hours ago














2












2








2







The chage program changes the password expiry for all users. That is, it only lets them keep their current password for at most 60 days. It is run daily. The minimum duration of 0 is questionable as of https://security.stackexchange.com/questions/78758/what-is-the-purpose-of-the-password-minimum-age-setting. Maybe ask on https://security.stackexchange.com if this is really recommended.



Why logrotate should improve security is a bit above me.






share|improve this answer













The chage program changes the password expiry for all users. That is, it only lets them keep their current password for at most 60 days. It is run daily. The minimum duration of 0 is questionable as of https://security.stackexchange.com/questions/78758/what-is-the-purpose-of-the-password-minimum-age-setting. Maybe ask on https://security.stackexchange.com if this is really recommended.



Why logrotate should improve security is a bit above me.







share|improve this answer












share|improve this answer



share|improve this answer










answered 10 hours ago









serv-incserv-inc

1,7211521




1,7211521







  • 1





    Oh, we definitely want a minimum password age of 24 hours. I assume that is the -m flag? I can read the man page as well, just was confused on why it used a check for a script. But I now feel from your comment it does that to ensure this is checked daily rather than a one time thing.

    – Brendan77222
    10 hours ago






  • 1





    Exactly. And -m seems correct. If you can read the man pages, you can see man cron for the cron.daily folder.

    – serv-inc
    7 hours ago













  • 1





    Oh, we definitely want a minimum password age of 24 hours. I assume that is the -m flag? I can read the man page as well, just was confused on why it used a check for a script. But I now feel from your comment it does that to ensure this is checked daily rather than a one time thing.

    – Brendan77222
    10 hours ago






  • 1





    Exactly. And -m seems correct. If you can read the man pages, you can see man cron for the cron.daily folder.

    – serv-inc
    7 hours ago








1




1





Oh, we definitely want a minimum password age of 24 hours. I assume that is the -m flag? I can read the man page as well, just was confused on why it used a check for a script. But I now feel from your comment it does that to ensure this is checked daily rather than a one time thing.

– Brendan77222
10 hours ago





Oh, we definitely want a minimum password age of 24 hours. I assume that is the -m flag? I can read the man page as well, just was confused on why it used a check for a script. But I now feel from your comment it does that to ensure this is checked daily rather than a one time thing.

– Brendan77222
10 hours ago




1




1





Exactly. And -m seems correct. If you can read the man pages, you can see man cron for the cron.daily folder.

– serv-inc
7 hours ago






Exactly. And -m seems correct. If you can read the man pages, you can see man cron for the cron.daily folder.

– serv-inc
7 hours ago











Brendan77222 is a new contributor. Be nice, and check out our Code of Conduct.









draft saved

draft discarded


















Brendan77222 is a new contributor. Be nice, and check out our Code of Conduct.












Brendan77222 is a new contributor. Be nice, and check out our Code of Conduct.











Brendan77222 is a new contributor. Be nice, and check out our Code of Conduct.














Thanks for contributing an answer to Ask Ubuntu!


  • Please be sure to answer the question. Provide details and share your research!

But avoid


  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.

To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1138035%2funknown-code-in-script%23new-answer', 'question_page');

);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







-

Popular posts from this blog

Magento 2 - Add success message with knockout Planned maintenance scheduled April 23, 2019 at 23:30 UTC (7:30pm US/Eastern) Announcing the arrival of Valued Associate #679: Cesar Manara Unicorn Meta Zoo #1: Why another podcast?Success / Error message on ajax request$.widget is not a function when loading a homepage after add custom jQuery on custom themeHow can bind jQuery to current document in Magento 2 When template load by ajaxRedirect page using plugin in Magento 2Magento 2 - Update quantity and totals of cart page without page reload?Magento 2: Quote data not loaded on knockout checkoutMagento 2 : I need to change add to cart success message after adding product into cart through pluginMagento 2.2.5 How to add additional products to cart from new checkout step?Magento 2 Add error/success message with knockoutCan't validate Post Code on checkout page

Image
What were wait-states, and why was it only an issue for PCs? “Since the train was delayed for more than an hour, passengers were given a full refund.” – Why is there no article before “passengers”? Will I be more secure with my own router behind my ISP's router? Short story about an alien named Ushtu(?) coming from a future Earth, when ours was destroyed by a nuclear explosion When does Bran Stark remember Jamie pushing him? How to charge percentage of transaction cost? Pointing to problems without suggesting solutions false 'Security alert' from Google - every login generates mails from 'no-reply@accounts.google.com' Why doesn't the university give past final exams' answers? Like totally amazing interchangeable sister outfit accessory swapping or whatever Does traveling In The United States require a passport or can I use my green card if not a US citizen? Who's this lady in the war room? Who can become a wight? "Destructi
Read more

Fil:Tokke komm.svg

Image
Skildring Skildring Tokke komm.svg Norsk nynorsk: Våpen for Tokke kommune i Telemark fylke, godkjent ved kongeleg resolusjon 6. februar 1987. Motiv: På gull grunn ein gåande svart bjørn. [1] Tokke ligg i eit gamalt bjørneområde og bjørnen er eit viktig innslag i fleire lokale historier. Bjørnen kan òg symbolisere naturen og dyrelivet i kommunen. English: Coat of arms of the Norwegian municipality of Tokke, Telemark. Dato 6. februar 1987 Kjelde Original by Stein Davidsen, based upon image from caplex.no. Opphavsperson Eige arbeid Vektorgrafikken vart laga med Inkscape. Løyve (Gjenbruk av denne fila) Public domain Public domain false false This official Norwegian coat of arms is ineligible for copyright, but its usage is restricted according to Norwegian penal law, independent of the copyright status of the depiction shown here. Dette biletet er sett saman av eit flagg, eit våpen, eit sigill eller eit anna offisielt insignium . Bruken av slike symbol er avgrensa i fleire land. Desse r
Read more

Where did Arya get these scars? Unicorn Meta Zoo #1: Why another podcast? Announcing the arrival of Valued Associate #679: Cesar Manara Favourite questions and answers from the 1st quarter of 2019Why did Arya refuse to end it?Has the pronunciation of Arya Stark's name changed?Has Arya forgiven people?Why did Arya Stark lose her vision?Why can Arya still use the faces?Has the Narrow Sea become narrower?Does Arya Stark know how to make poisons outside of the House of Black and White?Why did Nymeria leave Arya?Why did Arya not kill the Lannister soldiers she encountered in the Riverlands?What is the current canonical age of Sansa, Bran and Arya Stark?

Image
How to translate "red flag" into Spanish? France's Public Holidays' Puzzle How did Elite on the NES work? Where can I find how to tex symbols for different fonts? In search of the origins of term censor, I hit a dead end stuck with the greek term, to censor, λογοκρίνω How to check if string is entirely made of same substring? What's called a person who works as someone who puts products on shelves in stores? What helicopter has the most rotor blades? Did war bonds have better investment alternatives during WWII? Page Layouts : 1 column , 2 columns-left , 2 columns-right , 3 column Marquee sign letters Why did Israel vote against lifting the American embargo on Cuba? What *exactly* is electrical current, voltage, and resistance? Mechanism of the formation of peracetic acid Does Prince Arnaud cause someone holding the Princess to lose? Bright yellow or light yellow? What is /etc/mtab in Linux? What is the ongoing value of the Kanban
Read more