# Program: acc_state.sh # Author : Pablo Arnaldi # O.S. : HP-UX 10.20/11.00 with C2 Trusted System enabled. # # How to know, how many and what users accounts are disabled in # my trusted system? # # This script generates into the "$LOGFILE" file the state of # each user account in your system. # The values for "state" are "Ok!"(enabled) # or "DISABLED". This only works over HP-UX with # Trusted system due the use of the command "getprpw". # The output of this command is a 7 digit number. When this # number is not equal to 0000000 means this account is disabled. # Run this script at your own risk! # # # Remember to write the complete path at the begininng of the # "LOGFILE" variable definition, if you want to put the log file # in another place than the default one. # # # BUGS: Special users such as daemon, bin, sys, uucp etc... # are displayed as "DISABLED" due the return value not equal # to zero. # I'm working on it :) # # # C'ya! # # Of course, use at your own risk. SYSNAME=`uname -n` MONTH=`date | cut -c 5-7` DAY=`date | cut -c 9-10` YEAR=`date | cut -c 25-28` UNAME=`uname -nrs` DATE=`date` TMPFILE=temp.txt LIST=`cat /etc/passwd | cut -f1 -d :` WHO=`id -u` TOTAL=`cat /etc/passwd | wc -l` LOGFILE=acc_state.$SYSNAME-$DAY-$MONTH-$YEAR.log func_line_num () { NL=0 /sbin/cat $1 | while read A do let NL=NL+1 if [ NL -eq $2 ]; then DETAIL=$A if [ "$DETAIL" = "" ] then DETAIL=None fi export DETAIL fi done; } if [ "$WHO" -eq 0 ] then # Due /tcb directory exists only in a trusted system if [ -d /tcb ] then > $LOGFILE x=1 clear cat /etc/passwd | cut -f5 -d : | cut -f1 -d , > $TMPFILE count=0 dis=0 ena=0 echo "**************************************" >> $LOGFILE echo " USER ACCOUNTS STATES " >> $LOGFILE echo " $DATE " >> $LOGFILE echo " $UNAME " >> $LOGFILE echo "**************************************" >> $LOGFILE echo " " >> $LOGFILE echo "--------------------------------------" >> $LOGFILE echo " You can find a summary at the bottom " >> $LOGFILE echo " of this file. " >> $LOGFILE echo "--------------------------------------" >> $LOGFILE echo " " >> $LOGFILE echo "======================================" >> $LOGFILE for i in $LIST do let count=count+1 USER=$i echo "Querying for $USER" echo $count >> $LOGFILE echo "User: $USER" >> $LOGFILE func_line_num $TMPFILE $count echo "Comment: $DETAIL" >> $LOGFILE NUM=`/usr/lbin/getprpw -r -m lockout $USER` if [ $NUM != 0000000 ] then echo "State: D I S A B L E D" >> $LOGFILE let dis=dis+1 else echo "State: Ok!" >> $LOGFILE let ena=ena+1 fi echo "======================================" >> $LOGFILE done echo " " echo "D O N E ! ! " echo " " echo "***************************************************" echo "The output file is $LOGFILE " echo "***************************************************" echo " " echo " " # $LOGFILE tale echo " " >> $LOGFILE echo " " >> $LOGFILE echo " " >> $LOGFILE echo "######################################" >> $LOGFILE echo " S U M M A R Y " >> $LOGFILE echo "######################################" >> $LOGFILE echo " " >> $LOGFILE echo "* $TOTAL users in /etc/passwd file " >> $LOGFILE echo " " >> $LOGFILE echo "* $ena users are in ENABLED state " >> $LOGFILE echo " " >> $LOGFILE echo "* $dis users are in DISABLED state " >> $LOGFILE echo " " >> $LOGFILE echo "######################################" >> $LOGFILE else clear echo "ERROR: This system is not Trusted System, please convert it before run this script. I warned you!" echo "Press ENTER to exit" read aa fi else clear echo "ERROR: You must run this script only being root" echo "Press Enter to exit" read aa fi if [ -f "$TMPFILE" ] then rm $TMPFILE fi chmod 700 $LOGFILE unset LIST unset TOTAL unset LOGFILE unset USER unset TMPFILE unset DETAIL