Linux 普通用户自动修改密码

在大量服务器运维中,维护服务器账号就让人头痛，对账号密码策略要求,现写了一个shell脚本来完成账号密码的修改，当然这个不是最好的方法，只是在没有其它辅助服务时使用,最好还是使用账户统一管理服务来维护.

 1 #!/bin/bash
 2 #
 3 #change passwd
 4 #function passwd user
 5 function remote_spawn()
 6 {
 7 /usr/bin/expect << EOF
 8 set timeout 3
 9 spawn ssh  -o "StrictHostKeyChecking no" $USER_NAME@$IP "passwd"
10 expect "*UNIX password:"
11 send "$PATROL\r"
12 set timout 10
13 expect {
14     "*$" {send "exit 1\r"}
15     "New password:" {send "$PASSWD\r";expect "Retype new password"; send "$PASSWD\r";expect eof}
16 }
17 EOF
18 }
19 
20 function local_spawn()
21 {
22 /usr/bin/expect << EOF
23 set timeout 3
24 spawn passwd
25 expect "*UNIX password:"
26 send "$PATROL\r"
27 set timout 10
28 expect {
29     "*$" {send "exit 1\r"}
30     "New password:" {send "$PASSWD\r";expect "Retype new password"; send "$PASSWD\r";expect eof}
31 }
32 EOF
33 }
34 
35 PATROL="U2WNxrnxGsg="
36 USER_NAME='dongjia'
37 IP='127.0.0.1'
38 SIZE=`cat /etc/pam.d/system-auth |grep -v ^[[:space:]]*# |grep -o remember=[0-9]* |grep -o -m1 [0-9]*`
39 LEN=`expr $SIZE + 1`
40 echo "remeber is $SIZE"
41 #change patrol passwd 
42 
43 #system version 
44 if [ `uname -r` == '3.10.0-123.el7.x86_64' ] 
45 then
46     echo "----------system version redhat server 7----------"
47 else
48     echo "----------system version no redhat server 7-------"
49     exit 1
50 fi
51 
52 if [ $LEN -eq 1 ];then
53     LEN=`expr $LEN + 1` 
54 fi
55 #user passwd change count
56 for i in $(seq 1 $LEN)
57 do
58     if [ $i -eq $LEN ]
59     then
60         echo "----------------------------------------------"
61         echo "passwd restore acton"
62         PASSWD="U2WNxrnxGsg="
63         local_spawn > passwd.log
64         grep "Authentication token manipulation error" passwd.log
65                 SULT=$?
66                 if [ $SULT -eq 0 ]
67                 then
68                         echo "passwd change error log"
69                         exit 1
70         fi
71     else
72         echo "----------------------------------------------"
73         echo $i
74         PASSWD=`openssl rand -base64 8`
75         echo $PASSWD
76         local_spawn > passwd.log
77         grep "Authentication token manipulation error" passwd.log
78         SULT=$?
79         if [ $SULT -eq 0 ]
80         then
81             echo "passwd change error log"
82             exit 1
83         fi
84     fi
85     PATROL=$PASSWD
86 done

posted on 2019-01-15 19:23 浊酒三杯阅读(2780) 评论(0) 编辑收藏举报