1 |
apollock |
40 |
#!/bin/bash |
2 |
apollock |
41 |
# |
3 |
|
|
# Script to find users with a valid shell (and if run as root, an unlocked |
4 |
|
|
# account). Outputs a colon separated user:shell so it can be further grepped |
5 |
|
|
# for shells you don't care about (e.g. scponly) |
6 |
|
|
# |
7 |
|
|
# Copyright (c) 2008 Andrew Pollock <me@andrew.net.au> |
8 |
|
|
# |
9 |
|
|
# Copying permitted under the terms of the GNU GPL v2 |
10 |
|
|
# |
11 |
apollock |
40 |
|
12 |
|
|
for entry in $(getent passwd | cut -d: -f1,7 | grep -v -E "^(sash)?root:") |
13 |
|
|
do |
14 |
|
|
shell=$(echo $entry | cut -d: -f2) |
15 |
|
|
if grep -q $shell /etc/shells; then |
16 |
|
|
user=$(echo $entry | cut -d: -f1) |
17 |
|
|
if [ $UID -eq 0 ]; then |
18 |
|
|
case "$(getent shadow $user | cut -d: -f2)" in |
19 |
|
|
"x"|"*"|"!"|"!"*) |
20 |
|
|
;; |
21 |
|
|
|
22 |
|
|
*) |
23 |
|
|
echo $entry |
24 |
|
|
;; |
25 |
|
|
esac |
26 |
|
|
else |
27 |
|
|
echo $entry |
28 |
|
|
fi |
29 |
|
|
fi |
30 |
|
|
done |