1 |
#!/bin/bash |
2 |
# |
3 |
# Script to find users with a valid shell (and if run as root, an unlocked |
4 |
# account). Outputs a colon separated user:shell so it can be further grepped |
5 |
# for shells you don't care about (e.g. scponly) |
6 |
# |
7 |
# Copyright (c) 2008 Andrew Pollock <me@andrew.net.au> |
8 |
# |
9 |
# Copying permitted under the terms of the GNU GPL v2 |
10 |
# |
11 |
|
12 |
for entry in $(getent passwd | cut -d: -f1,7 | grep -v -E "^(sash)?root:") |
13 |
do |
14 |
shell=$(echo $entry | cut -d: -f2) |
15 |
if [ "$shell" == "" ]; then |
16 |
continue |
17 |
fi |
18 |
if grep -q $shell /etc/shells; then |
19 |
user=$(echo $entry | cut -d: -f1) |
20 |
if [ $UID -eq 0 ]; then |
21 |
case "$(getent shadow $user | cut -d: -f2)" in |
22 |
"x"|"*"|"!"|"!"*) |
23 |
;; |
24 |
|
25 |
*) |
26 |
echo $entry |
27 |
;; |
28 |
esac |
29 |
else |
30 |
echo $entry |
31 |
fi |
32 |
fi |
33 |
done |