Home | History | Annotate | Line # | Download | only in skey
skeyaudit.sh revision 1.2.12.1 
      1       1.1  deraadt #!/bin/sh
      2       1.2  thorpej #
      3  1.2.12.1      mjl #	$NetBSD: skeyaudit.sh,v 1.2.12.1 2000/07/17 19:55:54 mjl Exp $
      4       1.2  thorpej #
      5       1.1  deraadt # This script will look thru the skeykeys file for
      6  1.2.12.1      mjl # people with sequence numbers less than LOWLIMIT=12
      7       1.1  deraadt # and send them an e-mail reminder to use skeyinit soon
      8       1.1  deraadt # 
      9       1.1  deraadt 
     10       1.1  deraadt AWK=/usr/bin/awk
     11       1.1  deraadt GREP=/usr/bin/grep
     12       1.1  deraadt ECHO=/bin/echo
     13       1.1  deraadt KEYDB=/etc/skeykeys
     14       1.1  deraadt LOWLIMIT=12
     15       1.1  deraadt ADMIN=root
     16       1.1  deraadt SUBJECT="Reminder: Run skeyinit"
     17       1.1  deraadt HOST=`/bin/hostname`
     18       1.1  deraadt 
     19       1.1  deraadt 
     20       1.1  deraadt if [ "$1" != "" ]
     21       1.1  deraadt then
     22       1.1  deraadt  LOWLIMIT=$1
     23       1.1  deraadt fi
     24       1.1  deraadt 
     25       1.1  deraadt 
     26       1.1  deraadt # an skeykeys entry looks like
     27       1.1  deraadt #   jsw 0076 la13079          ba20a75528de9d3a
     28  1.2.12.1      mjl #   #oot md5 0005 aspa26398        9432d570ff4421f0  Jul 07,2000 01:36:43
     29  1.2.12.1      mjl #   mjl sha1 0099 alpha2           459a5dac23d20a90  Jul 07,2000 02:14:17
     30  1.2.12.1      mjl # the sequence number is the second (or third) entry
     31       1.1  deraadt #
     32       1.1  deraadt 
     33  1.2.12.1      mjl SKEYS=`$AWK '/^#/ {next} {if($2 ~ /^[0-9]+$/) print $1,$2,$3; else print $1,$3,$4; }' $KEYDB`
     34  1.2.12.1      mjl 
     35  1.2.12.1      mjl set -- ${SKEYS}
     36  1.2.12.1      mjl 
     37  1.2.12.1      mjl while [ "X$1" != "X" ]; do
     38  1.2.12.1      mjl   USER=$1
     39  1.2.12.1      mjl   SEQ=$2
     40  1.2.12.1      mjl   KEY=$3
     41  1.2.12.1      mjl   shift 3
     42  1.2.12.1      mjl echo "$USER -- $SEQ -- $KEY"
     43  1.2.12.1      mjl   if [ $SEQ -lt $LOWLIMIT ]; then
     44  1.2.12.1      mjl     if [ $SEQ -lt  3 ]; then
     45  1.2.12.1      mjl       SUBJECT="IMPORTANT action required"
     46  1.2.12.1      mjl     fi
     47  1.2.12.1      mjl     (
     48  1.2.12.1      mjl     $ECHO "You are nearing the end of your current S/Key sequence for account $i"
     49  1.2.12.1      mjl     $ECHO "on system $HOST."
     50  1.2.12.1      mjl     $ECHO ""
     51  1.2.12.1      mjl     $ECHO "Your S/key sequence number is now $SEQ.  When it reaches zero you"
     52  1.2.12.1      mjl     $ECHO "will no longer be able to use S/Key to login into the system.  "
     53  1.2.12.1      mjl     $ECHO " "
     54  1.2.12.1      mjl     $ECHO "Use \"skeyinit -s\" to reinitialize your sequence number."
     55  1.2.12.1      mjl     $ECHO ""
     56  1.2.12.1      mjl     ) | /usr/bin/Mail -s "$SUBJECT"  $USER $ADMIN
     57       1.1  deraadt   fi
     58       1.1  deraadt done
     59