Shadow File Problems

In this example, we report shadow file problems.

The ShadowFileProblems script might send an alert message like the following:

                                PIKT ALERT
                         Tue Nov 25 11:53:05 2003
                                  kiev2

URGENT:
    ShadowFileProblems
        Report /etc/shadow file problems

        User smetana has NO PASSWORD!

The script follows.

ShadowFileProblems

        init
                status =piktstatus
                level =piktlevel
                task "Report /etc/shadow file problems"
                input file "=shadow"
                seps ":"
                dat $username [1]
                dat $password [2]
                keys $username

        begin
                set #crisis = #false()
#ifdef page
                set $pagemsg = "$hostname() urgent shadow problem (see alert email)"
#endifdef

        rule
                if #length($password) == 0
                        output mail "User $username has NO PASSWORD!"
                        output syslog "User $username has NO PASSWORD!"
                        if $username eq "root"
                                set #crisis = #true()
                        endif
                endif

#  ifdef page
        end
                if #crisis
#    if missioncritical
                        =page($pagemsg, =pagesysadmins, =allhours(#now()))
#    else
                        =page($pagemsg, =pagesysadmins, ! =offhours(#now()))
#    endif
                endif
#  endifdef

This is just one program example.  You could add rules, or write new scripts, for example to report:  frozen (starred out) accounts, password changes for certain key accounts, missing fields, malformed lines, violations of expiration rules, etc.

For more examples, see Samples.