Unknown code in script





.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ margin-bottom:0;
}







3















I found some code in a script given to me by another person as a resource for lockdown/hardening of Ubuntu 16.04 for a project I am doing.



I have no idea what it does and do no want to run it if I can't identify the change it would make, is anyone aware of what it does or changes? Only code without a brief explanation comment, and it happens to be the only thing I do not know. Also, second function is identifiable by function but I don't understand the purpose or specifics.



function bacon.config.ubuntu.chage() {

CHAGE_SCRIPT='/etc/cron.daily/userchage'

if [ ! -e $CHAGE_SCRIPT ]; then

printf "#%c/bin/bash nfor i in $(awk -F: '{if(($3 >= 1000)&&($3 <65534)) print $1}' /etc/passwd); do nchage -m 0 -M 60 -W 10 $i ndone n" ! > $CHAGE_SCRIPT

    chmod +x $CHAGE_SCRIPT

fi

}



function bacon.config.ubuntu.log.rotate() {

  echo "bacon.config.ubuntu.log.rotate: [INFO] Installing logrotate..."



  sudo apt-get install logrotate 1>/dev/null



  echo "bacon.config.ubuntu.log.rotate: [INFO] Configuring logrotate..."

  sed 's/rotate 4/rotate 60/' /etc/logrotate.conf > /etc/logrotate.conf.new

  mv /etc/logrotate.conf.new /etc/logrotate.conf

  sed 's/rotate 1/rotate 60/' /etc/logrotate.conf > /etc/logrotate.conf.new

  mv /etc/logrotate.conf.new /etc/log.rotate.conf

  sed 's/rotate 7/rotate 1825/' /etc/logrotate.d/rsyslog > /etc/logrotate.d/rsyslog.new

  mv /etc/logrotate.d/rsyslog.new /etc/logrotate.d/rsyslog

}


Any help identifying these would be amazing.






bash scripts







share|improve this question









New contributor




Brendan77222 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
















  • 1





    I would ask the person who gave me the code what it does.

    – WinEunuuchs2Unix
    6 hours ago











  • @WinEunuuchs2Unix Normally I would as well, but they are away from the office for a while due to personal circumstances. Trust me, I know how much easier that would be. :)

    – Brendan77222
    6 hours ago


















3















I found some code in a script given to me by another person as a resource for lockdown/hardening of Ubuntu 16.04 for a project I am doing.



I have no idea what it does and do no want to run it if I can't identify the change it would make, is anyone aware of what it does or changes? Only code without a brief explanation comment, and it happens to be the only thing I do not know. Also, second function is identifiable by function but I don't understand the purpose or specifics.



function bacon.config.ubuntu.chage() {

CHAGE_SCRIPT='/etc/cron.daily/userchage'

if [ ! -e $CHAGE_SCRIPT ]; then

printf "#%c/bin/bash nfor i in $(awk -F: '{if(($3 >= 1000)&&($3 <65534)) print $1}' /etc/passwd); do nchage -m 0 -M 60 -W 10 $i ndone n" ! > $CHAGE_SCRIPT

    chmod +x $CHAGE_SCRIPT

fi

}



function bacon.config.ubuntu.log.rotate() {

  echo "bacon.config.ubuntu.log.rotate: [INFO] Installing logrotate..."



  sudo apt-get install logrotate 1>/dev/null



  echo "bacon.config.ubuntu.log.rotate: [INFO] Configuring logrotate..."

  sed 's/rotate 4/rotate 60/' /etc/logrotate.conf > /etc/logrotate.conf.new

  mv /etc/logrotate.conf.new /etc/logrotate.conf

  sed 's/rotate 1/rotate 60/' /etc/logrotate.conf > /etc/logrotate.conf.new

  mv /etc/logrotate.conf.new /etc/log.rotate.conf

  sed 's/rotate 7/rotate 1825/' /etc/logrotate.d/rsyslog > /etc/logrotate.d/rsyslog.new

  mv /etc/logrotate.d/rsyslog.new /etc/logrotate.d/rsyslog

}


Any help identifying these would be amazing.






bash scripts







share|improve this question









New contributor




Brendan77222 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
















  • 1





    I would ask the person who gave me the code what it does.

    – WinEunuuchs2Unix
    6 hours ago











  • @WinEunuuchs2Unix Normally I would as well, but they are away from the office for a while due to personal circumstances. Trust me, I know how much easier that would be. :)

    – Brendan77222
    6 hours ago














3












3








3








I found some code in a script given to me by another person as a resource for lockdown/hardening of Ubuntu 16.04 for a project I am doing.



I have no idea what it does and do no want to run it if I can't identify the change it would make, is anyone aware of what it does or changes? Only code without a brief explanation comment, and it happens to be the only thing I do not know. Also, second function is identifiable by function but I don't understand the purpose or specifics.



function bacon.config.ubuntu.chage() {

CHAGE_SCRIPT='/etc/cron.daily/userchage'

if [ ! -e $CHAGE_SCRIPT ]; then

printf "#%c/bin/bash nfor i in $(awk -F: '{if(($3 >= 1000)&&($3 <65534)) print $1}' /etc/passwd); do nchage -m 0 -M 60 -W 10 $i ndone n" ! > $CHAGE_SCRIPT

    chmod +x $CHAGE_SCRIPT

fi

}



function bacon.config.ubuntu.log.rotate() {

  echo "bacon.config.ubuntu.log.rotate: [INFO] Installing logrotate..."



  sudo apt-get install logrotate 1>/dev/null



  echo "bacon.config.ubuntu.log.rotate: [INFO] Configuring logrotate..."

  sed 's/rotate 4/rotate 60/' /etc/logrotate.conf > /etc/logrotate.conf.new

  mv /etc/logrotate.conf.new /etc/logrotate.conf

  sed 's/rotate 1/rotate 60/' /etc/logrotate.conf > /etc/logrotate.conf.new

  mv /etc/logrotate.conf.new /etc/log.rotate.conf

  sed 's/rotate 7/rotate 1825/' /etc/logrotate.d/rsyslog > /etc/logrotate.d/rsyslog.new

  mv /etc/logrotate.d/rsyslog.new /etc/logrotate.d/rsyslog

}


Any help identifying these would be amazing.






bash scripts







share|improve this question









New contributor




Brendan77222 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.












I found some code in a script given to me by another person as a resource for lockdown/hardening of Ubuntu 16.04 for a project I am doing.



I have no idea what it does and do no want to run it if I can't identify the change it would make, is anyone aware of what it does or changes? Only code without a brief explanation comment, and it happens to be the only thing I do not know. Also, second function is identifiable by function but I don't understand the purpose or specifics.



function bacon.config.ubuntu.chage() {

CHAGE_SCRIPT='/etc/cron.daily/userchage'

if [ ! -e $CHAGE_SCRIPT ]; then

printf "#%c/bin/bash nfor i in $(awk -F: '{if(($3 >= 1000)&&($3 <65534)) print $1}' /etc/passwd); do nchage -m 0 -M 60 -W 10 $i ndone n" ! > $CHAGE_SCRIPT

    chmod +x $CHAGE_SCRIPT

fi

}



function bacon.config.ubuntu.log.rotate() {

  echo "bacon.config.ubuntu.log.rotate: [INFO] Installing logrotate..."



  sudo apt-get install logrotate 1>/dev/null



  echo "bacon.config.ubuntu.log.rotate: [INFO] Configuring logrotate..."

  sed 's/rotate 4/rotate 60/' /etc/logrotate.conf > /etc/logrotate.conf.new

  mv /etc/logrotate.conf.new /etc/logrotate.conf

  sed 's/rotate 1/rotate 60/' /etc/logrotate.conf > /etc/logrotate.conf.new

  mv /etc/logrotate.conf.new /etc/log.rotate.conf

  sed 's/rotate 7/rotate 1825/' /etc/logrotate.d/rsyslog > /etc/logrotate.d/rsyslog.new

  mv /etc/logrotate.d/rsyslog.new /etc/logrotate.d/rsyslog

}


Any help identifying these would be amazing.






bash scripts




bash scripts






share|improve this question









New contributor




Brendan77222 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.











share|improve this question









New contributor




Brendan77222 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









share|improve this question




share|improve this question








edited 4 hours ago









serv-inc

1,7211521




1,7211521






New contributor




Brendan77222 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









asked 6 hours ago









Brendan77222Brendan77222

165




165




New contributor




Brendan77222 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.





New contributor





Brendan77222 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.






Brendan77222 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.








  • 1





    I would ask the person who gave me the code what it does.

    – WinEunuuchs2Unix
    6 hours ago











  • @WinEunuuchs2Unix Normally I would as well, but they are away from the office for a while due to personal circumstances. Trust me, I know how much easier that would be. :)

    – Brendan77222
    6 hours ago














  • 1





    I would ask the person who gave me the code what it does.

    – WinEunuuchs2Unix
    6 hours ago











  • @WinEunuuchs2Unix Normally I would as well, but they are away from the office for a while due to personal circumstances. Trust me, I know how much easier that would be. :)

    – Brendan77222
    6 hours ago








1




1





I would ask the person who gave me the code what it does.

– WinEunuuchs2Unix
6 hours ago





I would ask the person who gave me the code what it does.

– WinEunuuchs2Unix
6 hours ago













@WinEunuuchs2Unix Normally I would as well, but they are away from the office for a while due to personal circumstances. Trust me, I know how much easier that would be. :)

– Brendan77222
6 hours ago





@WinEunuuchs2Unix Normally I would as well, but they are away from the office for a while due to personal circumstances. Trust me, I know how much easier that would be. :)

– Brendan77222
6 hours ago










3 Answers
3






active

oldest

votes


















4














The first function checks whether file $CHAGE_SCRIPT exists, and if not attempts to create it with a printf statement. You can see what this statement does by running it in a terminal:



$ printf "#%c/bin/bash nfor i in $(awk -F: '{if(($3 >= 1000)&&($3 <65534)) print $1}' /etc/passwd); do nchage -m 0 -M 60 -W 10 $i ndone n" !

#!/bin/bash 

for i in $(awk -F: '{if(( >= 1000)&&( <65534)) print $1}' /etc/passwd); do 

chage -m 0 -M 60 -W 10 $i 

done


You will notice that instances of $3 evaluate empty because (unlike $1) they are not protected from expansion by the shell. The use of %c to insert the ! in #!/bin/bash suggests the original author doesn't really understand how bash's history expansion works.



IMHO it would be simpler and clearer to use a here-document:



function bacon.config.ubuntu.chage() {

CHAGE_SCRIPT='/etc/cron.daily/userchage'

if [ ! -e "$CHAGE_SCRIPT" ]; then

    cat << 'EOF' > "$CHAGE_SCRIPT"

#!/bin/bash 

for i in $(awk -F: '{if(($3 >= 1000)&&($3 <65534)) print $1}' /etc/passwd); do 

chage -m 0 -M 60 -W 10 $i 

done

EOF

    chmod +x "$CHAGE_SCRIPT"

fi

}


The operation of the second function should be pretty obvious - it could be simplified by combining all the sed commands so that the file is only written / moved once.






share|improve this answer
























  • If the $3 evaluates empty, is there a reason to include it? If I wanted something to complete the same task, without useless portions included how much would I need to change it?

    – Brendan77222
    4 hours ago











  • @Brendan77222 I'm assuming the empty evaluation of $3 was unintentional - since it would result in a syntax error from awk

    – steeldriver
    3 hours ago











  • would leaving it in or taking it out be something I need to be concerned with? Should I want it to function as intended at least.

    – Brendan77222
    38 mins ago



















3














The script contains two function definitions. The first function, bacon.config.ubuntu.chage, creates a script at /etc/cron.daily/userchage (comments added by me):



#!/bin/bash

# loop through users with uid >= 1000 and uid < 65534 theoretically, but $3 isn't escaped -> doesn't work

for i in $(awk -F: '{if(( >= 1000)&&( <65534)) print $1}' /etc/passwd);do

    # set password to expire after 60 days, warning after 50 days

    chage -m 0 -M 60 -W 10 $i

done


The second function installs logrotate and creates a config file for it.






share|improve this answer










New contributor




FliegendeWurst is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.





















  • Awesome those comments help a lot. is there a reason for inserting a script at /etc/chron.daily/userchage rather than just executing the for loop you put here? I am unfamiliar with userchage file's function

    – Brendan77222
    5 hours ago






  • 1





    Yes, any scripts in /etc/cron.daily/ will be executed once per day.

    – FliegendeWurst
    5 hours ago











  • Awesome, thank you for the confirmation on what I suspected. Awesome help.

    – Brendan77222
    5 hours ago



















2














The chage program changes the password expiry for all users. That is, it only lets them keep their current password for at most 60 days. It is run daily. The minimum duration of 0 is questionable as of https://security.stackexchange.com/questions/78758/what-is-the-purpose-of-the-password-minimum-age-setting. Maybe ask on https://security.stackexchange.com if this is really recommended.



Why logrotate should improve security is a bit above me.






share|improve this answer



















  • 1





    Oh, we definitely want a minimum password age of 24 hours. I assume that is the -m flag? I can read the man page as well, just was confused on why it used a check for a script. But I now feel from your comment it does that to ensure this is checked daily rather than a one time thing.

    – Brendan77222
    5 hours ago






  • 1





    Exactly. And -m seems correct. If you can read the man pages, you can see man cron for the cron.daily folder.

    – serv-inc
    1 hour ago














Your Answer








StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "89"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});






Brendan77222 is a new contributor. Be nice, and check out our Code of Conduct.










draft saved

draft discarded


















StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1138035%2funknown-code-in-script%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown

























3 Answers
3






active

oldest

votes








3 Answers
3






active

oldest

votes









active

oldest

votes






active

oldest

votes









4














The first function checks whether file $CHAGE_SCRIPT exists, and if not attempts to create it with a printf statement. You can see what this statement does by running it in a terminal:



$ printf "#%c/bin/bash nfor i in $(awk -F: '{if(($3 >= 1000)&&($3 <65534)) print $1}' /etc/passwd); do nchage -m 0 -M 60 -W 10 $i ndone n" !

#!/bin/bash 

for i in $(awk -F: '{if(( >= 1000)&&( <65534)) print $1}' /etc/passwd); do 

chage -m 0 -M 60 -W 10 $i 

done


You will notice that instances of $3 evaluate empty because (unlike $1) they are not protected from expansion by the shell. The use of %c to insert the ! in #!/bin/bash suggests the original author doesn't really understand how bash's history expansion works.



IMHO it would be simpler and clearer to use a here-document:



function bacon.config.ubuntu.chage() {

CHAGE_SCRIPT='/etc/cron.daily/userchage'

if [ ! -e "$CHAGE_SCRIPT" ]; then

    cat << 'EOF' > "$CHAGE_SCRIPT"

#!/bin/bash 

for i in $(awk -F: '{if(($3 >= 1000)&&($3 <65534)) print $1}' /etc/passwd); do 

chage -m 0 -M 60 -W 10 $i 

done

EOF

    chmod +x "$CHAGE_SCRIPT"

fi

}


The operation of the second function should be pretty obvious - it could be simplified by combining all the sed commands so that the file is only written / moved once.






share|improve this answer
























  • If the $3 evaluates empty, is there a reason to include it? If I wanted something to complete the same task, without useless portions included how much would I need to change it?

    – Brendan77222
    4 hours ago











  • @Brendan77222 I'm assuming the empty evaluation of $3 was unintentional - since it would result in a syntax error from awk

    – steeldriver
    3 hours ago











  • would leaving it in or taking it out be something I need to be concerned with? Should I want it to function as intended at least.

    – Brendan77222
    38 mins ago
















4














The first function checks whether file $CHAGE_SCRIPT exists, and if not attempts to create it with a printf statement. You can see what this statement does by running it in a terminal:



$ printf "#%c/bin/bash nfor i in $(awk -F: '{if(($3 >= 1000)&&($3 <65534)) print $1}' /etc/passwd); do nchage -m 0 -M 60 -W 10 $i ndone n" !

#!/bin/bash 

for i in $(awk -F: '{if(( >= 1000)&&( <65534)) print $1}' /etc/passwd); do 

chage -m 0 -M 60 -W 10 $i 

done


You will notice that instances of $3 evaluate empty because (unlike $1) they are not protected from expansion by the shell. The use of %c to insert the ! in #!/bin/bash suggests the original author doesn't really understand how bash's history expansion works.



IMHO it would be simpler and clearer to use a here-document:



function bacon.config.ubuntu.chage() {

CHAGE_SCRIPT='/etc/cron.daily/userchage'

if [ ! -e "$CHAGE_SCRIPT" ]; then

    cat << 'EOF' > "$CHAGE_SCRIPT"

#!/bin/bash 

for i in $(awk -F: '{if(($3 >= 1000)&&($3 <65534)) print $1}' /etc/passwd); do 

chage -m 0 -M 60 -W 10 $i 

done

EOF

    chmod +x "$CHAGE_SCRIPT"

fi

}


The operation of the second function should be pretty obvious - it could be simplified by combining all the sed commands so that the file is only written / moved once.






share|improve this answer
























  • If the $3 evaluates empty, is there a reason to include it? If I wanted something to complete the same task, without useless portions included how much would I need to change it?

    – Brendan77222
    4 hours ago











  • @Brendan77222 I'm assuming the empty evaluation of $3 was unintentional - since it would result in a syntax error from awk

    – steeldriver
    3 hours ago











  • would leaving it in or taking it out be something I need to be concerned with? Should I want it to function as intended at least.

    – Brendan77222
    38 mins ago














4












4








4







The first function checks whether file $CHAGE_SCRIPT exists, and if not attempts to create it with a printf statement. You can see what this statement does by running it in a terminal:



$ printf "#%c/bin/bash nfor i in $(awk -F: '{if(($3 >= 1000)&&($3 <65534)) print $1}' /etc/passwd); do nchage -m 0 -M 60 -W 10 $i ndone n" !

#!/bin/bash 

for i in $(awk -F: '{if(( >= 1000)&&( <65534)) print $1}' /etc/passwd); do 

chage -m 0 -M 60 -W 10 $i 

done


You will notice that instances of $3 evaluate empty because (unlike $1) they are not protected from expansion by the shell. The use of %c to insert the ! in #!/bin/bash suggests the original author doesn't really understand how bash's history expansion works.



IMHO it would be simpler and clearer to use a here-document:



function bacon.config.ubuntu.chage() {

CHAGE_SCRIPT='/etc/cron.daily/userchage'

if [ ! -e "$CHAGE_SCRIPT" ]; then

    cat << 'EOF' > "$CHAGE_SCRIPT"

#!/bin/bash 

for i in $(awk -F: '{if(($3 >= 1000)&&($3 <65534)) print $1}' /etc/passwd); do 

chage -m 0 -M 60 -W 10 $i 

done

EOF

    chmod +x "$CHAGE_SCRIPT"

fi

}


The operation of the second function should be pretty obvious - it could be simplified by combining all the sed commands so that the file is only written / moved once.






share|improve this answer













The first function checks whether file $CHAGE_SCRIPT exists, and if not attempts to create it with a printf statement. You can see what this statement does by running it in a terminal:



$ printf "#%c/bin/bash nfor i in $(awk -F: '{if(($3 >= 1000)&&($3 <65534)) print $1}' /etc/passwd); do nchage -m 0 -M 60 -W 10 $i ndone n" !

#!/bin/bash 

for i in $(awk -F: '{if(( >= 1000)&&( <65534)) print $1}' /etc/passwd); do 

chage -m 0 -M 60 -W 10 $i 

done


You will notice that instances of $3 evaluate empty because (unlike $1) they are not protected from expansion by the shell. The use of %c to insert the ! in #!/bin/bash suggests the original author doesn't really understand how bash's history expansion works.



IMHO it would be simpler and clearer to use a here-document:



function bacon.config.ubuntu.chage() {

CHAGE_SCRIPT='/etc/cron.daily/userchage'

if [ ! -e "$CHAGE_SCRIPT" ]; then

    cat << 'EOF' > "$CHAGE_SCRIPT"

#!/bin/bash 

for i in $(awk -F: '{if(($3 >= 1000)&&($3 <65534)) print $1}' /etc/passwd); do 

chage -m 0 -M 60 -W 10 $i 

done

EOF

    chmod +x "$CHAGE_SCRIPT"

fi

}


The operation of the second function should be pretty obvious - it could be simplified by combining all the sed commands so that the file is only written / moved once.







share|improve this answer












share|improve this answer



share|improve this answer










answered 5 hours ago









steeldriversteeldriver

71.3k11115187




71.3k11115187













  • If the $3 evaluates empty, is there a reason to include it? If I wanted something to complete the same task, without useless portions included how much would I need to change it?

    – Brendan77222
    4 hours ago











  • @Brendan77222 I'm assuming the empty evaluation of $3 was unintentional - since it would result in a syntax error from awk

    – steeldriver
    3 hours ago











  • would leaving it in or taking it out be something I need to be concerned with? Should I want it to function as intended at least.

    – Brendan77222
    38 mins ago



















  • If the $3 evaluates empty, is there a reason to include it? If I wanted something to complete the same task, without useless portions included how much would I need to change it?

    – Brendan77222
    4 hours ago











  • @Brendan77222 I'm assuming the empty evaluation of $3 was unintentional - since it would result in a syntax error from awk

    – steeldriver
    3 hours ago











  • would leaving it in or taking it out be something I need to be concerned with? Should I want it to function as intended at least.

    – Brendan77222
    38 mins ago

















If the $3 evaluates empty, is there a reason to include it? If I wanted something to complete the same task, without useless portions included how much would I need to change it?

– Brendan77222
4 hours ago





If the $3 evaluates empty, is there a reason to include it? If I wanted something to complete the same task, without useless portions included how much would I need to change it?

– Brendan77222
4 hours ago













@Brendan77222 I'm assuming the empty evaluation of $3 was unintentional - since it would result in a syntax error from awk

– steeldriver
3 hours ago





@Brendan77222 I'm assuming the empty evaluation of $3 was unintentional - since it would result in a syntax error from awk

– steeldriver
3 hours ago













would leaving it in or taking it out be something I need to be concerned with? Should I want it to function as intended at least.

– Brendan77222
38 mins ago





would leaving it in or taking it out be something I need to be concerned with? Should I want it to function as intended at least.

– Brendan77222
38 mins ago













3














The script contains two function definitions. The first function, bacon.config.ubuntu.chage, creates a script at /etc/cron.daily/userchage (comments added by me):



#!/bin/bash

# loop through users with uid >= 1000 and uid < 65534 theoretically, but $3 isn't escaped -> doesn't work

for i in $(awk -F: '{if(( >= 1000)&&( <65534)) print $1}' /etc/passwd);do

    # set password to expire after 60 days, warning after 50 days

    chage -m 0 -M 60 -W 10 $i

done


The second function installs logrotate and creates a config file for it.






share|improve this answer










New contributor




FliegendeWurst is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.





















  • Awesome those comments help a lot. is there a reason for inserting a script at /etc/chron.daily/userchage rather than just executing the for loop you put here? I am unfamiliar with userchage file's function

    – Brendan77222
    5 hours ago






  • 1





    Yes, any scripts in /etc/cron.daily/ will be executed once per day.

    – FliegendeWurst
    5 hours ago











  • Awesome, thank you for the confirmation on what I suspected. Awesome help.

    – Brendan77222
    5 hours ago
















3














The script contains two function definitions. The first function, bacon.config.ubuntu.chage, creates a script at /etc/cron.daily/userchage (comments added by me):



#!/bin/bash

# loop through users with uid >= 1000 and uid < 65534 theoretically, but $3 isn't escaped -> doesn't work

for i in $(awk -F: '{if(( >= 1000)&&( <65534)) print $1}' /etc/passwd);do

    # set password to expire after 60 days, warning after 50 days

    chage -m 0 -M 60 -W 10 $i

done


The second function installs logrotate and creates a config file for it.






share|improve this answer










New contributor




FliegendeWurst is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.





















  • Awesome those comments help a lot. is there a reason for inserting a script at /etc/chron.daily/userchage rather than just executing the for loop you put here? I am unfamiliar with userchage file's function

    – Brendan77222
    5 hours ago






  • 1





    Yes, any scripts in /etc/cron.daily/ will be executed once per day.

    – FliegendeWurst
    5 hours ago











  • Awesome, thank you for the confirmation on what I suspected. Awesome help.

    – Brendan77222
    5 hours ago














3












3








3







The script contains two function definitions. The first function, bacon.config.ubuntu.chage, creates a script at /etc/cron.daily/userchage (comments added by me):



#!/bin/bash

# loop through users with uid >= 1000 and uid < 65534 theoretically, but $3 isn't escaped -> doesn't work

for i in $(awk -F: '{if(( >= 1000)&&( <65534)) print $1}' /etc/passwd);do

    # set password to expire after 60 days, warning after 50 days

    chage -m 0 -M 60 -W 10 $i

done


The second function installs logrotate and creates a config file for it.






share|improve this answer










New contributor




FliegendeWurst is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.










The script contains two function definitions. The first function, bacon.config.ubuntu.chage, creates a script at /etc/cron.daily/userchage (comments added by me):



#!/bin/bash

# loop through users with uid >= 1000 and uid < 65534 theoretically, but $3 isn't escaped -> doesn't work

for i in $(awk -F: '{if(( >= 1000)&&( <65534)) print $1}' /etc/passwd);do

    # set password to expire after 60 days, warning after 50 days

    chage -m 0 -M 60 -W 10 $i

done


The second function installs logrotate and creates a config file for it.







share|improve this answer










New contributor




FliegendeWurst is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









share|improve this answer



share|improve this answer








edited 5 hours ago





















New contributor




FliegendeWurst is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









answered 5 hours ago









FliegendeWurstFliegendeWurst

1139




1139




New contributor




FliegendeWurst is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.





New contributor





FliegendeWurst is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.






FliegendeWurst is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.













  • Awesome those comments help a lot. is there a reason for inserting a script at /etc/chron.daily/userchage rather than just executing the for loop you put here? I am unfamiliar with userchage file's function

    – Brendan77222
    5 hours ago






  • 1





    Yes, any scripts in /etc/cron.daily/ will be executed once per day.

    – FliegendeWurst
    5 hours ago











  • Awesome, thank you for the confirmation on what I suspected. Awesome help.

    – Brendan77222
    5 hours ago



















  • Awesome those comments help a lot. is there a reason for inserting a script at /etc/chron.daily/userchage rather than just executing the for loop you put here? I am unfamiliar with userchage file's function

    – Brendan77222
    5 hours ago






  • 1





    Yes, any scripts in /etc/cron.daily/ will be executed once per day.

    – FliegendeWurst
    5 hours ago











  • Awesome, thank you for the confirmation on what I suspected. Awesome help.

    – Brendan77222
    5 hours ago

















Awesome those comments help a lot. is there a reason for inserting a script at /etc/chron.daily/userchage rather than just executing the for loop you put here? I am unfamiliar with userchage file's function

– Brendan77222
5 hours ago





Awesome those comments help a lot. is there a reason for inserting a script at /etc/chron.daily/userchage rather than just executing the for loop you put here? I am unfamiliar with userchage file's function

– Brendan77222
5 hours ago




1




1





Yes, any scripts in /etc/cron.daily/ will be executed once per day.

– FliegendeWurst
5 hours ago





Yes, any scripts in /etc/cron.daily/ will be executed once per day.

– FliegendeWurst
5 hours ago













Awesome, thank you for the confirmation on what I suspected. Awesome help.

– Brendan77222
5 hours ago





Awesome, thank you for the confirmation on what I suspected. Awesome help.

– Brendan77222
5 hours ago











2














The chage program changes the password expiry for all users. That is, it only lets them keep their current password for at most 60 days. It is run daily. The minimum duration of 0 is questionable as of https://security.stackexchange.com/questions/78758/what-is-the-purpose-of-the-password-minimum-age-setting. Maybe ask on https://security.stackexchange.com if this is really recommended.



Why logrotate should improve security is a bit above me.






share|improve this answer



















  • 1





    Oh, we definitely want a minimum password age of 24 hours. I assume that is the -m flag? I can read the man page as well, just was confused on why it used a check for a script. But I now feel from your comment it does that to ensure this is checked daily rather than a one time thing.

    – Brendan77222
    5 hours ago






  • 1





    Exactly. And -m seems correct. If you can read the man pages, you can see man cron for the cron.daily folder.

    – serv-inc
    1 hour ago


















2














The chage program changes the password expiry for all users. That is, it only lets them keep their current password for at most 60 days. It is run daily. The minimum duration of 0 is questionable as of https://security.stackexchange.com/questions/78758/what-is-the-purpose-of-the-password-minimum-age-setting. Maybe ask on https://security.stackexchange.com if this is really recommended.



Why logrotate should improve security is a bit above me.






share|improve this answer



















  • 1





    Oh, we definitely want a minimum password age of 24 hours. I assume that is the -m flag? I can read the man page as well, just was confused on why it used a check for a script. But I now feel from your comment it does that to ensure this is checked daily rather than a one time thing.

    – Brendan77222
    5 hours ago






  • 1





    Exactly. And -m seems correct. If you can read the man pages, you can see man cron for the cron.daily folder.

    – serv-inc
    1 hour ago
















2












2








2







The chage program changes the password expiry for all users. That is, it only lets them keep their current password for at most 60 days. It is run daily. The minimum duration of 0 is questionable as of https://security.stackexchange.com/questions/78758/what-is-the-purpose-of-the-password-minimum-age-setting. Maybe ask on https://security.stackexchange.com if this is really recommended.



Why logrotate should improve security is a bit above me.






share|improve this answer













The chage program changes the password expiry for all users. That is, it only lets them keep their current password for at most 60 days. It is run daily. The minimum duration of 0 is questionable as of https://security.stackexchange.com/questions/78758/what-is-the-purpose-of-the-password-minimum-age-setting. Maybe ask on https://security.stackexchange.com if this is really recommended.



Why logrotate should improve security is a bit above me.







share|improve this answer












share|improve this answer



share|improve this answer










answered 5 hours ago









serv-incserv-inc

1,7211521




1,7211521








  • 1





    Oh, we definitely want a minimum password age of 24 hours. I assume that is the -m flag? I can read the man page as well, just was confused on why it used a check for a script. But I now feel from your comment it does that to ensure this is checked daily rather than a one time thing.

    – Brendan77222
    5 hours ago






  • 1





    Exactly. And -m seems correct. If you can read the man pages, you can see man cron for the cron.daily folder.

    – serv-inc
    1 hour ago
















  • 1





    Oh, we definitely want a minimum password age of 24 hours. I assume that is the -m flag? I can read the man page as well, just was confused on why it used a check for a script. But I now feel from your comment it does that to ensure this is checked daily rather than a one time thing.

    – Brendan77222
    5 hours ago






  • 1





    Exactly. And -m seems correct. If you can read the man pages, you can see man cron for the cron.daily folder.

    – serv-inc
    1 hour ago










1




1





Oh, we definitely want a minimum password age of 24 hours. I assume that is the -m flag? I can read the man page as well, just was confused on why it used a check for a script. But I now feel from your comment it does that to ensure this is checked daily rather than a one time thing.

– Brendan77222
5 hours ago





Oh, we definitely want a minimum password age of 24 hours. I assume that is the -m flag? I can read the man page as well, just was confused on why it used a check for a script. But I now feel from your comment it does that to ensure this is checked daily rather than a one time thing.

– Brendan77222
5 hours ago




1




1





Exactly. And -m seems correct. If you can read the man pages, you can see man cron for the cron.daily folder.

– serv-inc
1 hour ago







Exactly. And -m seems correct. If you can read the man pages, you can see man cron for the cron.daily folder.

– serv-inc
1 hour ago












Brendan77222 is a new contributor. Be nice, and check out our Code of Conduct.










draft saved

draft discarded


















Brendan77222 is a new contributor. Be nice, and check out our Code of Conduct.













Brendan77222 is a new contributor. Be nice, and check out our Code of Conduct.












Brendan77222 is a new contributor. Be nice, and check out our Code of Conduct.
















Thanks for contributing an answer to Ask Ubuntu!


  • Please be sure to answer the question. Provide details and share your research!

But avoid



  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.


To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1138035%2funknown-code-in-script%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







-

Popular posts from this blog

Le Mesnil-Réaume

Image
Le Mesnil-Réaume Region Normandie Département Seine-Maritime Arrondissement Dieppe Kanton Eu Gemeindeverband Villes Sœurs Koordinaten 49° 58′  N , 1° 27′  O 49.9725 1.4463888888889 Koordinaten: 49° 58′  N , 1° 27′  O Höhe 92–156 m Fläche 5,55 km 2 Einwohner 793 (1. Januar 2016) Bevölkerungsdichte 143 Einw./km 2 Postleitzahl 76260 INSEE-Code 76435 Website http://www.mesnil-reaume.net/ Rathaus (Mairie) und Schule von Le Mesnil-Réaume Le Mesnil-Réaume ist eine französische Gemeinde mit 793 Einwohnern (Stand: 1. Januar 2016) im Département Seine-Maritime in der Region Normandie (vor 2016 Haute-Normandie). Sie gehört zum Arrondissement Dieppe und zum Kanton Eu. Die Einwohner werden Mesnillais genannt. Inhaltsverzeichnis 1 Geographie 2 Bevölkerungsentwicklung 3 Sehenswürdigkeiten 4 Weblinks Geographie | Le Mesnil-Réaume liegt etwa 43 Kilomet
Read more

Ida-Boy-Ed-Garten

Image
Die Lage des Ida-Boy-Ed-Gartens, rot markiert Der Ida-Boy-Ed-Garten Der Ida-Boy-Ed-Garten, Blick von der Wakenitzmauer durch das Tor in der Stadtmauer Der Ida-Boy-Ed-Garten ist eine Straße der Lübecker Altstadt. Inhaltsverzeichnis 1 Lage 2 Geschichte 3 Literatur 4 Weblinks Lage | Der etwa 90 Meter lange Ida-Boy-Ed-Garten befindet sich an der nördlichen Spitze der Altstadtinsel, vor dem Burgtor. Die in einem Bogen durch eine Grünanlage hangaufwärts führende Straße verbindet die Wakenitzmauer mit der Burgtorbrücke. Geschichte | Der heutige Ida-Boy-Ed-Garten wurde ursprünglich als Verlängerung der Wakenitzmauer angelegt. 1903 wurde in den erhaltenen Teil der mittelalterlichen Stadtmauer, an dem die Wakenitzmauer bei der Einmündung der Kaiserstraße begann, ein Tor mit einem großen Bogen für die Durchführung der Straße und zwei kleineren seitlichen Öffnungen für Fußgänger gebrochen, um für die neu errichteten Wohnhäuser in diesem Bereich
Read more

web3.py web3.isConnected() returns false always

Image
1 I am trying an tutorial on web3.py so i created a profile in infura and used its project id.But it shows false always when i try web3.isConnected() PS C:UsersHP> python Python 3.6.3 (v3.6.3:2c5fed8, Oct 3 2017, 18:11:49) [MSC v.1900 64 bit (AMD64)] on win32 Type "help", "copyright", "credits" or "license" for more information. >>> from web3 import Web3 >>> infura_url = "mainnet.infura.io/v3/******************************" >>> web3 = Web3(Web3.HTTPProvider(infura_url)) >>> web3.isConnected() False web3.py share | improve this question
Read more