usr.bin/skey/skeyaudit.sh

   1 #!/bin/sh
   2 #
   3 #       $NetBSD: skeyaudit.sh,v 1.3 2000/07/07 15:19:09 mjl Exp $
   4 #
   5 # This script will look thru the skeykeys file for
   6 # people with sequence numbers less than LOWLIMIT=12
   7 # and send them an e-mail reminder to use skeyinit soon
   8 #
   9
  10 AWK=/usr/bin/awk
  11 GREP=/usr/bin/grep
  12 ECHO=/bin/echo
  13 KEYDB=/etc/skeykeys
  14 LOWLIMIT=12
  15 ADMIN=root
  16 SUBJECT="Reminder: Run skeyinit"
  17 HOST=`/bin/hostname`
  18
  19
  20 if [ "$1" != "" ]
  21 then
  22  LOWLIMIT=$1
  23 fi
  24
  25 if [ ! -s "${KEYDB}" ]; then
  26   exit 0
  27 fi
  28
  29 # an skeykeys entry looks like
  30 #   jsw 0076 la13079          ba20a75528de9d3a
  31 #   #oot md5 0005 aspa26398        9432d570ff4421f0  Jul 07,2000 01:36:43
  32 #   mjl sha1 0099 alpha2           459a5dac23d20a90  Jul 07,2000 02:14:17
  33 # the sequence number is the second (or third) entry
  34 #
  35
  36 SKEYS=`$AWK '/^#/ {next} {if($2 ~ /^[0-9]+$/) print $1,$2,$3; else print $1,$3,$4; }' $KEYDB`
  37
  38 set -- ${SKEYS}
  39
  40 while [ "X$1" != "X" ]; do
  41   USER=$1
  42   SEQ=$2
  43   KEY=$3
  44   shift 3
  45   # echo "$USER -- $SEQ -- $KEY"
  46   if [ $SEQ -lt $LOWLIMIT ]; then
  47     if [ $SEQ -lt  3 ]; then
  48       SUBJECT="IMPORTANT action required"
  49     fi
  50     (
  51     $ECHO "You are nearing the end of your current S/Key sequence for account $i"
  52     $ECHO "on system $HOST."
  53     $ECHO ""
  54     $ECHO "Your S/key sequence number is now $SEQ.  When it reaches zero you"
  55     $ECHO "will no longer be able to use S/Key to login into the system.  "
  56     $ECHO " "
  57     $ECHO "Use \"skeyinit -s\" to reinitialize your sequence number."
  58     $ECHO ""
  59     ) | /usr/bin/Mail -s "$SUBJECT"  $USER $ADMIN
  60   fi
  61 done