Unknown code in script Unicorn Meta Zoo #1: Why another podcast? Announcing the arrival of Valued Associate #679: Cesar ManaraBash escape from scriptScript Issue (Incrementation)Problem with bash scriptNew to script question: 'else' not expected in BASH scriptErrors in Averaging Function Script Code?Obfuscate a Bash scriptNot sure what this line of script code is doingExtracting source code by using script languageError return code of bash script is not the value I sendClear “unknown” characters from bash script

view price of already bought and installed apps on play sotr

Raising a bilingual kid. When should we introduce the majority language?

Is Electric Central Heating worth it if using Solar Panels?

Unable to completely uninstall Zoom meeting app

Sharepoint Designer Discontinuation - software to modify existing workflows

Is there any pythonic way to find average of specific tuple elements in array?

Co-worker works way more than he should

Should the Product Owner dictate what info the UI needs to display?

How exactly does Hawking radiation decrease the mass of black holes?

I preordered a game on my Xbox while on the home screen of my friend's account. Which of us owns the game?

Double-nominative constructions and “von”

Island of Knights, Knaves and Spies

"Whatever a Russian does, they end up making the Kalashnikov gun"? Are there any similar proverbs in English?

How do I reattach a shelf to the wall when it ripped out of the wall?

A faster way to compute the largest prime factor

Why didn't the Space Shuttle bounce back into space as many times as possible so as to lose a lot of kinetic energy up there?

What was Apollo 13's "Little Jolt" after MECO?

`microtype`: Set Minimum Width of a Space

How do I check if a string is entirely made of the same substring?

Will I lose my paid in full property

How to find the stem of any word?

Combinatorics problem, right solution?

Can a stored procedure reference the database in which it is stored?

How to avoid introduction cliches



Unknown code in script



Unicorn Meta Zoo #1: Why another podcast?
Announcing the arrival of Valued Associate #679: Cesar ManaraBash escape from scriptScript Issue (Incrementation)Problem with bash scriptNew to script question: 'else' not expected in BASH scriptErrors in Averaging Function Script Code?Obfuscate a Bash scriptNot sure what this line of script code is doingExtracting source code by using script languageError return code of bash script is not the value I sendClear “unknown” characters from bash script



.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty margin-bottom:0;








3















I found some code in a script given to me by another person as a resource for lockdown/hardening of Ubuntu 16.04 for a project I am doing.



I have no idea what it does and do no want to run it if I can't identify the change it would make, is anyone aware of what it does or changes? Only code without a brief explanation comment, and it happens to be the only thing I do not know. Also, second function is identifiable by function but I don't understand the purpose or specifics.



function bacon.config.ubuntu.chage() 
CHAGE_SCRIPT='/etc/cron.daily/userchage'
if [ ! -e $CHAGE_SCRIPT ]; then
printf "#%c/bin/bash nfor i in $(awk -F: 'if(($3 >= 1000)&&($3 <65534)) print $1' /etc/passwd); do nchage -m 0 -M 60 -W 10 $i ndone n" ! > $CHAGE_SCRIPT
 chmod +x $CHAGE_SCRIPT
fi


function bacon.config.ubuntu.log.rotate() 
 echo "bacon.config.ubuntu.log.rotate: [INFO] Installing logrotate..."

 sudo apt-get install logrotate 1>/dev/null

 echo "bacon.config.ubuntu.log.rotate: [INFO] Configuring logrotate..."
 sed 's/rotate 4/rotate 60/' /etc/logrotate.conf > /etc/logrotate.conf.new
 mv /etc/logrotate.conf.new /etc/logrotate.conf
 sed 's/rotate 1/rotate 60/' /etc/logrotate.conf > /etc/logrotate.conf.new
 mv /etc/logrotate.conf.new /etc/log.rotate.conf
 sed 's/rotate 7/rotate 1825/' /etc/logrotate.d/rsyslog > /etc/logrotate.d/rsyslog.new
 mv /etc/logrotate.d/rsyslog.new /etc/logrotate.d/rsyslog



Any help identifying these would be amazing.






bash scripts







share|improve this question









New contributor




Brendan77222 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.















  • 1





    I would ask the person who gave me the code what it does.

    – WinEunuuchs2Unix
    5 hours ago











  • @WinEunuuchs2Unix Normally I would as well, but they are away from the office for a while due to personal circumstances. Trust me, I know how much easier that would be. :)

    – Brendan77222
    5 hours ago

















3















I found some code in a script given to me by another person as a resource for lockdown/hardening of Ubuntu 16.04 for a project I am doing.



I have no idea what it does and do no want to run it if I can't identify the change it would make, is anyone aware of what it does or changes? Only code without a brief explanation comment, and it happens to be the only thing I do not know. Also, second function is identifiable by function but I don't understand the purpose or specifics.



function bacon.config.ubuntu.chage() 
CHAGE_SCRIPT='/etc/cron.daily/userchage'
if [ ! -e $CHAGE_SCRIPT ]; then
printf "#%c/bin/bash nfor i in $(awk -F: 'if(($3 >= 1000)&&($3 <65534)) print $1' /etc/passwd); do nchage -m 0 -M 60 -W 10 $i ndone n" ! > $CHAGE_SCRIPT
 chmod +x $CHAGE_SCRIPT
fi


function bacon.config.ubuntu.log.rotate() 
 echo "bacon.config.ubuntu.log.rotate: [INFO] Installing logrotate..."

 sudo apt-get install logrotate 1>/dev/null

 echo "bacon.config.ubuntu.log.rotate: [INFO] Configuring logrotate..."
 sed 's/rotate 4/rotate 60/' /etc/logrotate.conf > /etc/logrotate.conf.new
 mv /etc/logrotate.conf.new /etc/logrotate.conf
 sed 's/rotate 1/rotate 60/' /etc/logrotate.conf > /etc/logrotate.conf.new
 mv /etc/logrotate.conf.new /etc/log.rotate.conf
 sed 's/rotate 7/rotate 1825/' /etc/logrotate.d/rsyslog > /etc/logrotate.d/rsyslog.new
 mv /etc/logrotate.d/rsyslog.new /etc/logrotate.d/rsyslog



Any help identifying these would be amazing.






bash scripts







share|improve this question









New contributor




Brendan77222 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.















  • 1





    I would ask the person who gave me the code what it does.

    – WinEunuuchs2Unix
    5 hours ago











  • @WinEunuuchs2Unix Normally I would as well, but they are away from the office for a while due to personal circumstances. Trust me, I know how much easier that would be. :)

    – Brendan77222
    5 hours ago













3












3








3








I found some code in a script given to me by another person as a resource for lockdown/hardening of Ubuntu 16.04 for a project I am doing.



I have no idea what it does and do no want to run it if I can't identify the change it would make, is anyone aware of what it does or changes? Only code without a brief explanation comment, and it happens to be the only thing I do not know. Also, second function is identifiable by function but I don't understand the purpose or specifics.



function bacon.config.ubuntu.chage() 
CHAGE_SCRIPT='/etc/cron.daily/userchage'
if [ ! -e $CHAGE_SCRIPT ]; then
printf "#%c/bin/bash nfor i in $(awk -F: 'if(($3 >= 1000)&&($3 <65534)) print $1' /etc/passwd); do nchage -m 0 -M 60 -W 10 $i ndone n" ! > $CHAGE_SCRIPT
 chmod +x $CHAGE_SCRIPT
fi


function bacon.config.ubuntu.log.rotate() 
 echo "bacon.config.ubuntu.log.rotate: [INFO] Installing logrotate..."

 sudo apt-get install logrotate 1>/dev/null

 echo "bacon.config.ubuntu.log.rotate: [INFO] Configuring logrotate..."
 sed 's/rotate 4/rotate 60/' /etc/logrotate.conf > /etc/logrotate.conf.new
 mv /etc/logrotate.conf.new /etc/logrotate.conf
 sed 's/rotate 1/rotate 60/' /etc/logrotate.conf > /etc/logrotate.conf.new
 mv /etc/logrotate.conf.new /etc/log.rotate.conf
 sed 's/rotate 7/rotate 1825/' /etc/logrotate.d/rsyslog > /etc/logrotate.d/rsyslog.new
 mv /etc/logrotate.d/rsyslog.new /etc/logrotate.d/rsyslog



Any help identifying these would be amazing.






bash scripts







share|improve this question









New contributor




Brendan77222 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.












I found some code in a script given to me by another person as a resource for lockdown/hardening of Ubuntu 16.04 for a project I am doing.



I have no idea what it does and do no want to run it if I can't identify the change it would make, is anyone aware of what it does or changes? Only code without a brief explanation comment, and it happens to be the only thing I do not know. Also, second function is identifiable by function but I don't understand the purpose or specifics.



function bacon.config.ubuntu.chage() 
CHAGE_SCRIPT='/etc/cron.daily/userchage'
if [ ! -e $CHAGE_SCRIPT ]; then
printf "#%c/bin/bash nfor i in $(awk -F: 'if(($3 >= 1000)&&($3 <65534)) print $1' /etc/passwd); do nchage -m 0 -M 60 -W 10 $i ndone n" ! > $CHAGE_SCRIPT
 chmod +x $CHAGE_SCRIPT
fi


function bacon.config.ubuntu.log.rotate() 
 echo "bacon.config.ubuntu.log.rotate: [INFO] Installing logrotate..."

 sudo apt-get install logrotate 1>/dev/null

 echo "bacon.config.ubuntu.log.rotate: [INFO] Configuring logrotate..."
 sed 's/rotate 4/rotate 60/' /etc/logrotate.conf > /etc/logrotate.conf.new
 mv /etc/logrotate.conf.new /etc/logrotate.conf
 sed 's/rotate 1/rotate 60/' /etc/logrotate.conf > /etc/logrotate.conf.new
 mv /etc/logrotate.conf.new /etc/log.rotate.conf
 sed 's/rotate 7/rotate 1825/' /etc/logrotate.d/rsyslog > /etc/logrotate.d/rsyslog.new
 mv /etc/logrotate.d/rsyslog.new /etc/logrotate.d/rsyslog



Any help identifying these would be amazing.






bash scripts




bash scripts






share|improve this question









New contributor




Brendan77222 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.











share|improve this question









New contributor




Brendan77222 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









share|improve this question




share|improve this question








edited 3 hours ago









serv-inc

1,7111521




1,7111521






New contributor




Brendan77222 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









asked 5 hours ago









Brendan77222Brendan77222

164




164




New contributor




Brendan77222 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.





New contributor





Brendan77222 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.






Brendan77222 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.







  • 1





    I would ask the person who gave me the code what it does.

    – WinEunuuchs2Unix
    5 hours ago











  • @WinEunuuchs2Unix Normally I would as well, but they are away from the office for a while due to personal circumstances. Trust me, I know how much easier that would be. :)

    – Brendan77222
    5 hours ago












  • 1





    I would ask the person who gave me the code what it does.

    – WinEunuuchs2Unix
    5 hours ago











  • @WinEunuuchs2Unix Normally I would as well, but they are away from the office for a while due to personal circumstances. Trust me, I know how much easier that would be. :)

    – Brendan77222
    5 hours ago







1




1





I would ask the person who gave me the code what it does.

– WinEunuuchs2Unix
5 hours ago





I would ask the person who gave me the code what it does.

– WinEunuuchs2Unix
5 hours ago













@WinEunuuchs2Unix Normally I would as well, but they are away from the office for a while due to personal circumstances. Trust me, I know how much easier that would be. :)

– Brendan77222
5 hours ago





@WinEunuuchs2Unix Normally I would as well, but they are away from the office for a while due to personal circumstances. Trust me, I know how much easier that would be. :)

– Brendan77222
5 hours ago










3 Answers
3






active

oldest

votes


















3














The first function checks whether file $CHAGE_SCRIPT exists, and if not attempts to create it with a printf statement. You can see what this statement does by running it in a terminal:



$ printf "#%c/bin/bash nfor i in $(awk -F: 'if(($3 >= 1000)&&($3 <65534)) print $1' /etc/passwd); do nchage -m 0 -M 60 -W 10 $i ndone n" !
#!/bin/bash 
for i in $(awk -F: 'if(( >= 1000)&&( <65534)) print $1' /etc/passwd); do 
chage -m 0 -M 60 -W 10 $i 
done


You will notice that instances of $3 evaluate empty because (unlike $1) they are not protected from expansion by the shell. The use of %c to insert the ! in #!/bin/bash suggests the original author doesn't really understand how bash's history expansion works.



IMHO it would be simpler and clearer to use a here-document:



function bacon.config.ubuntu.chage() 
CHAGE_SCRIPT='/etc/cron.daily/userchage'
if [ ! -e "$CHAGE_SCRIPT" ]; then
 cat << 'EOF' > "$CHAGE_SCRIPT"
#!/bin/bash 
for i in $(awk -F: 'if(($3 >= 1000)&&($3 <65534)) print $1' /etc/passwd); do 
chage -m 0 -M 60 -W 10 $i 
done
EOF
 chmod +x "$CHAGE_SCRIPT"
fi



The operation of the second function should be pretty obvious - it could be simplified by combining all the sed commands so that the file is only written / moved once.






share|improve this answer























  • If the $3 evaluates empty, is there a reason to include it? If I wanted something to complete the same task, without useless portions included how much would I need to change it?

    – Brendan77222
    3 hours ago











  • @Brendan77222 I'm assuming the empty evaluation of $3 was unintentional - since it would result in a syntax error from awk

    – steeldriver
    2 hours ago


















2














The script contains two function definitions. The first function, bacon.config.ubuntu.chage, creates a script at /etc/cron.daily/userchage (comments added by me):



#!/bin/bash
# loop through users with uid >= 1000 and uid < 65534 theoretically, but $3 isn't escaped -> doesn't work
for i in $(awk -F: 'if(( >= 1000)&&( <65534)) print $1' /etc/passwd);do
 # set password to expire after 60 days, warning after 50 days
 chage -m 0 -M 60 -W 10 $i
done


The second function installs logrotate and creates a config file for it.






share|improve this answer










New contributor




FliegendeWurst is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.




















  • Awesome those comments help a lot. is there a reason for inserting a script at /etc/chron.daily/userchage rather than just executing the for loop you put here? I am unfamiliar with userchage file's function

    – Brendan77222
    4 hours ago











  • Yes, any scripts in /etc/cron.daily/ will be executed once per day.

    – FliegendeWurst
    4 hours ago











  • Awesome, thank you for the confirmation on what I suspected. Awesome help.

    – Brendan77222
    4 hours ago


















1














The chage program changes the password expiry for all users. That is, it only lets them keep their current password for at most 60 days. It is run daily. The minimum duration of 0 is questionable as of https://security.stackexchange.com/questions/78758/what-is-the-purpose-of-the-password-minimum-age-setting. Maybe ask on https://security.stackexchange.com if this is really recommended.



Why logrotate should improve security is a bit above me.






share|improve this answer


















  • 1





    Oh, we definitely want a minimum password age of 24 hours. I assume that is the -m flag? I can read the man page as well, just was confused on why it used a check for a script. But I now feel from your comment it does that to ensure this is checked daily rather than a one time thing.

    – Brendan77222
    4 hours ago











  • Exactly. And -m seems correct. If you can read the man pages, you can see man cron for the cron.daily folder.

    – serv-inc
    43 mins ago












Your Answer








StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "89"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);






Brendan77222 is a new contributor. Be nice, and check out our Code of Conduct.









draft saved

draft discarded


















StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1138035%2funknown-code-in-script%23new-answer', 'question_page');

);

Post as a guest















Required, but never shown

























3 Answers
3






active

oldest

votes








3 Answers
3






active

oldest

votes









active

oldest

votes






active

oldest

votes









3














The first function checks whether file $CHAGE_SCRIPT exists, and if not attempts to create it with a printf statement. You can see what this statement does by running it in a terminal:



$ printf "#%c/bin/bash nfor i in $(awk -F: 'if(($3 >= 1000)&&($3 <65534)) print $1' /etc/passwd); do nchage -m 0 -M 60 -W 10 $i ndone n" !
#!/bin/bash 
for i in $(awk -F: 'if(( >= 1000)&&( <65534)) print $1' /etc/passwd); do 
chage -m 0 -M 60 -W 10 $i 
done


You will notice that instances of $3 evaluate empty because (unlike $1) they are not protected from expansion by the shell. The use of %c to insert the ! in #!/bin/bash suggests the original author doesn't really understand how bash's history expansion works.



IMHO it would be simpler and clearer to use a here-document:



function bacon.config.ubuntu.chage() 
CHAGE_SCRIPT='/etc/cron.daily/userchage'
if [ ! -e "$CHAGE_SCRIPT" ]; then
 cat << 'EOF' > "$CHAGE_SCRIPT"
#!/bin/bash 
for i in $(awk -F: 'if(($3 >= 1000)&&($3 <65534)) print $1' /etc/passwd); do 
chage -m 0 -M 60 -W 10 $i 
done
EOF
 chmod +x "$CHAGE_SCRIPT"
fi



The operation of the second function should be pretty obvious - it could be simplified by combining all the sed commands so that the file is only written / moved once.






share|improve this answer























  • If the $3 evaluates empty, is there a reason to include it? If I wanted something to complete the same task, without useless portions included how much would I need to change it?

    – Brendan77222
    3 hours ago











  • @Brendan77222 I'm assuming the empty evaluation of $3 was unintentional - since it would result in a syntax error from awk

    – steeldriver
    2 hours ago















3














The first function checks whether file $CHAGE_SCRIPT exists, and if not attempts to create it with a printf statement. You can see what this statement does by running it in a terminal:



$ printf "#%c/bin/bash nfor i in $(awk -F: 'if(($3 >= 1000)&&($3 <65534)) print $1' /etc/passwd); do nchage -m 0 -M 60 -W 10 $i ndone n" !
#!/bin/bash 
for i in $(awk -F: 'if(( >= 1000)&&( <65534)) print $1' /etc/passwd); do 
chage -m 0 -M 60 -W 10 $i 
done


You will notice that instances of $3 evaluate empty because (unlike $1) they are not protected from expansion by the shell. The use of %c to insert the ! in #!/bin/bash suggests the original author doesn't really understand how bash's history expansion works.



IMHO it would be simpler and clearer to use a here-document:



function bacon.config.ubuntu.chage() 
CHAGE_SCRIPT='/etc/cron.daily/userchage'
if [ ! -e "$CHAGE_SCRIPT" ]; then
 cat << 'EOF' > "$CHAGE_SCRIPT"
#!/bin/bash 
for i in $(awk -F: 'if(($3 >= 1000)&&($3 <65534)) print $1' /etc/passwd); do 
chage -m 0 -M 60 -W 10 $i 
done
EOF
 chmod +x "$CHAGE_SCRIPT"
fi



The operation of the second function should be pretty obvious - it could be simplified by combining all the sed commands so that the file is only written / moved once.






share|improve this answer























  • If the $3 evaluates empty, is there a reason to include it? If I wanted something to complete the same task, without useless portions included how much would I need to change it?

    – Brendan77222
    3 hours ago











  • @Brendan77222 I'm assuming the empty evaluation of $3 was unintentional - since it would result in a syntax error from awk

    – steeldriver
    2 hours ago













3












3








3







The first function checks whether file $CHAGE_SCRIPT exists, and if not attempts to create it with a printf statement. You can see what this statement does by running it in a terminal:



$ printf "#%c/bin/bash nfor i in $(awk -F: 'if(($3 >= 1000)&&($3 <65534)) print $1' /etc/passwd); do nchage -m 0 -M 60 -W 10 $i ndone n" !
#!/bin/bash 
for i in $(awk -F: 'if(( >= 1000)&&( <65534)) print $1' /etc/passwd); do 
chage -m 0 -M 60 -W 10 $i 
done


You will notice that instances of $3 evaluate empty because (unlike $1) they are not protected from expansion by the shell. The use of %c to insert the ! in #!/bin/bash suggests the original author doesn't really understand how bash's history expansion works.



IMHO it would be simpler and clearer to use a here-document:



function bacon.config.ubuntu.chage() 
CHAGE_SCRIPT='/etc/cron.daily/userchage'
if [ ! -e "$CHAGE_SCRIPT" ]; then
 cat << 'EOF' > "$CHAGE_SCRIPT"
#!/bin/bash 
for i in $(awk -F: 'if(($3 >= 1000)&&($3 <65534)) print $1' /etc/passwd); do 
chage -m 0 -M 60 -W 10 $i 
done
EOF
 chmod +x "$CHAGE_SCRIPT"
fi



The operation of the second function should be pretty obvious - it could be simplified by combining all the sed commands so that the file is only written / moved once.






share|improve this answer













The first function checks whether file $CHAGE_SCRIPT exists, and if not attempts to create it with a printf statement. You can see what this statement does by running it in a terminal:



$ printf "#%c/bin/bash nfor i in $(awk -F: 'if(($3 >= 1000)&&($3 <65534)) print $1' /etc/passwd); do nchage -m 0 -M 60 -W 10 $i ndone n" !
#!/bin/bash 
for i in $(awk -F: 'if(( >= 1000)&&( <65534)) print $1' /etc/passwd); do 
chage -m 0 -M 60 -W 10 $i 
done


You will notice that instances of $3 evaluate empty because (unlike $1) they are not protected from expansion by the shell. The use of %c to insert the ! in #!/bin/bash suggests the original author doesn't really understand how bash's history expansion works.



IMHO it would be simpler and clearer to use a here-document:



function bacon.config.ubuntu.chage() 
CHAGE_SCRIPT='/etc/cron.daily/userchage'
if [ ! -e "$CHAGE_SCRIPT" ]; then
 cat << 'EOF' > "$CHAGE_SCRIPT"
#!/bin/bash 
for i in $(awk -F: 'if(($3 >= 1000)&&($3 <65534)) print $1' /etc/passwd); do 
chage -m 0 -M 60 -W 10 $i 
done
EOF
 chmod +x "$CHAGE_SCRIPT"
fi



The operation of the second function should be pretty obvious - it could be simplified by combining all the sed commands so that the file is only written / moved once.







share|improve this answer












share|improve this answer



share|improve this answer










answered 4 hours ago









steeldriversteeldriver

71.3k11115187




71.3k11115187












  • If the $3 evaluates empty, is there a reason to include it? If I wanted something to complete the same task, without useless portions included how much would I need to change it?

    – Brendan77222
    3 hours ago











  • @Brendan77222 I'm assuming the empty evaluation of $3 was unintentional - since it would result in a syntax error from awk

    – steeldriver
    2 hours ago

















  • If the $3 evaluates empty, is there a reason to include it? If I wanted something to complete the same task, without useless portions included how much would I need to change it?

    – Brendan77222
    3 hours ago











  • @Brendan77222 I'm assuming the empty evaluation of $3 was unintentional - since it would result in a syntax error from awk

    – steeldriver
    2 hours ago
















If the $3 evaluates empty, is there a reason to include it? If I wanted something to complete the same task, without useless portions included how much would I need to change it?

– Brendan77222
3 hours ago





If the $3 evaluates empty, is there a reason to include it? If I wanted something to complete the same task, without useless portions included how much would I need to change it?

– Brendan77222
3 hours ago













@Brendan77222 I'm assuming the empty evaluation of $3 was unintentional - since it would result in a syntax error from awk

– steeldriver
2 hours ago





@Brendan77222 I'm assuming the empty evaluation of $3 was unintentional - since it would result in a syntax error from awk

– steeldriver
2 hours ago













2














The script contains two function definitions. The first function, bacon.config.ubuntu.chage, creates a script at /etc/cron.daily/userchage (comments added by me):



#!/bin/bash
# loop through users with uid >= 1000 and uid < 65534 theoretically, but $3 isn't escaped -> doesn't work
for i in $(awk -F: 'if(( >= 1000)&&( <65534)) print $1' /etc/passwd);do
 # set password to expire after 60 days, warning after 50 days
 chage -m 0 -M 60 -W 10 $i
done


The second function installs logrotate and creates a config file for it.






share|improve this answer










New contributor




FliegendeWurst is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.




















  • Awesome those comments help a lot. is there a reason for inserting a script at /etc/chron.daily/userchage rather than just executing the for loop you put here? I am unfamiliar with userchage file's function

    – Brendan77222
    4 hours ago











  • Yes, any scripts in /etc/cron.daily/ will be executed once per day.

    – FliegendeWurst
    4 hours ago











  • Awesome, thank you for the confirmation on what I suspected. Awesome help.

    – Brendan77222
    4 hours ago















2














The script contains two function definitions. The first function, bacon.config.ubuntu.chage, creates a script at /etc/cron.daily/userchage (comments added by me):



#!/bin/bash
# loop through users with uid >= 1000 and uid < 65534 theoretically, but $3 isn't escaped -> doesn't work
for i in $(awk -F: 'if(( >= 1000)&&( <65534)) print $1' /etc/passwd);do
 # set password to expire after 60 days, warning after 50 days
 chage -m 0 -M 60 -W 10 $i
done


The second function installs logrotate and creates a config file for it.






share|improve this answer










New contributor




FliegendeWurst is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.




















  • Awesome those comments help a lot. is there a reason for inserting a script at /etc/chron.daily/userchage rather than just executing the for loop you put here? I am unfamiliar with userchage file's function

    – Brendan77222
    4 hours ago











  • Yes, any scripts in /etc/cron.daily/ will be executed once per day.

    – FliegendeWurst
    4 hours ago











  • Awesome, thank you for the confirmation on what I suspected. Awesome help.

    – Brendan77222
    4 hours ago













2












2








2







The script contains two function definitions. The first function, bacon.config.ubuntu.chage, creates a script at /etc/cron.daily/userchage (comments added by me):



#!/bin/bash
# loop through users with uid >= 1000 and uid < 65534 theoretically, but $3 isn't escaped -> doesn't work
for i in $(awk -F: 'if(( >= 1000)&&( <65534)) print $1' /etc/passwd);do
 # set password to expire after 60 days, warning after 50 days
 chage -m 0 -M 60 -W 10 $i
done


The second function installs logrotate and creates a config file for it.






share|improve this answer










New contributor




FliegendeWurst is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.










The script contains two function definitions. The first function, bacon.config.ubuntu.chage, creates a script at /etc/cron.daily/userchage (comments added by me):



#!/bin/bash
# loop through users with uid >= 1000 and uid < 65534 theoretically, but $3 isn't escaped -> doesn't work
for i in $(awk -F: 'if(( >= 1000)&&( <65534)) print $1' /etc/passwd);do
 # set password to expire after 60 days, warning after 50 days
 chage -m 0 -M 60 -W 10 $i
done


The second function installs logrotate and creates a config file for it.







share|improve this answer










New contributor




FliegendeWurst is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









share|improve this answer



share|improve this answer








edited 4 hours ago





















New contributor




FliegendeWurst is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









answered 4 hours ago









FliegendeWurstFliegendeWurst

1039




1039




New contributor




FliegendeWurst is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.





New contributor





FliegendeWurst is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.






FliegendeWurst is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.












  • Awesome those comments help a lot. is there a reason for inserting a script at /etc/chron.daily/userchage rather than just executing the for loop you put here? I am unfamiliar with userchage file's function

    – Brendan77222
    4 hours ago











  • Yes, any scripts in /etc/cron.daily/ will be executed once per day.

    – FliegendeWurst
    4 hours ago











  • Awesome, thank you for the confirmation on what I suspected. Awesome help.

    – Brendan77222
    4 hours ago

















  • Awesome those comments help a lot. is there a reason for inserting a script at /etc/chron.daily/userchage rather than just executing the for loop you put here? I am unfamiliar with userchage file's function

    – Brendan77222
    4 hours ago











  • Yes, any scripts in /etc/cron.daily/ will be executed once per day.

    – FliegendeWurst
    4 hours ago











  • Awesome, thank you for the confirmation on what I suspected. Awesome help.

    – Brendan77222
    4 hours ago
















Awesome those comments help a lot. is there a reason for inserting a script at /etc/chron.daily/userchage rather than just executing the for loop you put here? I am unfamiliar with userchage file's function

– Brendan77222
4 hours ago





Awesome those comments help a lot. is there a reason for inserting a script at /etc/chron.daily/userchage rather than just executing the for loop you put here? I am unfamiliar with userchage file's function

– Brendan77222
4 hours ago













Yes, any scripts in /etc/cron.daily/ will be executed once per day.

– FliegendeWurst
4 hours ago





Yes, any scripts in /etc/cron.daily/ will be executed once per day.

– FliegendeWurst
4 hours ago













Awesome, thank you for the confirmation on what I suspected. Awesome help.

– Brendan77222
4 hours ago





Awesome, thank you for the confirmation on what I suspected. Awesome help.

– Brendan77222
4 hours ago











1














The chage program changes the password expiry for all users. That is, it only lets them keep their current password for at most 60 days. It is run daily. The minimum duration of 0 is questionable as of https://security.stackexchange.com/questions/78758/what-is-the-purpose-of-the-password-minimum-age-setting. Maybe ask on https://security.stackexchange.com if this is really recommended.



Why logrotate should improve security is a bit above me.






share|improve this answer


















  • 1





    Oh, we definitely want a minimum password age of 24 hours. I assume that is the -m flag? I can read the man page as well, just was confused on why it used a check for a script. But I now feel from your comment it does that to ensure this is checked daily rather than a one time thing.

    – Brendan77222
    4 hours ago











  • Exactly. And -m seems correct. If you can read the man pages, you can see man cron for the cron.daily folder.

    – serv-inc
    43 mins ago
















1














The chage program changes the password expiry for all users. That is, it only lets them keep their current password for at most 60 days. It is run daily. The minimum duration of 0 is questionable as of https://security.stackexchange.com/questions/78758/what-is-the-purpose-of-the-password-minimum-age-setting. Maybe ask on https://security.stackexchange.com if this is really recommended.



Why logrotate should improve security is a bit above me.






share|improve this answer


















  • 1





    Oh, we definitely want a minimum password age of 24 hours. I assume that is the -m flag? I can read the man page as well, just was confused on why it used a check for a script. But I now feel from your comment it does that to ensure this is checked daily rather than a one time thing.

    – Brendan77222
    4 hours ago











  • Exactly. And -m seems correct. If you can read the man pages, you can see man cron for the cron.daily folder.

    – serv-inc
    43 mins ago














1












1








1







The chage program changes the password expiry for all users. That is, it only lets them keep their current password for at most 60 days. It is run daily. The minimum duration of 0 is questionable as of https://security.stackexchange.com/questions/78758/what-is-the-purpose-of-the-password-minimum-age-setting. Maybe ask on https://security.stackexchange.com if this is really recommended.



Why logrotate should improve security is a bit above me.






share|improve this answer













The chage program changes the password expiry for all users. That is, it only lets them keep their current password for at most 60 days. It is run daily. The minimum duration of 0 is questionable as of https://security.stackexchange.com/questions/78758/what-is-the-purpose-of-the-password-minimum-age-setting. Maybe ask on https://security.stackexchange.com if this is really recommended.



Why logrotate should improve security is a bit above me.







share|improve this answer












share|improve this answer



share|improve this answer










answered 4 hours ago









serv-incserv-inc

1,7111521




1,7111521







  • 1





    Oh, we definitely want a minimum password age of 24 hours. I assume that is the -m flag? I can read the man page as well, just was confused on why it used a check for a script. But I now feel from your comment it does that to ensure this is checked daily rather than a one time thing.

    – Brendan77222
    4 hours ago











  • Exactly. And -m seems correct. If you can read the man pages, you can see man cron for the cron.daily folder.

    – serv-inc
    43 mins ago













  • 1





    Oh, we definitely want a minimum password age of 24 hours. I assume that is the -m flag? I can read the man page as well, just was confused on why it used a check for a script. But I now feel from your comment it does that to ensure this is checked daily rather than a one time thing.

    – Brendan77222
    4 hours ago











  • Exactly. And -m seems correct. If you can read the man pages, you can see man cron for the cron.daily folder.

    – serv-inc
    43 mins ago








1




1





Oh, we definitely want a minimum password age of 24 hours. I assume that is the -m flag? I can read the man page as well, just was confused on why it used a check for a script. But I now feel from your comment it does that to ensure this is checked daily rather than a one time thing.

– Brendan77222
4 hours ago





Oh, we definitely want a minimum password age of 24 hours. I assume that is the -m flag? I can read the man page as well, just was confused on why it used a check for a script. But I now feel from your comment it does that to ensure this is checked daily rather than a one time thing.

– Brendan77222
4 hours ago













Exactly. And -m seems correct. If you can read the man pages, you can see man cron for the cron.daily folder.

– serv-inc
43 mins ago






Exactly. And -m seems correct. If you can read the man pages, you can see man cron for the cron.daily folder.

– serv-inc
43 mins ago











Brendan77222 is a new contributor. Be nice, and check out our Code of Conduct.









draft saved

draft discarded


















Brendan77222 is a new contributor. Be nice, and check out our Code of Conduct.












Brendan77222 is a new contributor. Be nice, and check out our Code of Conduct.











Brendan77222 is a new contributor. Be nice, and check out our Code of Conduct.














Thanks for contributing an answer to Ask Ubuntu!


  • Please be sure to answer the question. Provide details and share your research!

But avoid


  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.

To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1138035%2funknown-code-in-script%23new-answer', 'question_page');

);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







-

Popular posts from this blog

Log på Navigationsmenu

Image
DeutschEnglishEsperantofrançaisespañolitalianoNederlands (function()var node=document.getElementById("mw-dismissablenotice-anonplace");if(node)node.outerHTML="u003Cdiv class="mw-dismissable-notice"u003Eu003Cdiv class="mw-dismissable-notice-close"u003E[u003Ca tabindex="0" role="button"u003ELuku003C/au003E]u003C/divu003Eu003Cdiv class="mw-dismissable-notice-body"u003Eu003Cdiv id="localNotice" lang="da" dir="ltr"u003Eu003Cpu003EI u003Ca href="/wiki/Wikipedia:Fokusm%C3%A5ned/maj_2019" title="Wikipedia:Fokusmåned/maj 2019"u003Emaj 2019u003C/au003E fokuserer vi på u003Cbu003Elokaliteter i Danmark som ikke er beskrevet på dansk Wikipediau003C/bu003E.u003Cbr /u003EDu kan desuden deltage i årets u003Ciu003Eu003Ca href="/wiki/Bruger:Ramloser/for%C3%A5rskonkurrence_2019" title="Bruger:Ramloser/forårskonkurrence 2019"u003Eforårskonkurrenceu003C/au003Eu003C/iu...
Read more

Creating second map without labels using QGIS?How to lock map labels for inset map in Print Composer?How to Force the Showing of Labels of a Vector File in QGISQGIS Valmiera, Labels only show for part of polygonsRemoving duplicate point labels in QGISLabeling every feature using QGIS?Show labels for point features outside map canvasAbbreviate Road Labels in QGIS only when requiredExporting map from composer in QGIS - text labels have moved in output?How to make sure labels in qgis turn up in layout map?Writing label expression with ArcMap and If then Statement?

Image
Why is the Eisenstein ideal paper so great? What would prevent living skin from being a good conductor for magic? Using too much dialogue? Fixie: how to learn to ride: step by step Who knighted this character? The Maltese Falcon Expected maximum number of unpaired socks If I arrive in the UK, and then head to mainland Europe, does my Schengen visa 90 day limit start when I arrived in the UK, or mainland Europe? Why does Bran want to find Drogon? Why isn't Tyrion mentioned in 'A song of Ice and Fire'? Did this character show any indication of wanting to rule before S8E6? Should I split timestamp parts into separate columns? What were the Ethiopians doing in Xerxes' army? “For nothing” = “pour rien”? Can you still travel to America on the ESTA waiver program if you have been to Iran in transit? Can a UK national work as a paid shop assistant in the USA? Why does the Starter Set wizard have six spells in their spellbook? Why does sp...
Read more

Nuuk Indholdsfortegnelse Etyomologi | Historie | Geografi | Transport og infrastruktur | Politik og administration | Uddannelsesinstitutioner | Kultur | Venskabsbyer | Noter | Eksterne henvisninger | Se også | Navigationsmenuwww.sermersooq.gl64°10′N 51°45′V / 64.167°N 51.750°V / 64.167; -51.75064°10′N 51°45′V / 64.167°N 51.750°V / 64.167; -51.750DMI - KlimanormalerSalmonsen, s. 850Grønlands Naturinstitut undersøger rensdyr i Akia og Maniitsoq foråret 2008Grønlands NaturinstitutNy vej til Qinngorput indviet i dagAntallet af biler i Nuuk må begrænsesNy taxacentral mødt med demonstrationKøreplan. Rute 1, 2 og 3SnescootersporNuukNord er for storSkoler i Kommuneqarfik SermersooqAtuarfik Samuel KleinschmidtKangillinguit AtuarfiatNuussuup AtuarfiaNuuk Internationale FriskoleIlinniarfissuaq, Grønlands SeminariumLedelseÅrsberetning for 2008Kunst og arkitekturÅrsberetning for 2008Julie om naturenNuuk KunstmuseumSilamiutGrønlands Nationalmuseum og ArkivStatistisk ÅrbogGrønlands LandsbibliotekStore koncerter på stribeVandhund nummer 1.000.000Kommuneqarfik Sermersooq – MalikForsidenVenskabsbyerLyngby-Taarbæk i GrønlandArctic Business NetworkWinter Cities 2008 i NuukDagligt opdaterede satellitbilleder fra NuukområdetKommuneqarfik Sermersooqs hjemmesideTurist i NuukGrønlands Statistiks databankGrønlands Hjemmestyres valgresultaterrrWorldCat124325457671310-5

Image
CentrumNuussuaqKolonihavnenQernertunnguitQinngorputQuassussuup TungaaMyggedalenRadiofjeldetKatuaqNuuk CenterGrønlands Nationalmuseum og ArkivHotel Hans EgedeBrættetHerrnhuthusetNuuk KunstmuseumVor Frelser KirkeHans Egede KirkeNuuk TuristkontorSømandshjemmetHans Egedes statueArctic Umiaq LineNuuk LufthavnNuuk HavnNuup BussiiTaxagutNuuk TaxiRoyal Arctic LineRoyal GreenlandIlulissat (Jakobshavn)Qaanaaq (Thule)UpernavikUummannaqAappilattoqIkerasak (Sundet)Ilimanaq (Claushavn)IllorsuitInnaarsuitKangersuatsiaq (Prøven)Kullorsuaq (Djævelens Tommelfinger)MoriusaqNaajaatNiaqornatNutaarmiutNuugaatsiaqNuussuaq (Kraulshavn)Oqaatsut (Rodebay)QaarsutQeqertaqQeqertatSaattutSaqqaqSavissivikSiorapalukTasiusaqTussaaqUkkusissatUpernavik Kujalleq (Søndre Upernavik)Maniitsoq (Sukkertoppen)Sisimiut (Holsteinsborg)AtammikItilleqKangaamiut (Gammel Sukkertoppen)Kangerlussuaq (Søndre Strømfjord)NapasoqSarfannguitNanortalikNarsaqQaqortoq (Julianehåb)AappilattoqAlluitsu...
Read more