23 lines
541 B
Bash
23 lines
541 B
Bash
#!/usr/bin/env bash
|
|
|
|
expected_inactive_days=45
|
|
|
|
if useradd -D | grep -Eq '^\s*INACTIVE\s*=\s*'$expected_inactive_days'\b'; then
|
|
echo "Default inactivity period is correct."
|
|
else
|
|
echo "Default inactivity period is incorrect."
|
|
exit 1
|
|
fi
|
|
|
|
while IFS=: read -r username password lastchg min max warn inactive_days expire; do
|
|
if [[ -z "$inactive_days" || "$inactive_days" == " " ]]; then
|
|
continue
|
|
fi
|
|
|
|
if [[ "$inactive_days" -gt $expected_inactive_days ]]; then
|
|
echo "User $username exceeds policy."
|
|
exit 1
|
|
fi
|
|
done </etc/shadow
|
|
exit 0
|