Password Enforcing
Ir para navegação
Ir para pesquisar
#!/bin/bash
export PASSENFORCINGDIR=/etc/bkp-password-enforcing
function FNTHROW() {
echo "Gone bad. Execution aborted at Task " $1
exit 1
}
function FNBACKUP() {
echo BACKUP $1
if [ -f $1 ]
then
mkdir -p $PASSENFORCINGDIR
tar cf - $1 | gzip -9 > $PASSENFORCINGDIR/$(echo $1 | sed -e "s/\//_/g").$(date +"%Y-%m-%d_%H-%M_%S").tgz
else
FNTHROW backup
fi
}
function FNCOMMAND() {
echo COMMAND $1
$1
if [ $? -ne 0 ]
then
FNTHROW $1
fi
}
function FNSED() {
sed -i "s/^PASS_MAX_DAYS.*/PASS_MAX_DAYS 30/g" /etc/login.defs
sed -i "s/^PASS_MIN_DAYS.*/PASS_MIN_DAYS 1/g" /etc/login.defs
sed -i "s/pam_pwquality.so/pam_pwquality.so remember=16 /g" /etc/pam.d/password-auth
}
FNBACKUP /etc/security/pwquality.conf
FNBACKUP /etc/login.defs
FNBACKUP /etc/pam.d/password-auth
FNCOMMAND "authconfig --passminlen=16 --update"
FNCOMMAND "authconfig --enablereqlower --update"
FNCOMMAND "authconfig --enablerequpper --update"
FNCOMMAND "authconfig --enablereqdigit --update"
FNCOMMAND "authconfig --enablereqother --update"
FNSED
echo End of execution
exit 0