Hi everybody I am posting a summary of my question:
> Hi everybody, I need to know the date a user changed his/her password
> from the information in edauth, my system has DU 4.0B and is configured
> with Enhanced security, so if this is possible, how could be done?,
> thanks a lot for your help.
>
> Leonardo Mosquera
> System Manager
> Internet Telecom
> Colombia
Thanks a lot to:
Paul Yahnig <Yahnig_at_GroupWise.Kean.Edu>
Jakrit <jruangka_at_MCS.VUW.AC.NZ> I'm not good with perl so
still am trying to figure it out
Jane Kramer <Jane.Kramer_at_oberlin.edu> The most complete because
give me other utilities too.
John Speno <speno_at_isc.upenn.edu>
Steve VanDevender <stevev_at_hexadecimal.uoregon.edu>
and the answers are(same order):
1) When you do a passwd as root to that user, it will tell you when they
last did a password change and when the last failed password change was.
2) If you use database file /var/tcb/files/auth.db do strings
/var/tcb/files/auth.db | grep <user name> and look for the field
u_succhg
The value is in time_t format (secs. past 1/1/70) (Note: use
/tcb/files/auth.db for users with uid < 100)
3) I'm attaching a C program that I wrote, that reports on when a
password is due to expire. You can modify that, because it also grabs
information on when the password was last successfully changed
(pr->ufld.fd_schange). The last line of the program (commented out)
shows how to compile the program.
/*
* check_expire.c
* 6/17/98
* J. Kramer
*
* C program, to check password expiration status for a given user.
* This program (which must be run by root) is invoked from
* /root/scripts/check_expire.pl.
*/
#include <stdio.h>
#include <prot.h>
#include <time.h>
#include <locale.h>
#include <errno.h>
#include <sys/types.h>
#include <sys/security.h>
#include <sys/stat.h>
main(argc, argv, envp)
int argc;
char *argv[], *envp[];
{
int expiration_time;
char *name;
struct pr_passwd *pr; /* returned value */
struct pr_passwd pwbuf; /* buffer for saved values */
char tstr[80], strng[80], str2[80];
int i, error(), current_time, seconds;
time_t now;
struct stat fbuf; /* file buffer */
/*
* Usage...
*/
if (argc != 2)
{
printf("Usage: check_expire <username> \n");
exit();
}
/*
* This function must be called, prior to using the getprpwnam() and
* putprpwnam() functions.
*/
set_auth_parameters();
/*
* Retrieve the user's protected password database entry.
*/
pr = getprpwnam(argv[1]);
if (!pr)
{
printf("Error: getprpwnam failed to retrieve db entry
for %s.\n", argv[1]);
exit(1);
}
/*
printf("fd_schange=%d\n", pr->ufld.fd_schange);
printf("fd_expire=%d\n", pr->ufld.fd_expire);
*/
/*
* (Time of expiration) = (Time of last successful password change) +
* (Expiration period)
*/
expiration_time = pr->ufld.fd_schange + pr->ufld.fd_expire;
/*
* Get the current time (in seconds).
printf("now=%d\n", current_time);
*/
current_time = time();
/*
* Calculate number of seconds until the password expires. If that's
less
* than the number of seconds in a week (604800), report this.
printf("seconds until password expires = %d\n", seconds);
*/
seconds = pr->ufld.fd_schange + pr->ufld.fd_expire -
current_time;
if (seconds < 864000)
/*
* Print Time of Expiration (in legible date format).
*/
printf("Password expires at
%s\n",ctime(&expiration_time));
}
/* cc check_expire.c -lsecurity -o check_expire */
4) Yes. The field you want to look at is u_succhg. Read the man page on
prpasswd to find out about all the other fields.
The value of that field is a time_t value, so it must be converted to
a human readable format. You can use this perl command to do that:
perl -e grep\(print\(scalar\(localtime\(\$_\)\),\"\\n\"\),_at_ARGV\)\;
5) The u_succhg field in the user's authorization profile contains
the UNIX time (seconds since midnight, January 1, 1970 GMT) of the
user's last succsessful password change.
i.e.:
u_succhg#896204012
means the password was changed at 10:33:32 PDT on May 26, 1998.
6) finally I want to add that using /usr/tcb/bin/edauth -g username you
can see who did the change of the password and all the information that
has to do with it.
Thanks a lot for your help.
Leonardo Mosquera
System Manager
Internet Telecom
Colombia
Received on Wed Jul 01 1998 - 17:30:32 NZST