Forum: Cfengine Help
Subject: Re: Looking for some guidance with syncronizing passwords in AIX
Author: matter
Link to topic: https://cfengine.com/forum/read.php?3,20589,20612#msg-20612
This is a quick hack I just threw together, I would tighten up the regex as
well as the region and occurences, but you get the idea:
##########################################################################
body common control {
bundlesequence => { "changepass" };
}
##########################################################################
bundle agent changepass {
files:
"/tmp/passwd"
comment => "update the userid test with password LAKJxsW",
edit_line => security_edit("test","LAKJxsW");
}
##########################################################################
bundle edit_line security_edit(userid,password) {
replace_patterns:
"^(\tpassword) = (.*)$"
replace_with => new_password("$(password)"),
select_region => user_region("$(userid)");
}
##########################################################################
body replace_with new_password(password) {
replace_value => "$(match.1) = $(password)";
}
##########################################################################
body select_region user_region(userid) {
select_start => "^$(userid):";
}
##########################################################################
I tested it and it does work (I used /tmp/passwd instead of
/etc/security/passwd). Again, don't forget the lastupdate field, or the system
will think the id is still expired.
_______________________________________________
Help-cfengine mailing list
[email protected]
https://cfengine.org/mailman/listinfo/help-cfengine
