Boks_new_rootpw.ksh - Script for automatic changing of root passwords

2010-01-10 20:49:00

This script can be used to generate, set and verify a new password for any root account within your BoKS domain. It could be used as part of your monthly root password reset cycle, or for daily maintenance purposes. Functionality of the script includes:

Usage of check_boks_replication

./boks_new_rootpw [[-h HOST] [-H HG] [-i FILE] | -A] [-x HOST] [-X HG] [-f FILE] [-d -o FILE]

-h HOST		Change the root password for HOST. Multiple -h entries allowed.
-H HGROUP	Change the root passwords for HOSTGROUP. Multiple -H entries allowed.
-i FILE		Change the root passwords for all hosts in FILE.
-A 		Change the root passwords for ALL hosts.
-x EXCLUDE	Hosts to exclude (when using -H or -A). Multiple -x entries allowed.
-X EXCLUDEHG	Hostgroups to exclude (when using -A). Multiple -X entries allowed.
-f FILE		Output file to store the new root passwords in. Default is stdout.
-d 		Debug mode. Provides error logging. Does a dry-run, not doing any updates.
-o FILE	Output file for debugging logs. Required when -d is passed.

./boks_new_rootpw -h HOST1 -h HOST2 -f $BOKS_var/root.txt
./boks_new_rootpw -A -d -o /tmp/foobar

Multiple -h, -H, -i, -x, and -X entries are allowed.


If you do not use the -f flag to indicate an output file, the script will output everything to stdout. The output consists of a listing of hostname, plus root password, plus encrypted password string. Either way you may want to keep this output somewhere safe, for reference.

When running in debug/dry-run mode, the script outputs log messages to the output file specified with the -o flag. This file will show detailed error reports for failing root updates. BEWARE: THE DEBUG LOG WILL CONTAIN (UNUSED) ROOT PASSWORDS.

All (temporary) files created by this script are 0600, root:root. Duh! ^_^



Download boks_new_rootpw.ksh
$ wc boks_new_rootpw.ksh
     525    2549   16959 boks_new_rootpw.ksh

$ cksum boks_new_rootpw.ksh
4078240301 16959 boks_new_rootpw.ksh tags: , ,

View or add comments (curr. 3)