dump/output/list Linux password expiry info for all users

Context

So I set up a new Debian server and added some users for web space etc, the usual affair.

Skip forward 180 days and users start complaining their logins are not working. Given more than one person brought it up, I checked the auth logs and... BOOM. Failed logins due to password expiry. Dang!

Silly me had not considered the password expiry policy on this particular server.

Note, these users didn't have shell rights, but can login via sftp to manage their web space. So they wouldn't of been reminded about expiry or had the ability to change the password, even if they knew. From what I can tell, the error was only being logged server side. Client side it was a generic auth error.

Question

How can I easily interrogate the server to get the password expiry info for all users?

Once I have that info, I can easily see which users are being effected and those which will be affected in the future.

Kyle

Asked: 2010-12-22 10:47:42 +0800 CST

Ways to parse NCSA combined based log files

I've done a bit of site: searching with Google on Server Fault, Super User and Stack Overflow. I also checked non site specific results and and didn't really see a question like this, so here goes...

I did spot this question, related to grep and awk which has some great knowledge but I don't feel the text qualification challenge was addressed. This question also broadens the scope to any platform and any program.

I've got squid or apache logs based on the NCSA combined format. When I say based, meaning the first n col's in the file are per NCSA combined standards, there might be more col's with custom stuff.

Here is an example line from a squid combined log:

1.1.1.1 - - [11/Dec/2010:03:41:46 -0500] "GET http://yourdomain.com:8080/en/some-page.html HTTP/1.1" 200 2142 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; C) AppleWebKit/532.4 (KHTML, like Gecko)" TCP_MEM_HIT:NONE

I'd like to be able to parse n logs and output specific columns, for sorting, counting, finding unique values etc

The main challenge and what makes it a little tricky and also why I feel this question hasn't yet been asked or answered, is the text qualification conundrum.

When I spotted asql from the grep/awk question, I was very excited but then realised that it didn't support combined out of the box, something I'll look at extending I guess.

Looking forward to answers, and learning new stuff! Answers doesn't have to be limited to platform or program/language. For the context of this question, the platforms I use the most are Linux or OSX.

Cheers

dump/output/list Linux password expiry info for all users

Context

Question

Ways to parse NCSA combined based log files

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?

Kyle's questions

Context

Question