Wednesday, July 24, 2019

How to check the lock status of any user account in Linux?




We can use passwd command to check the status of any user.


 passwd --help                                                                                                                                                                  
Usage: passwd [options] [LOGIN]


Options:
  -a, --all                     report password status on all accounts
  -d, --delete                  delete the password for the named account
  -e, --expire                  force expire the password for the named account
  -h, --help                    display this help message and exit
  -k, --keep-tokens             change password only if expired
  -i, --inactive INACTIVE       set password inactive after expiration
                                to INACTIVE
  -l, --lock                    lock the password of the named account
  -n, --mindays MIN_DAYS        set minimum number of days before password
                                change to MIN_DAYS
  -q, --quiet                   quiet mode
  -r, --repository REPOSITORY   change password in REPOSITORY repository
  -R, --root CHROOT_DIR         directory to chroot into
  -S, --status                  report password status on the named account
  -u, --unlock                  unlock the password of the named account
  -w, --warndays WARN_DAYS      set expiration warning days to WARN_DAYS
  -x, --maxdays MAX_DAYS        set maximum number of days before password
                                change to MAX_DAYS




Syntax:


passwd -S user_name


sudo passwd -S dev
dev NP 07/06/2017 0 99999 7 -1


Display account status information. The status information consists of 7 fields. The first field
is the user's login name. The second field indicates if the user account has a locked
password (L), has no password (NP), or has a usable password (P). The third field gives the
date of the last password change. The next four fields are the minimum age, maximum age,
warning period, and inactivity period for the password. These ages are expressed in days.



Example1:


sudo passwd -S dev |cut -d’ ‘ -f2
P


Where P is This account has a password.


Example2:
sudo passwd -S mysql |cut -d' ' -f2
L


Where L is This account is locked account


Example3:
sudo passwd -S dev | cut -d' ' -f2
NP


Where NP is This account has no password.



NOTE:
LK - password locked 
NP - no password 
PS - password set