#!/bin/sh
#
# Check administrative accounts to see if they exist and if so 
# if they are locked and if not whether they have valid shells.
#
#SYSTEMS: Solaris, Linux
######COMMON######
MSG="# Checking certain admin accounts for a valid shell..."
echo ""; echo "$MSG"
PASSWD=/etc/passwd
ACCTS="daemon bin adm lp uucp nuucp listen nobody noaccess nobody4 smtp smmsp"
for i in `echo $ACCTS`; do
  PLINE=`grep "^$i:" $PASSWD`
  if [ "$PLINE" != "" ]; then  #Account exists
    SHELL=`echo $PLINE | awk -F: '{print $7}'`
    if [ "$SHELL" = "" -o "$SHELL" = "/bin/sh" ]; then  #A valid shell found!
       if [ "$SHELL" = "" ]; then
         SHELL="/usr/bin/sh"
       fi
      echo "--WARN-- [ADMIN001w] The administrative account $i has a valid login shell of $SHELL."
    fi
  fi
done
    