set date +90 days in bash script

0

I have a bash script to get days from AD since password was created. I need it to tell me the expiration date, which is last set date + 90 days

#!/bin/bash

pass="$(ldapsearch -Y GSSAPI -Q -H ldap:///dc%3Dant%2Cdc%3Dwork%2Cdc%3Dcom -b DC=ant,DC=work,DC=com -s sub cn=$1 | grep -Ew 'pwdLastSet:' | awk '{print $2}')"
epoch="$(((${pass}/10000000)-11644473600))"
pwdSet="$(date -d @${epoch})"
expires="$("${pwdSet}" --date +90+days)"

echo "pwdLastSet: "$pwdSet
echo "pwdExpires: "$expires

The line; expires="$("${pwdSet}" --date +90+days)"

Is the problematic one

eekfonky

Posted 2019-11-03T17:11:44.943

Reputation: 145

You know that's really not advised any more, to force password changes periodically. It makes users repeat simple patterns or write them down. Advisories from UK & US official bodies, from 3 years ago.

– Tetsujin – 2019-11-03T17:22:08.290

Yeah, not my rules, I'm just looking to get some information – eekfonky – 2019-11-03T17:22:55.390

Yeah, people keep using that excuse - try telling the ones who make the rules that it's a really bad idea. – Tetsujin – 2019-11-03T17:24:09.603

A bit off topic, but sure, I'll get right on that – eekfonky – 2019-11-03T17:24:43.930

Excellent. Spread the word ;-)) – Tetsujin – 2019-11-03T17:26:33.943

Answers

1

The line doesn't make any sense. Bash doesn't have anything like date objects in PowerShell; $pwdSet is just a string, and is being interpreted as a command to run.

So you need to use a tool which would take a date and an offset; date -d could be convinced to do this, but it depends on the date format.

However, it's much simpler to adjust the epoch time by adding the needed amount of seconds, and only convert the final result to a date:

expires=$(date -d "@$((epoch + 86400*90))")

1 day is almost always 86400 seconds.

user1686

Posted 2019-11-03T17:11:44.943

Reputation: 283 655

Asked: 2019-11-03T17:11:44.943

Viewed: 29 times

Active: 2019-11-03T17:29:34.333