I am checking the password complexity of ocredit
in /etc/pam.d/password-auth
which is this line :
password requisite pam_pwquality.so try_first_pass retry=3 minlen=8 lcredit=-1 ucredit=-1 dcredit=-1 ocredit=1 gecoscheck=1
I would like to grep the ocredit value "1" and make it as variable, let say check_ocredit
.
My script would be checking, if the ocredit value is not 0, then it will return "true", otherwise, it will show what is the current value set in /etc/pam.d/password-auth
.
Here's my logic that I'm going to implement :
if [[ $check_ocredit -ne "0" ]]
then
true
else
echo "Current ocredit value is : $check_ocredit"
fi
The output will looks like this :
Current ocredit value is : 1
I try with :
grep ocredit /etc/pam.d/password-auth | awk '{print $10}' | awk -F "=" '{print $2}'
But I was thinking, what if ocredit is missing, or it is not at 10th position.. so my result would be wrong. Can anyone advice me on this?