My /etc/pam.d/system-auth-ac has the below auth parameters set:
我/etc/pam.d/system- authac设置如下auth参数:
auth required pam_env.so
auth sufficient pam_unix.so nullok try_first_pass
auth requisite pam_succeed_if.so uid >= 500 quiet
auth required pam_deny.so
I want to insert pam_tally2.so just after pam_env.so. So I want it to be:
我想插入pam_tally2。所以pam_env.so之后。所以我希望它是:
auth required pam_env.so
auth required pam_tally2.so onerr=fail audit silent deny=5 unlock_time=900
auth sufficient pam_unix.so nullok try_first_pass
auth requisite pam_succeed_if.so uid >= 500 quiet
auth required pam_deny.so
The script that I'm using is :
我使用的脚本是:
#! /bin/bash
grep "pam_tally2" /etc/pam.d/system-auth-ac &> /dev/null
if [ $? -ne 0 ];
then
sed -i '/^[]*account[]*required[]*pam_unix.so/aauth\trequired\tpam_tally2.so onerr=fail audit silent deny=5 unlock_time=900' /etc/pam.d/system-auth-ac
else
sed -i 's/.*pam_tally2.*/auth\trequired\tpam_tally2.so onerr=fail audit silent deny=5 unlock_time=900/1' /etc/pam.d/system-auth-ac
fi
But it gives this error:
但它给出了一个错误:
sed: -e expression #1, char 116: unterminated address regex
What am I doing wrong ?
我做错了什么?
3 个解决方案
#1
2
You can use a command in gnu-sed:
您可以使用gnu-sed中的命令:
sed -i.bak '/pam_env\.so$/a\
auth required pam_tally2.so onerr=fail audit silent deny=5 unlock_time=900
' /etc/pam.d/system-auth-ac
EDIT: Looking at your posted answer it seems this awk command will be more suitable for you than grep and 2 sed commands in if/else condition:
在if/else条件下,这个awk命令似乎比grep和2个sed命令更适合您:
val='auth\trequired\tpam_tally2.so onerr=fail audit silent deny=5 unlock_time=900'
awk -v val="$val" '/^auth[[:blank:]]+required[[:blank:]]+pam_env\.so/ {
print $0 RS val; next} /pam_tally2\.so/{next} 1' /etc/pam.d/system-auth-ac
auth required pam_env.so
uth required pam_tally2.so onerr=fail audit silent deny=5 unlock_time=900
auth sufficient pam_unix.so nullok try_first_pass
auth requisite pam_succeed_if.so uid >= 500 quiet
auth required pam_deny.so
#2
1
You may use the below sed command.
您可以使用下面的sed命令。
sed 's/^auth[[:blank:]]\+required[[:blank:]]\+pam_env\.so/&\nauth required pam_tally2.so onerr=fail audit silent deny=5 unlock_time=900' file
Your regex fails because you're repeating an empty character class [], zero or more times, which won't make any sense. So you need to change []* to [ ]* or <space>* to repeat an empty space character zero or ore times.
您的regex失败了,因为您正在重复一个空字符类[],0次或更多次,这没有任何意义。因此,您需要将[]*更改为[]*或
#3
0
My Script actually should have been:
我的剧本应该是:
#! /bin/bash
grep "pam_tally2" /etc/pam.d/system-auth-ac &> /dev/null
if [ $? -ne 0 ];
then
sed -i '/^[ ]*auth[ ]*required[ ]*pam_env.so/aauth\trequired\tpam_tally2.so onerr=fail audit silent deny=5 unlock_time=900' /etc/pam.d/system-auth-ac
else
sed -i 's/.*pam_tally2.*/auth\trequired\tpam_tally2.so onerr=fail audit silent deny=5 unlock_time=900/1' /etc/pam.d/system-auth-ac
fi
Works fine!
没问题!
#1
2
You can use a command in gnu-sed:
您可以使用gnu-sed中的命令:
sed -i.bak '/pam_env\.so$/a\
auth required pam_tally2.so onerr=fail audit silent deny=5 unlock_time=900
' /etc/pam.d/system-auth-ac
EDIT: Looking at your posted answer it seems this awk command will be more suitable for you than grep and 2 sed commands in if/else condition:
在if/else条件下,这个awk命令似乎比grep和2个sed命令更适合您:
val='auth\trequired\tpam_tally2.so onerr=fail audit silent deny=5 unlock_time=900'
awk -v val="$val" '/^auth[[:blank:]]+required[[:blank:]]+pam_env\.so/ {
print $0 RS val; next} /pam_tally2\.so/{next} 1' /etc/pam.d/system-auth-ac
auth required pam_env.so
uth required pam_tally2.so onerr=fail audit silent deny=5 unlock_time=900
auth sufficient pam_unix.so nullok try_first_pass
auth requisite pam_succeed_if.so uid >= 500 quiet
auth required pam_deny.so
#2
1
You may use the below sed command.
您可以使用下面的sed命令。
sed 's/^auth[[:blank:]]\+required[[:blank:]]\+pam_env\.so/&\nauth required pam_tally2.so onerr=fail audit silent deny=5 unlock_time=900' file
Your regex fails because you're repeating an empty character class [], zero or more times, which won't make any sense. So you need to change []* to [ ]* or <space>* to repeat an empty space character zero or ore times.
您的regex失败了,因为您正在重复一个空字符类[],0次或更多次,这没有任何意义。因此,您需要将[]*更改为[]*或
#3
0
My Script actually should have been:
我的剧本应该是:
#! /bin/bash
grep "pam_tally2" /etc/pam.d/system-auth-ac &> /dev/null
if [ $? -ne 0 ];
then
sed -i '/^[ ]*auth[ ]*required[ ]*pam_env.so/aauth\trequired\tpam_tally2.so onerr=fail audit silent deny=5 unlock_time=900' /etc/pam.d/system-auth-ac
else
sed -i 's/.*pam_tally2.*/auth\trequired\tpam_tally2.so onerr=fail audit silent deny=5 unlock_time=900/1' /etc/pam.d/system-auth-ac
fi
Works fine!
没问题!