Listing 1: remove_passwd.ksh

#!/bin/ksh
# Short script to replace the encrypted password
# strings in /etc/passwd with an asterisk (*)

if test ! -w /etc/passwd
then
print 'Please su to root first.'
exit 1
fi

trap 'rm -rf /etc/ptmp ; exit 1' 1 2

if [[ `rcmgr get SECURITY` = BASE ]]
then
print 'Security Level is not ENHANCED.'
exit 1
fi

if mkdir /etc/ptmp
then
:
else
print 'The /etc/passwd file is busy.  Try again later.'
exit 1
fi

awk 'FS=":", OFS=":" {print $1,"*",$3,$4,$5,$6,$7}' /etc/passwd > \
/etc/ptmp/passwd.modified

cp /etc/ptmp/passwd.modified /etc/passwd

if [ -f /etc/passwd.pag -o -f /etc/passwd.dir ]
then
print 'Rebuilding the password database...'
( cd /etc ; mkpasswd passwd )
else
print 'The hashed password database does not exist.'
print -n 'Do you want to create it ([y]/n)? '
if read Y
then
case "${Y}"

in [yY]*|'') print 'Rebuilding the password data base...'
( cd /etc ; mkpasswd passwd ) ;;
esac
fi
fi

rm -rf /etc/ptmp
print 'Successfully replaced encrypted passwords with asterisks'
exit 0

# End of File