Probably no real way to avoid it. Here's how I solved that problem a number of years ago. Wish I could find the original script, I'd just post it, but here's the psuedocode for it: 

if backup of shadow file does not exist:
  a) copy shadow file to backup name
  b) exit
else 
  a) read in shadow file into a hash 
         userid => encrypted password
  b) read in backup shadow file into a hash
         userid => encrypted password
  c) loop through shadow hash
      1) push userid into changed array if 
         password fields do not match
      2) push userid into new id array if 
         userid does not exist in backup hash
  d) copy present file into backup file
  e) email results

[download]

Since everything is kept "local" this can easily be replicated to all the machine you support somewhat painlessly and doesn't require a "database" in the true sense of the word.

If the backup copy of the shadow file doesn't exist, the assumption is that this is the first time the script has been run on a particular machine and no action other than creating the backup copy of the shadow file.

Take care that you preserve permissions such that you don't compromize the shadow file or its copy.

Peter L. Berghold -- Unix Professional
Peter -at- Berghold -dot- Net; AOL IM redcowdawg Yahoo IM: blue_cowdawg

In reply to Re: /etc/shadow logging by blue_cowdawg
in thread /etc/shadow logging by rementis

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.