hoping to expand the question asked here, about finding users with empty passwords. What I want is filter out the system accounts that the line
sudo getent shadow | grep '^[^:]*:.\?:' | cut -d: -f1
prints out when I run it.
My problem is that I want to be able to display only the users accounts with empty passwords that were added by script or via terminal in my system, a.k.a. the "real" people, as well as the accounts that I've made myself.
What happens now:
~$ sudo useradd bob
~$ sudo getent shadow | grep '^[^:]*:.\?:' | cut -d: -f1
Sudo password for user: [pw]
daemon
bin
sys
[...]
rtkit
saned
usbmux
bob
~$
What is desired:
~$ sudo useradd bob
~$ sudo [getent command for the problem]
Sudo password for user: [pw]
bob
~$
In other words, when I add Bob without a password, I want to be able to see only him.
This is probably not well worded so please ask for further clarification.
The use for this is to find all users with the mentioned properties and delete them. Thus, I don't want to delete system-created accounts.
Update 1: Corrected typos.
Update 2: I have found that I can filter out all users by their ID, which is the third field received by getent.
Thus, running 2 grep though a pipeline, like this:
sudo getent shadow | grep '^[^:]*:.\?:' | grep (regex) | cut -d: -f1
will get the job done.
Now, the regular expression I understand that I should use is '.:.:[^(17212)]:.:.:.:.:.:.', but it just doesn't bring back any matches.
Can someone suggest any alternatives?
I use Ubuntu 16.04.
Thank you for your help.
Using the following:
sudo getent shadow | awk -F ':' '{print $1 \" \"$2 \" \" $3}
in combination with a custom parser in the script has enabled me to get all user accounts with empty password in a list inside the application.
Then, with the 17212 property, I can tell apart system accounts from user accounts.
Be warned, this way of telling system accounts from user accounts may not work for you. (credit to @MirMasej in the comments)