From 9e82c08cd538b651221a20ac5c2f7f5b1224c67c Mon Sep 17 00:00:00 2001
From: Samson-W <sccxboy@gmail.com>
Date: Fri, 7 Sep 2018 17:44:27 +0800
Subject: [PATCH] Add check_password_by_pam function,

---
 lib/utils.sh | 34 ++++++++++++++++++++++++++++++++++
 1 file changed, 34 insertions(+)

diff --git a/lib/utils.sh b/lib/utils.sh
index cb4b07d..9754923 100644
--- a/lib/utils.sh
+++ b/lib/utils.sh
@@ -441,3 +441,37 @@ verify_integrity_all_packages()
     fi
 }
 
+check_password_pam()
+{
+    LOCATION=$1
+    KEYWORD=$2
+    OPTION=$3
+    COMPARE=$4
+    CONDITION=$5
+
+    #Example:
+    #LOCATION="/etc/pam.d/common-password"  
+    #For debian is common-password ,for Gentoo and Red hat the file is system-auth
+    #KEYWORD="pam_cracklib.so"
+    #OPTION="ocredit"
+    #COMPARE="gt"
+    #CONDITION="-1"
+
+    if [ -f "$LOCATION" ];then
+        RESULT=$(sed -e '/^#/d' -e '/^[ \t][ \t]*#/d' -e 's/#.*$//' -e '/^$/d' $LOCATION | grep "$KEYWORD.*$OPTION")
+        #above line is remove any comment in the configuration file and use grep to output a exit status
+        #if matched both $KEYWORD and $OPTION there is a success exit status: 0
+        if [ $? -eq 0 ];then
+            if [ "$(echo $RESULT | tr "\t" "\n" | tr " " "\n" | sed -n "/$OPTION/p"| awk -F "=" '{printf $2}')" -$(echo $COMPARE) "$CONDITION" ];then
+                FNRET=1
+            else
+                FNRET=0
+            fi  
+        else
+            FNRET=1
+        fi
+    else
+        FNRET=2
+    fi
+}
+