How can one test for password on an account?

I’m writing a script that we are going to use for remote software upgrades. One of the things this script needs to do is change some file permissions on exectuables to allow them to run as root to access hardware.

What I am currently doing in my script is to issue:

su root ‘script_to_execute’

This works fine as long as root does not have a password. If root does have a password (and it will in the final production environment) then it prompts for one. However there is no way for my script to enter a password (or is there?). At that point everything hangs waiting for a password that never comes and to the user on the remote end it looks as if the update is hung.

What I want to do is add some code before the su command to test to see if the root account has a password. If it does then I’ll bypass that step and inform the user they need to telnet in an run the script manually.

My question is, how can I determine if the root account has a password. My first thought is to simply grep the /etc/passwd file and check the root line to see if it’s ‘root::0:0…’ or root:X:0:0…’. But I thought there must be a more elegant way I can do this from the shell.

Or better yet, maybe someone knows a way to pass in a password argument to the su command.



You could just setuid your ‘script_to_execute’, it is more secure than to have an empty password root account.