#! /bin/bash 
#list user who belong to more than one group 
#and list user who belong to the group which isn't the same as the username 
#w is whITelist,we will not think user in this whitelist is sPEcial or dangerous w=("root" "adm" "games" "operator" "halt" "shutdown" "sync" "daemon" "bin" "operator") function WhiteList() 
{ 
    for i in ${w[@]} 
    do
        if [ "$i" == "$1" ];then
            return 1 
        fi
    done
    return 0 
} 
IFS=" 
" for LINE in `cat /etc/passwd|awk -F: '{PRint $1}'` do
    WhiteList $LINE; 
    #if $? equal 1,means it is in the whitelist     if [ $? -eq 0 ];then
        a=`groups $LINE|awk -F: '{print $2}'` 
        b=`echo $a` 
        if [ "$b" != "$LINE" ];then
            #echo $LINE             echo `groups $LINE` 
        fi
    fi done