shell脚本案例

作者：行癫（盗版必究） ------ ## 一：脚本案例 #### 1.配置静态IP案例 ```shell #!/bin/bash # This script configures a static IP address on CentOS 7 # Define variables for the IP address, netmask, gateway, and DNS servers IP_ADDRESS=192.168.1.100 NETMASK=255.255.255.0 GATEWAY=192.168.1.1 DNS_SERVERS="8.8.8.8 114.114.114.114" # Backup the original network configuration file cp /etc/sysconfig/network-scripts/ifcfg-ens33 /etc/sysconfig/network-scripts/ifcfg-ens33.bak # Modify the network configuration file with the static IP address, netmask, gateway, and DNS servers cat << EOF > /etc/sysconfig/network-scripts/ifcfg-ens33 TYPE=Ethernet BOOTPROTO=none NAME=ens33 DEVICE=ens33 ONBOOT=yes IPADDR=$IP_ADDRESS NETMASK=$NETMASK GATEWAY=$GATEWAY DNS1=${DNS_SERVERS%% *} DNS2=${DNS_SERVERS##* } EOF # Restart the network service to apply the changes systemctl restart network # Display the new network configuration ip addr show ens33 ``` centos stream 9 ```shell [root@xingdiancloud ~]# bash network.sh #!/bin/bash #auther：xingdian NET_DIR=`ls /etc/NetworkManager/system-connections/` NET_PATH="/etc/NetworkManager/system-connections/" read -p "请输入IP地址: " ipadd read -p "请输入子网掩码,例如24: " netmask read -p "请输入默认网关: " gateway read -p "请输入dns地址: " dns read -p "输入设备名字: " name # 备份原配置 if [ -f ${NET_PATH}${name}.nmconnection.bak ];then rm -rf ${NET_PATH}${name}.nmconnection.bak else cp ${NET_PATH}${NET_DIR} ${NET_PATH}${NET_DIR}.bak fi cat > ${NET_PATH}${name}.nmconnection < /dev/null if [ $? -eq 0 ];then echo "防火墙已经成功关闭....." else echo "防火墙关闭失败，请手动关闭！！！" fi setenforce 0 && sed -i '/^SELINUX/c SELINUX=disabled' /etc/selinux/config if [ $? -eq 0 ];then echo "selinux已经成功关闭....." else echo "selnux关闭失败，请手动关闭！！！" fi echo # 外网检测 echo "正在检测网络是否能上外网......" echo ping -c 2 www.baidu.com &> /dev/null if [ $? -eq 0 ];then echo "网络正常" else echo "网络不可达！" fi echo # 配置yum源-这里选用阿里源 echo "配置yum源中....." echo yum install -y wget &> /dev/null if [ $? -ne 0 ];then echo "wget 安装失败........." systemctl restart network yum repolist &> /dev/null sleep 2 fi mkdir -p /root/YUM_backup mv /etc/yum.repos.d/* /root/YUM_backup wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo &>/dev/null wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo &>/dev/null yum clean all &>/dev/null && yum reppolist &>/dev/null echo "你的yum源有:" $(ls /etc/yum.repos.d) sleep 2 # 配置主机名和host文件 echo "正在配置你的主机名..." echo read -p "请输入你的主机名:" host hostname(){ hostnamectl set-hostname $host } hostname host && echo -e "主机名设置成功!!" echo "正在配置你的hosts文件..." ip=$(ip a | grep ens33 |grep inet |awk '{print $2}' | awk -F"/" '{print $1}') echo "$ip $host" >> /etc/hosts echo "hosts配置完成!!!" # 安装基础软件包 echo "安装基础软件包中....." echo yum install -y vim wget unzip yum_utils &>/dev/null if [ $? -eq 0 ];then echo "安装完成....." else echo "安装失败..... " fi # 时间同步 echo echo "时间同步中……" yum install -y ntpdate &> /dev/null ntpdate cn.pool.ntp.org &> /dev/null file=$(who | head -1 | cut -d" " -f1) echo "* */1 * * * /usr/sbin/ntpdate cn.pool.ntp.org" > /var/spool/cron/$file if [ $? -eq 0 ];then echo "时间同步成功！！！" echo "unset MAILCHECK" >> /etc/profile source /etc/profile &> /dev/null else echo "时间同步失败！！！" fi ``` #### 3.获取系统信息 ```shell #!/bin/bash #此脚本获取系统centos7.x/centos stream9.x #auther：xingdian #查看服务器硬件型号 hard_type=`dmidecode |grep "Product Name"|tr "\n" " "` #获取服务器型号 sn=`dmidecode |grep -A 3 "Product Name" |grep "Serial Number"|grep -v "None"` #获取硬件序列码 ##系统信息 version=`cat /etc/redhat-release` #版本 kernel=`uname -r` #内核 ##cpu phy_cpu_num=`grep 'physical id' /proc/cpuinfo | sort | uniq | wc -l` #物理CPU数量 nuclear=`grep vendor_id /proc/cpuinfo|wc -l` #逻辑核数(线程) ##内存\Swap mem=`free -m|grep Mem|awk '{print $2"M"}'` #内存总大小 user_mem=`free -m|grep Mem|awk '{print $3"M"}'` #已用内存大小 swap=`free -m |grep Swap|awk '{print $2"M"}'` #swap总大小 user_swap=`free -m |grep Swap|awk '{print $3"M"}'` #已用swap大小 #最大支持内存数 max_memory=`dmidecode|grep -P 'Maximum\s+Capacity'` ##负载 loadavg=`uptime |awk -F: '{print $NF}'` #系统负载 ##网络 network=`[[ $(curl -o /dev/null --connect-timeout 3 -s -w "%{http_code}" www.baidu.com) -eq 200 ]] && echo yes || echo no` #根据curl www.baidu.com的返回状态码来判断是否能上网 ip_addr=`ip address|grep -w "inet"|grep -v "127.0.0.1"|awk -F "[ /]+" '{print $3,$NF}'` #获取除了回环地址之外的所有网卡的ip地址和对应的网卡名 ##磁盘 disk_zong=`df -Th | grep -w '/' | awk '{print $3}'` #获取系统盘的总大小 disk_user=`df -Th | grep -w '/' | awk '{print $4}'` #获取系统盘已用大小 disk_lsbl=`lsblk` #硬盘分区分布 ##其他 system_time=`awk '{a=$1/86400;b=($1%86400)/3600;c=($1%3600)/60;d=$1%60} {printf("%ddays, %d:%d:%d\n",a,b,c,d)}' /proc/uptime` #开机时长 sys_begin=`date -d "$(awk -F. '{print $1}' /proc/uptime) second ago" +"%Y-%m-%d %H:%M:%S"` #开机时间 ##日志 system_log=`du -sh /var/log/ |awk '{print $1}'` #系统日志大小 #进程 tasks=`top -n1 |grep Tasks |awk '{print $2,$4,6}'` #总运行休眠 system(){ echo " |硬件型号： $hard_type |序列号： $sn |版本： $version |内核： $kernel |物理CPU个数：$phy_cpu_num 逻辑核数： $nuclear"个" |负载：$loadavg |内存： $mem #最大支持内存：$max_memory |已用： $user_mem |swap: $swap |已用: $user_swap |是否可以上网： $network |本地IP地址: $ip_addr |系统磁盘大小: $disk_zong |系统磁盘已用: $disk_user |日志：系统日志大小为$system_log |开机： $sys_begin |至今： $system_time 硬盘分区 ---------------------------------------------------------------------- $disk_lsbl ---------------------------------------------------------------------- ---------------------------------------------------------------------- " } system ##端口扫描 echo "监听的端口扫描 ----------------------------------------------------------------------" portarray=(`sudo netstat -tnlp|egrep -i "$1"|awk {'print $4'}|awk -F':' '{if ($NF~/^[0-9]*$/) print $NF}'|sort|uniq`) length=${#portarray[@]} #统计元素个数 printf "{\n" printf '\t'port":" for ((i=0;i<$length;i++)) do printf '\n\t\t{' printf "\"{#TCP_PORT}\":\"${portarray[$i]}\"}" if [ $i -lt $[$length-1] ];then printf ',' fi done printf "\n\t\n" printf "}\n" echo "---------------------------------------------------------------------- " ``` #### 4.sshpass登录远程服务器与验证 ```shell sshpass安装后，可以在控制台输入sshpass命令查看所有选项参数： $ sshpass Usage: sshpass [-f|-d|-p|-e] [-hV] command parameters -f filename Take password to use from file -d number Use number as file descriptor for getting password -p password Provide password as argument (security unwise) -e Password is passed as env-var "SSHPASS" With no parameters - password will be taken from stdin -P prompt Which string should sshpass search for to detect a password prompt -v Be verbose about what you're doing -h Show help (this screen) -V Print version information At most one of -f, -d, -p or -e should be used 如上所示，command parameters为你要执行的需要交互式输入密码的命令，如：ssh、scp等。当sshpass没有指定参数时会从stdin获取密码，几个密码输入相关参数如下： -f filename：从文件中获取密码 -d number：使用数字作为获取密码的文件描述符 -p password：指定明文本密码输入(安全性较差) -e：从环境变量SSHPASS获取密码远程连接指定ssh的端口： [root@linuxcool ~]# sshpass -p "password" ssh username@ip 本地执行远程机器的命令： [root@linuxcool ~]# sshpass -p "password" ssh -p 8443 username@ip 从密码文件读取文件内容作为密码去远程连接主机： [root@linuxcool ~]# sshpass -p xxx ssh root@192.168.11.11 "ethtool eth0" 从远程主机上拉取文件到本地： [root@linuxcool ~]# sshpass -p '123456' scp root@host_ip:/home/test/t ./tmp/ ``` #### 5.免密脚本 ```shell yum -y install expect #生成并拷贝ssh_key到远程机器 rm -rf /root/.ssh/* /usr/bin/expect <