#20170804
查看正在访问某文件/目录进程#######################################
fuser /path/to/file(dir)
sudoers#######################################
# cat /etc/sudoers.d/usr01
Cmnd_Alias DENYCMD = !/usr/bin/passwd,!/usr/bin/passwd root,!/bin/vi /etc/sudoers,!/usr/bin/vim /etc/sudoers,!/usr/sbin/visudo,!/bin/vi /etc/ssh/*,!/usr/bin/vim /etc/ssh/*,
!/bin/chmod 777 /etc/*,!/bin/chmod 777 *,!/bin/chmod 777,!/bin/chmod -R 777 *
Cmnd_Alias DENYRMCMD = !/bin/rm /*,!/bin/rm /,!/bin/rm -rf /,!/bin/rm -rf /*,!/bin/rm /etc,!/bin/rm -r /etc,!/bin/rm -rf /etc,!/bin/rm /etc/*,!/bin/rm -r /etc/*,!/bin/rm -rf /etc/*,!/bin/rm /root,!/bin/rm -r /root,!/bin/rm -rf /root,!/bin/rm /root/*,!/bin/rm -r /root/*,!/bin/rm -rf /root/*,!/bin/rm /bin,!/bin/rm -r /bin,!/bin/rm -rf /bin,!/bin/rm /bin/*,!/bin/rm -r /bin/*,!/bin/rm -rf /bin/*
Cmnd_Alias DENYSUDOI = !/usr/bin/sudo -i,!/bin/su *root*,!/bin/bash,!/bin/sh,!/bin/tcsh
usr01 ALL=(ALL) NOPASSWD: ALL,DENYCMD,DENYRMCMD,SUDOI
sudo命令白名单
Cmnd_Alias PERMIT = /sbin/route, /sbin/ifconfig, /bin/ping, /sbin/dhclient, /usr/bin/net, /sbin/iptables, /usr/bin/rfcomm, /usr/bin/wvdial, /sbin/iwconfig, /sbin/mii-tool, /bin/rpm,/usr/bin/up2date, /usr/bin/yum, /sbin/service, /sbin/chkconfig, /sbin/fdisk, /sbin/sfdisk,/sbin/parted, /sbin/partprobe, /bin/mount, /bin/umount, /bin/nice, /bin/kill, /usr/bin/kill, /usr/bin/killall
Cmnd_Alias SU = /bin/su,!/bin/su *root*
Cmnd_Alias CHMOD = !/bin/chmod 777 *,!/bin/chmod -R 777 *
Cmnd_Alias RM = !/bin/rm /*,!/bin/rm /,!/bin/rm -rf /,!/bin/rm -rf /*,!/bin/rm /etc,!/bin/rm -r /etc,!/bin/rm -rf /etc,!/bin/rm /etc/*,!/bin/rm -r /etc/*,!/bin/rm -rf /etc/*,!/bin/rm /root,!/bin/rm -r /root,!/bin/rm -rf /root,!/bin/rm /root/*,!/bin/rm -r /root/*,!/bin/rm -rf /root/*,!/bin/rm /bin,!/bin/rm -r /bin,!/bin/rm -rf /bin,!/bin/rm /bin/*,!/bin/rm -r /bin/*,!/bin/rm -rf /bin/*
bmdba ALL=(ALL) NOPASSWD: PERMIT,SU,CHMOD,RM
sudo命令黑名单
Cmnd_Alias DENYSUROOT = !/bin/bash,!/bin/sh,!/bin/tcsh,!/usr/sbin/visudo,!/bin/su *root*
Cmnd_Alias DENYVI = !/usr/bin/vim,!/bin/vi,!/bin/echo
Cmnd_Alias DENYCMD = !/usr/bin/passwd,!/usr/bin/passwd root,!/bin/chmod 777 /etc/*,!/bin/chmod 777,!/bin/chmod 777 *,!/bin/chmod -R 777 *
Cmnd_Alias DENYRMCMD = !/bin/rm /*,!/bin/rm /,!/bin/rm -rf /,!/bin/rm -rf /*,!/bin/rm /etc,!/bin/rm -r /etc,!/bin/rm -rf /etc,!/bin/rm /etc/*,!/bin/rm -r /etc/*,!/bin/rm -rf /etc/*,!/bin/rm /root,!/bin/rm -r /root,!/bin/rm -rf /root,!/bin/rm /root/*,!/bin/rm -r /root/*,!/bin/rm -rf /root/*,!/bin/rm /bin,!/bin/rm -r /bin,!/bin/rm -rf /bin,!/bin/rm /bin/*,!/bin/rm -r /bin/*,!/bin/rm -rf /bin/*
linux获取自己的外网IP#######################################
curl ifconfig.me
curl icanhazip.com
curl ident.me
curl ipecho.net/plain
curl whatismyip.akamai.com
curl myip.dnsomatic.com
curl http://ip.3322.net
disk io 测试#######################################
磁盘写速度测试:
# sync;/usr/bin/time -p bash -c "(dd if=/dev/zero of=test.dd bs=1M count=20000)"
20000+0 records in
20000+0 records out
20971520000 bytes (21 GB) copied, 185.653 s, 113 MB/s
real 185.66
user 0.01
sys 20.99
腾讯云cfs写速度
# sync;/usr/bin/time -p bash -c "(dd if=/dev/zero of=/tx_cfs/test.dd bs=1M count=20000)"
20000+0 records in
20000+0 records out
20971520000 bytes (21 GB) copied, 436.983 s, 48.0 MB/s
real 436.98
user 0.01
sys 11.98
磁盘读速度测试:
# echo 3 > /proc/sys/vm/drop_caches && /usr/bin/time -p dd if=test.dd of=/dev/null bs=1M
20000+0 records in
20000+0 records out
20971520000 bytes (21 GB) copied, 224.633 s, 93.4 MB/s
real 224.76
user 0.06
sys 11.75
腾讯云cfs读速度
echo 3 > /proc/sys/vm/drop_caches && /usr/bin/time -p dd if=/tx_cfs/test.dd of=/dev/null bs=1M
20000+0 records in
20000+0 records out
20971520000 bytes (21 GB) copied, 278.183 s, 75.4 MB/s
real 278.29
user 0.05
sys 8.82
awk []就是分隔符#######################################
# cat /sys/kernel/mm/transparent_hugepage/enabled
[always] madvise never
[root@VM_35_216_centos ~]# cat /sys/kernel/mm/transparent_hugepage/enabled | awk -F [][] '{print $2}'
always
ssh连接IP白名单#######################################
AllowUsers root@183.21.89.249
ansible sudo to root#######################################
# bruce用户身份,sudoing到root用户
ansible all -m ping -u bruce --sudo
echo颜色#######################################
echo -e "some text \033[31m red \033[0m"
echo -e "some text \033[32m green \033[0m"
sed过滤替换#######################################
# cat sedtest
naughty is a girlgirl
03.cc is a girl
girlgirl is naughty
[root@node0 tmp]# sed -i "/^naughty/c\\naughty is a girl" sedtest
[root@node0 tmp]# cat sedtest
naughty is a girl
03.cc is a girl
girlgirl is naughty
shell脚本编辑文件&&vimrc#######################################
cat << EOF > /root/.vimrc
set ts=4
set expandtab
set smartindent
set history=10000
autocmd BufNewFile *.sh exec ":call SetTitle()"
func SetTitle()
if &filetype == 'sh'
call setline(1,"\##########################################################")
call append(line("."), "\# File Name: ".expand("%"))
call append(line(".")+1, "\# Author: YOUR_NAME")
call append(line(".")+2, "\# Mail: YOUR_EMAIL@mail.com")
call append(line(".")+3, "\# Created Time: ".strftime("%c"))
call append(line(".")+4, "\##########################################################")
call append(line(".")+5, "\#!/bin/bash")
call append(line(".")+6, "")
call append(line(".")+7, "\#Write Log")
call append(line(".")+8, "log(){")
call append(line(".")+9, "\treturn")
call append(line(".")+10, "}")
call append(line(".")+11, "")
call append(line(".")+12, "\#Shell Usage")
call append(line(".")+13, "usage(){")
call append(line(".")+14, "\treturn")
call append(line(".")+15, "}")
call append(line(".")+16, "")
call append(line(".")+17, "\#shell_lock()")
call append(line(".")+18, "lock(){")
call append(line(".")+19, "\treturn")
call append(line(".")+20, "}")
call append(line(".")+21, "")
call append(line(".")+22, "\#shell_unlock()")
call append(line(".")+23, "unlock(){")
call append(line(".")+24, "\treturn")
call append(line(".")+25, "}")
call append(line(".")+26, "")
endif
endfunc
autocmd BufNewFile * normal G
EOF
创建普通用户并分配root权限#######################################
不要这个
useradd admin && \
echo '*0+m&djD5oo' | passwd --stdin admin && \
echo 'admin ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers
新添加用户并添加公钥#######################################
有问题: useradd seentech;mkdir /home/seentech/.ssh;cd /home/seentech/.ssh;vim authorized_keys
没问题: useradd seentech && mkdir /home/seentech/.ssh && cd /home/seentech/.ssh && vim authorized_keys
服务器公网IP禁ping#######################################
iptables -A INPUT -d 122.13.72.237 -p icmp --icmp-type 8 -s 0/0 -j DROP
判断软件是否安装#######################################
rpm -qa zabbix-agent | grep -q "zabbix-agent" && echo "dont install" || echo "install it"
脚本加锁#######################################
LOCKFILE=/tmp/`basename $0`.lock
[ -f $LOCKFILE ] && trap "echo $LOCKFILE exist,bye!" EXIT || touch $LOCKFILE
删除指定目录开头#######################################
/bin/rm -rf routerData[3-9]*
git代码#######################################
cd /path/to/web_site_dir
su wwwww
git clone git@git.100msh.com:liuchengchi/100msh_keyuan2.git ./
git pull
调试shell脚本时可以加入这个暂停#######################################
read -t 30 -p "scripts $1 go on after 30s, Ctrl+C will stop script"
#echo $REPLY
find定时删日志文件#######################################
find /usr/local/remotemysql -name "*log*CNGZ01PL0005*" -mtime +4 -exec /bin/rm -f {} \;
强制踢用户下线#######################################
whoami 查看自己用户名
who 查看所有用户和访问者IP
who am i 查看自己tty
pkill -kill -t pts/1 把pts/1对应用户踢下线
awk示例#######################################
命令行选项 -F"[@ /t]" 告诉awk @, 空格和Tab都是字段分隔符,例如:
awk -F"[@ /t]" '{print $2,$3}' test
以@,空格,Tab键分割test文件的每一行,并输出第二、第三列。
awk '$2~/^(126|yahoo)/{print $2, $3}' test
如果改行的第二个字段以"123"或"yahoo"开始,则输出改行的第二、第三列。
awk '$1~/[0-9][0-9]$/{print $1, $3}' test
如果改行的最后两个字段以数字结束,则输出改行的第一、第三列。
awk '/mail/{print $0}' test
输出test文件中含有"mail"字符串的行
awk '$2~/mail/{print $0}' test
输出test文件中第二个字段含有"mail"字符串的行
awk '$2 == "gmail.com"{$1 = "ggg";print}' test
输出test文件中第二个字段是"gmail.com"的行,并把改行第一列改为"ggg"
awk '$2 == "gmail.com"{$1 = "ggg"}{print}' test
输出test文件中所有行,并且如果第二个字段是"gmail.com",把改行第一列改为"ggg"
awk '{IGNORECASE=1;if($2 ~/^[a-z]/&& $2~/net$/){print $0}}' test
打开test文件,忽略字母大小写,如果第二字段以[a-z]开头,并以"net"结尾,则输出该行。
if的示例#######################################
if [ ! -d /data/svn/$1 ];then
echo "something"
exit
fi
if [ $# -eq 0 ];then
echo "something"
fi
注释多行#######################################
光标移到需要注释的第一行
Ctrl+V
J向下移动(K向上移动)
Shift+I
Shift+#
ESC
重定向#######################################
cmd >a 2>a 和 cmd >a 2>&1 为什么不同?
cmd >a 2>a :stdout和stderr都直接送往文件a ,a文件会被打开两遍,由此导致stdout和stderr互相覆盖。
cmd >a 2>&1 :stdout直接送往文件a ,stderr是继承了FD1的管道之后,再被送往文件a 。a文件只被打开一遍,就是FD1将其打开, 所以会效率比前者更高。
apache、nginx、php、mysql 编译参数查询#######################################
nginx编译参数查看:/usr/local/nginx/sbin/nginx -V
apache编译参数查看:cat /usr/local/apache2/build/config.nice
mysql编译参数查看:cat /usr/local/mysql/bin/mysqlbug | grep CONFIGURE_LINE
php编译参数查看:/usr/local/php/bin/php -i | grep configure
awk参考示例#######################################
$cat student-marks
Jones 2143 78 84 77
Gondrol 2321 56 58 45
RinRao 2122 38 37
Edwin 2537 87 97 95
Dayan 2415 30 47
1. Awk If Example: Check all the marks are exist
$ awk '{
if ($3 =="" || $4 == "" || $5 == "")
print "Some score for the student",$1,"is missing";'
}' student-marks
Some score for the student RinRao is missing
Some score for the student Dayan is missing
2. Awk If Else Example: Generate Pass/Fail Report based on Student marks in each subject
$ awk '{
if ($3 >=35 && $4 >= 35 && $5 >= 35)
print $0,"=>","Pass";
else
print $0,"=>","Fail";
}' student-marks
Jones 2143 78 84 77 => Pass
Gondrol 2321 56 58 45 => Pass
RinRao 2122 38 37 => Fail
Edwin 2537 87 97 95 => Pass
Dayan 2415 30 47 => Fail
3. Awk If Else If Example: Find the average and grade for every student
$ cat grade.awk
{
total=$3+$4+$5;
avg=total/3;
if ( avg >= 90 ) grade="A";
else if ( avg >= 80) grade ="B";
else if (avg >= 70) grade ="C";
else grade="D";
print $0,"=>",grade;
}
$ awk -f grade.awk student-marks
Jones 2143 78 84 77 => C
Gondrol 2321 56 58 45 => D
RinRao 2122 38 37 => D
Edwin 2537 87 97 95 => A
Dayan 2415 30 47 => D
4. Awk Ternary ( ?: ) Example: Concatenate every 3 lines of input with a comma.
$ awk 'ORS=NR%3?",":"\n"' student-marks
Jones 2143 78 84 77,Gondrol 2321 56 58 45,RinRao 2122 38 37
Edwin 2537 87 97 95,Dayan 2415 30 47,
awk变量,if,and#######################################
awk -v name='access.wifiauth_hb-v1.1.gz.100msh.com.log' -vcode=200 '{if($1==name && $2==code) print $0}' nginx_log_stats.txt
logstats#######################################
logfile=/data001/data/logs/nginx/access.wifiauth_hb-v1.1.gz.100msh.com.log
tail -n 1000 $logfile | awk -v name=`basename $logfile` '{a[$10]++}END { for(i in a) print name,i,a[i] }'
date显示多少天前#######################################
date -d "3 day ago" +%Y%m%d 以指定格式显示3天前的日期
date -d "1 month" +%Y-%m-%d 以指定格式显示一个月后的日期
date '+%H' 小时
#获取脚本的绝对路径#######################################
scriptpath=$(readlink -f $0)
#获取脚本的父目录
scriptdir=$(dirname $scriptpath)
上述命令合并:脚本当前目录
scriptdir=$(dirname $(readlink -f $0))
ansible分发定时任务和删除定时任务#######################################
ansible nfauth -m service -a "name=zabbix-agent state=restarted"
ansible nfauth[10-23] -m shell -a '/etc/init.d/zabbix-agent status'
ansible all/192.168.83.104 -m cron -a 'name="ban IP of login" minute=* hour=*/2 day=* month=* weekday=* job="sh /data/x5online/ban_try_login_ip.sh"'
ansible 192.168.83.104 -m cron -a "name="ban IP of login" state=absent"
ansible bfauth -m shell -a 'mkdir -pv /data001/apps/php/etc/old_conf'
ansible bfauth -m copy -a 'src=/root/bfauth20170615/php.ini dest=/data001/apps/php/etc'
ansible bfauth -m cron -a 'name="clean cache" minute=15 hour=3 day=* month=* weekday=* job="bash /root/bin/freecache.sh"'
[txzg]
119.29.142.189 ansible_ssh_port=18922
123.207.237.77 ansible_ssh_port=18922
123.207.44.192
123.207.45.148
119.29.158.156
/etc/ansible/hosts文件中可以使用的参数
ansible_ssh_host
#用于指定被管理的主机的真实IP
ansible_ssh_port
#用于指定连接到被管理主机的ssh端口号,默认是22
ansible_ssh_user
#ssh连接时默认使用的用户名
ansible_ssh_pass
#ssh连接时的密码
ansible_sudo_pass
#使用sudo连接用户时的密码,sudo无需密码时,无需此参数
ansible_sudo_exec
#如果sudo命令不在默认路径,需要指定sudo命令路径
ansible_ssh_private_key_file
#秘钥文件路径,秘钥文件如果不想使用ssh-agent管理时可以使用此选项ansible_shell_type
#目标系统的shell的类型,默认sh
ansible_connection
#SSH 连接的类型: local , ssh , paramiko,在 ansible 1.2 之前默认是 paramiko ,后来智能选择,优先使用基于ControlPersist的ssh(支持的前提)
ansible_python_interpreter
#用来指定Python解释器的路径,默认为/usr/bin/python 同样可以指定ruby 、perl的路径
ansible_*_interpreter
#其他解释器路径,用法和ansible_python_interpreter类似,这里"*"可以是ruby或才perl等其他语言
ssh禁用root用户登录,修改端口后,hosts文件设置和ansible命令
139.199.65.228 ansible_ssh_user=100msh_yunwei ansible_ssh_port=18922
ansible -i txall 139.199.65.228 --sudo -m shell -a 'touch /root/test.file'
nginx日志滚动(官方)#######################################
$ mv access.log access.log.0
$ kill -USR1 `cat master.nginx.pid`
$ sleep 1
$ gzip access.log.0
awk if 变量#######################################
tail -n 1000 /path/to/log_file | awk -v code=200 'BEGIN {count=0} {if($10==code){count=count+1;}} END{print code,count}'
bash脚本PATH#######################################
#!/bin/bash
#
export PATH=$PATH:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin
nginx访问日志监控#######################################
tail -n 1000 /path/to/log_file | awk '{a[$10]++}END { for(i in a) print a[i],i | "sort -k1 -nr | head -n 10" }'
585 404
403 200
3 301
3 302
1 444
/etc/bashrc#######################################
rmmv() {
for i in $@
do
mv -iv $i /data001/recycle/${i//\//_}-`date +%F%T`
done
}
alias rm=rmmv
sed的一些用法#######################################
# echo 192-168-1-1 | sed 's/-/./g'
192.168.1.1
脚本加密工具shc#######################################
#http://www.datsi.fi.upm.es/~frosal/sources/
tee用法#######################################
echo 333 | tee -a /tmp/echo.txt 追加
echo 333 | tee /tmp/echo.txt 覆盖
awk不显示某列#######################################
history | awk '{$1="";$2="";$3="";print $0}'
基本编译组件安装#######################################
yum install gcc cpp glibc glibc-devel gcc-c++
高并发内核参数#######################################
但在不同的虚拟化场景(KVM,XEN,VSPHERE)下,不一定存在以下参数
cd /proc/sys/net/ipv4/
[root]# cat tcp_max_syn_backlog
819200
[root]# cat tcp_fin_timeout
30
[root]# cat tcp_keepalive_time
60
[root]# cat tcp_synack_retries
2
[root]# cat tcp_syncookies
1
[root]# cat tcp_tw_recycle
1
[root]# cat tcp_tw_reuse
1
vi /etc/sysctl.conf
net.ipv4.tcp_keepalive_time = 30
net.ipv4.tcp_keepalive_probes = 1
net.ipv4.tcp_keepalive_intvl = 1
date命令#######################################
$ date +%F_%H:%M:%S
2017-06-01_12:57:47
更详细请查阅
http://www.cnblogs.com/xd502djj/archive/2010/12/29/1919478.html
ssh连接超时时间的设置方法#######################################
echo export TMOUT=1800 >> /etc/profile
echo export TMOUT=900 >> /root/.bash_profile
禁用密码登录服务器#######################################
先配置密钥登录服务器!!!!
使用xshell等工具生成密钥对
拷贝公钥信息粘贴到 vim ~/.ssh/authorized_keys
mkdir ~/.ssh
chmod 700 ~/.ssh
vi ~/.ssh/authorized_keys
chmod 644 ~/.ssh/authorized_keys
【注意权限为644】
基于密钥认证的配置
查看/etc/ssh/sshd_config配置
PasswordAuthentication yes //把yes修改为no即禁用密码登录
#PubkeyAuthentication yes //密钥登录是注释默认是允许的,无需修改
测试:
sed -n "s/^PasswordAuthentication yes/PasswordAuthentication no/p" /etc/ssh/sshd_config
sed -n "s/^#PubkeyAuthentication yes/PubkeyAuthentication yes/p" /etc/ssh/sshd_config
修改配置:
cp /etc/ssh/sshd_config{,_org}
sed -i "s/^PasswordAuthentication yes/PasswordAuthentication no/" /etc/ssh/sshd_config
sed -i "s/#PubkeyAuthentication yes/PubkeyAuthentication yes/" /etc/ssh/sshd_config
egrep "^PasswordAuthentication|^PubkeyAuthentication" /etc/ssh/sshd_config
重载服务:
/etc/init.d/sshd reload
iptables配置端口转发#######################################
清空防火墙规则
/etc/init.d/iptables stop
iptables -F
iptables -X
iptables -Z
/etc/init.d/iptables save
检查配置文件/etc/sysconfig/iptables是否包含iptables规则
/etc/init.d/iptables start
只转向本地其他port
iptables -t nat -I PREROUTING -p tcp -d 10.186.35.216 --dport 30000:40000 -j REDIRECT --to-port 80
转任意IP和port
iptables -t nat -I PREROUTING -p tcp -i eth0 --dport 30000:40000 -j DNAT --to 10.186.35.216:80
iptables -t nat -I PREROUTING -p tcp -i eth0 --dport 30000:40000 -j DNAT --to-destination 10.186.35.216:80
查看和保存
iptables -t nat -n -L PREROUTING
/etc/init.d/iptables save
iptables -t nat -I PREROUTING -p tcp -d 10.186.35.216 --dport 30000:40000 -j REDIRECT --to-port 80-81
经检验,不会转发到81端口
-j DNAT --to-destination 192.168.1.1-192.168.1.10
未检验
iptables -t nat -I PREROUTING -p tcp -d 183.60.124.69 --dport 41000:42000 -j DNAT --to 183.60.124.69:8100
iptables -t nat -A PREROUTING -d 183.60.124.69 -p tcp -m tcp --dport 41000:42000 -j REDIRECT --to-port 8100
iptables -I INPUT -p tcp -m tcp --dport 10050:10051 -m comment --comment "zabbix_agentd communication" -j ACCEPT
删除文件里面空行#######################################
echo "wq"|ex -c "g/^$/d" filename
vim filename
:g/^$/d
测试环境系统初始化#######################################
设置网卡启动
vim /etc/sysconfig/network-scripts/ifcfg-eth0
ONBOOT=yes
NM_CONTROLLED=no
只修改以上两个选项,其余保持不变,最后重启网络连接
/etc/init.d/network restart
rpm -ivh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
sed -i 's/^SELINUX=.*/SELINUX=disabled/' /etc/sysconfig/selinux
setenforce 0
echo "setenforce 0" >> /etc/rc.local
/etc/init.d/iptables stop
chkconfig iptables off
echo "StrictHostKeyChecking no" >> /etc/ssh/ssh_config
重启系统,检查配置
/etc/init.d/iptables status
chkconfig iptables --list
getenforce
yum repolist
创建系统快照
配置无密码ssh登录#######################################
grep -q "StrictHostKeyChecking no" /etc/ssh/ssh_config || echo "StrictHostKeyChecking no" >> /etc/ssh/ssh_config
rpm -q sshpass || yum -y install sshpass
[ -f "$HOME/.ssh/id_rsa" ] || ssh-keygen -t rsa -P "" -f "$HOME/.ssh/id_rsa"
hostip=(
172.16.1.187
172.16.1.188
172.16.1.189
172.16.1.190
172.16.1.232
172.16.1.233
)
hostpass="111111"
# 所有host的密码都是111111.如果每个host用的密码不一样,可以使用字典来做
for h in ${hostip[@]};do
sshpass -p $hostpass ssh-copy-id -i /root/.ssh/id_rsa.pub root@$h
#ssh $h mkdir -pv /data001/data/kfklog/
#scp -rp /data001/app $h:/data001
done
测试:
for h in ${hostip[@]};do ssh $h hostname;done
hostip=(
172.16.1.187
172.16.1.188
172.16.1.189
)
for h in ${hostip[@]};do
sshpass -p $hostpass ssh-copy-id -i /root/.ssh/id_rsa.pub root@$h
#ssh $h mkdir -pv /data001/data/kfklog/
#scp -rp /data001/app $h:/data001
done
补充:SSHPASS环境变量和ssh指定端口
export SSHPASS='tLqR1MqtC4y8+aZxCGYLIA'
sshpass -e ssh -p 54369 addansible@123.59.4.4 "sudo touch /etc/ansible/hosts.d/${PBL_IP}.tx"
sshpass -e ssh -p 54369 addansible@123.59.4.4 "echo 11afds | sudo tee /tmp/a.txt"
sshpass -e ssh -p 54369 addansible@123.59.4.4 'sudo sh -c "echo 111125 >> /etc/ansible/hosts.d/txall"'
腾讯云获取自己公网IP#######################################
curl http://metadata.tencentyun.com/meta-data/public-ipv4
139.199.65.228
参考文档
https://www.qcloud.com/document/product/213/4934
tar#######################################
把若干文件打包并压缩成一个文件
tar --remove-files -zcvf aaa.log.2017-04.tar.gz aaa.log.2017-04*
不解压文件查看压缩包
tar [tf or tvf] aaa.log.2017-02.tar.gz
解压到指定目录
tar -xf aaa.log.2017-02.tar.gz -C /usr/local/
lftp#######################################
lftp -u 'USERNAME,PASSWORD' IP_ADDRESS
if#######################################
判断字符串为空
if [ -z $b ];then
echo "b is null"
fi
if [ "$a"x == 'ok'x ];then
echo "a is ok"
fi
判断数字
if [ $a -eq 1 ];then
echo "a is 1"
fi
if 命令/条件;then
命令
elif 命令/条件;then
命令
else
命令
fi
while#######################################
while [ $a -lt 3 ];do
let a++
done
for#######################################
for i in aa bb cc;do
echo $i
done
for i in `seq 1 3`;do
echo $i
done
c=(`ls /`)
for i in ${c[@]};do
echo $i
done
以下命令可以做成xshell按钮
随机字符#######################################
openssl rand -base64 16
随机数字#######################################
head -200 /dev/urandom | cksum | awk '{print $1}'
随机字母数字#######################################
head -200 /dev/urandom | md5sum | awk '{print $1}'
egrep过滤注释#######################################
alias egrep='egrep -v --color=auto "^$|^\s*#"'
CPU,MEM,DISK信息#######################################
echo;echo "======= system info ======="; printf "cpu:\t`cat /proc/loadavg`;\n" ; free -m | awk 'NR==2 {print "mem:\tused," $3 "M;free," $4 "M;"}'; df -hP | grep -v sr0|sed 's/%//g' | awk 'NR>1 {if($5>=10) {print $6"," $5"%"}}' | tr '\n' ';' | awk '{print "disk:\t" $0}' ; echo "======= system info ======="
du#######################################
查找./下>1G的目录
cd /;du -m --max-depth=1 --exclude="proc" ./ | sort -n | awk '{if($1>1024){printf "%.2fGB\t%s\n",$1/1024,$2}}'
1.67GB ./usr
3.25GB ./logs
54.07GB ./data001
60.34GB ./
然后再进入某个大目录进行查看分析
cd /usr/
du -m --max-depth=1 --exclude="proc" ./ | sort -n | awk '{if($1>1024){printf "%.2fGB\t%s\n",$1/1024,$2}}'
查找大文件#######################################
查找/下大于100MB的文件(排除/proc目录)并进行从小到大进行排序
find / -path "/proc" -prune -o -type f -size +100000k -exec ls -l {} \; | awk '{printf "%.2fMB \t%s\n",$5/1024/1024,$9}' | sort -n
文件数量#######################################
计算当前目录及子目录下的文件数量
find ./ -path './proc' -prune -o -type f | wc -l
把若干文件打包并压缩成一个文件#######################################
tar --remove-files -zcvf acpostdataadmin.log.2017-04.tar.gz acpostdataadmin.log.2017-04*
不解压文件查看压缩包
tar tf acadmin.log.2017-02.tar.gz
tar tvf acadmin.log.2017-02.tar.gz
本服务器上某个监听端口的连接数#######################################
netstat -np | awk '$4 ~ /:21$/{print $4,"<--",$5,$6,$7}'
本服务器上连接某个端口的连接数#######################################
netstat -np | awk '$5 ~ /:21$/{print $4,"-->",$5,$6,$7}'
#######################################
转载于:https://blog.51cto.com/changeflyhigh/1919137
扫一扫
5292
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
