1、获取随机字符串或数字
获取随机8位字符串:
方法1:# echo $RANDOM |md5sum |cut -c 1-8471b94f2方法2:# openssl rand -base64 4vg3BEg==方法3:# cat /proc/sys/kernel/random/uuid |cut -c 1-8ed9e032c
获取随机8位数字:
方法1:#echo$RANDOM|cksum |cut -c 1-8
23648321方法2:#openssl rand -base64 4 |cksum |cut -c 1-8
38571131方法3:#date +%N |cut -c 1-8
69024815
cksum:打印CRC效验和统计字节
2、定义一个颜色输出字符串函数
方法1:functionecho_color() {if[$1=="green"];thenecho-e"\033[32;40m$2\033[0m"elif[$1=="red"];thenecho-e"\033[31;40m$2\033[0m"fi}方法2:functionecho_color() {case$1ingreen)echo-e"[32;40m$2[0m";;
red)echo-e"[31;40m$2[0m";;
*)echo"Example: echo_color red string"esac}
使用方法:echo_color green "test"
function关键字定义一个函数,可加或不加。
3、批量创建用户
#!/bin/bashDATE=$(date +%F_%T)
USER_FILE=user.txtecho_color(){if[$1=="green"];thenecho-e"[32;40m$2[0m"elif[$1=="red"];thenecho-e"[31;40m$2[0m"fi}#如果用户文件存在并且大小大于0就备份if[ -s$USER_FILE];thenmv$USER_FILE${USER_FILE}-${DATE}.bak
echo_color green"$USER_FILEexist, rename${USER_FILE}-${DATE}.bak"fiecho-e"User Password">>$USER_FILEecho"----------------">>$USER_FILEforUSERinuser{1..10};doif! id$USER&>/dev/null;thenPASS=$(echo$RANDOM|md5sum |cut -c 1-8)
useradd$USERecho$PASS|passwd --stdin$USER&>/dev/nullecho-e"$USER$PASS">>$USER_FILEecho"$USERUser create successful."elseecho_color red"$USERUser already exists!"fidone
4、检查软件包是否安装
#!/bin/bashifrpm -q sysstat &>/dev/null;thenecho"sysstat is already installed."elseecho"sysstat is not installed!"fi
5、检查服务状态
#!/bin/bashPORT_C=$(ss -anu |grep -c 123)
PS_C=$(ps -ef |grep ntpd |grep -vc grep)if[$PORT_C-eq 0 -o$PS_C-eq 0 ];thenecho"内容"| mail -s"主题"dst@example.comfi
6、检查主机存活状态
方法1:将错误IP放到数组里面判断是否ping失败三次
#!/bin/bashIP_LIST="192.168.18.1 192.168.1.1 192.168.18.2"forIPin$IP_LIST;doNUM=1while[$NUM-le 3 ];doifping -c 1$IP> /dev/null;thenecho"$IPPing is successful."breakelse# echo "$IP Ping is failure $NUM"FAIL_COUNT[$NUM]=$IPletNUM++fidoneif[${#FAIL_COUNT[*]}-eq 3 ];thenecho"${FAIL_COUNT[1]}Ping is failure!"unsetFAIL_COUNT[*]fidone
方法2:将错误次数放到FAIL_COUNT变量里面判断是否ping失败三次
#!/bin/bashIP_LIST="192.168.18.1 192.168.1.1 192.168.18.2"forIPin$IP_LIST;doFAIL_COUNT=0for((i=1;i<=3;i++));doifping -c 1$IP>/dev/null;thenecho"$IPPing is successful."breakelse# echo "$IP Ping is failure $i"letFAIL_COUNT++fidoneif[$FAIL_COUNT-eq 3 ];thenecho"$IPPing is failure!"fidone
方法3:利用for循环将ping通就跳出循环继续,如果不跳出就会走到打印ping失败
#!/bin/bashping_success_status() {ifping -c 1$IP>/dev/null;thenecho"$IPPing is successful."continuefi}
IP_LIST="192.168.18.1 192.168.1.1 192.168.18.2"forIPin$IP_LIST;doping_success_status
ping_success_status
ping_success_statusecho"$IPPing is failure!"done
7、监控CPU、内存和硬盘利用率
1)CPU
借助vmstat工具来分析CPU统计信息。
#!/bin/bashDATE=$(date +%F" "%H:%M)
IP=$(ifconfig eth0 |awk -F[ :]+/inet addr/{print $4})#只支持CentOS6MAIL="example@mail.com"if!whichvmstat &>/dev/null;thenecho"vmstat command no found, Please install procps package."exit1fiUS=$(vmstat |awkNR==3{print $13})
SY=$(vmstat |awkNR==3{print $14})
IDLE=$(vmstat |awkNR==3{print $15})
WAIT=$(vmstat |awkNR==3{print $16})
USE=$(($US+$SY))if[$USE-ge 50 ];thenecho"
Date:$DATEHost:$IPProblem: CPU utilization$USE"| mail -s"CPU Monitor"$MAILfi
2)内存
#!/bin/bashDATE=$(date +%F" "%H:%M)
IP=$(ifconfig eth0 |awk -F[ :]+/inet addr/{print $4})
MAIL="example@mail.com"TOTAL=$(free -m |awk/Mem/{print $2})
USE=$(free -m |awk/Mem/{print $3-$6-$7})
FREE=$(($TOTAL-$USE))#内存小于1G发送报警邮件if[$FREE-lt 1024 ];thenecho"
Date:$DATEHost:$IPProblem: Total=$TOTAL,Use=$USE,Free=$FREE"| mail -s"Memory Monitor"$MAILfi
3)硬盘
#!/bin/bashDATE=$(date +%F" "%H:%M)
IP=$(ifconfig eth0 |awk -F[ :]+/inet addr/{print $4})
MAIL="example@mail.com"TOTAL=$(fdisk -l |awk -F[: ]+BEGIN{OFS="="}/^Disk /dev/{printf "%s=%sG,",$2,$3})
PART_USE=$(df -h |awkBEGIN{OFS="="}/^/dev/{print $1,int($5),$6})foriin$PART_USE;doPART=$(echo$i|cut -d"="-f1)
USE=$(echo$i|cut -d"="-f2)
MOUNT=$(echo$i|cut -d"="-f3)if[$USE-gt 80 ];thenecho"
Date:$DATEHost:$IPTotal:$TOTALProblem:$PART=$USE($MOUNT)
"| mail -s"Disk Monitor"$MAILfidone
8、批量主机磁盘利用率监控
前提监控端和被监控端SSH免交互登录或者密钥登录。
写一个配置文件保存被监控主机SSH连接信息,文件内容格式:IP User Port
#!/bin/bashHOST_INFO=host.infoforIPin$(awk/^[^#]/{print $1}$HOST_INFO);doUSER=$(awk -v ip=$IPip==$1{print $2}$HOST_INFO)
PORT=$(awk -v ip=$IPip==$1{print $3}$HOST_INFO)
TMP_FILE=/tmp/disk.tmp
ssh -p$PORT$USER@$IPdf -h>$TMP_FILEUSE_RATE_LIST=$(awkBEGIN{OFS="="}/^/dev/{print $1,int($5)}$TMP_FILE)forUSE_RATEin$USE_RATE_LIST;doPART_NAME=${USE_RATE%=*}USE_RATE=${USE_RATE#*=}if[$USE_RATE-ge 80 ];thenecho"Warning:$PART_NAMEPartition usage$USE_RATE%!"fidonedone
AA=/dev/mapper/centos-root=11
BB=$(AA%=*)
echo $BB
/dev/mapper/centos-root
CC=${AA#*=}
echo $CC
11
9、检查网站可用性
1)检查URL可用性
方法1:check_url() {
HTTP_CODE=$(curl -o /dev/null --connect-timeout 3 -s -w"%{http_code}"$1)if[$HTTP_CODE-ne 200 ];thenecho"Warning:$1Access failure!"fi}方法2:check_url() {if! wget -T 10 --tries=1 --spider$1>/dev/null 2>&1;then#-T超时时间,--tries尝试1次,--spider爬虫模式echo"Warning:$1Access failure!"fi}
使用方法:check_url www.baidu.com
2)判断三次URL可用性
思路与上面检查主机存活状态一样。
方法1:利用循环技巧,如果成功就跳出当前循环,否则执行到最后一行
#!/bin/bashcheck_url() {
HTTP_CODE=$(curl -o /dev/null --connect-timeout 3 -s -w"%{http_code}"$1)if[$HTTP_CODE-eq 200 ];thencontinuefi}
URL_LIST="www.baidu.com www.agasgf.com"forURLin$URL_LIST;docheck_url$URLcheck_url$URLcheck_url$URLecho"Warning:$URLAccess failure!"done
方法2:错误次数保存到变量
#!/bin/bashURL_LIST="www.baidu.com www.agasgf.com"forURLin$URL_LIST;doFAIL_COUNT=0for((i=1;i<=3;i++));doHTTP_CODE=$(curl -o /dev/null --connect-timeout 3 -s -w"%{http_code}"$URL)if[$HTTP_CODE-ne 200 ];thenletFAIL_COUNT++elsebreakfidoneif[$FAIL_COUNT-eq 3 ];thenecho"Warning:$URLAccess failure!"fidone
方法3:错误次数保存到数组
#!/bin/bashURL_LIST="www.baidu.com www.agasgf.com"forURLin$URL_LIST;doNUM=1while[$NUM-le 3 ];doHTTP_CODE=$(curl -o /dev/null --connect-timeout 3 -s -w"%{http_code}"$URL)if[$HTTP_CODE-ne 200 ];thenFAIL_COUNT[$NUM]=$IP#创建数组,以$NUM下标,$IP元素letNUM++elsebreakfidoneif[${#FAIL_COUNT[*]}-eq 3 ];thenecho"Warning:$URLAccess failure!"unsetFAIL_COUNT[*]#清空数组fidone
10、检查MySQL主从同步状态
#!/bin/bashUSER=bak
PASSWD=123456
IO_SQL_STATUS=$(mysql -u$USER-p$PASSWD-eshow slave statusG|awk -F:/Slave_.*_Running/{gsub(": ",":");print $0})#gsub去除冒号后面的空格foriin$IO_SQL_STATUS;doTHREAD_STATUS_NAME=${i%:*}THREAD_STATUS=${i#*:}if["$THREAD_STATUS"!="Yes"];thenecho"Error: MySQL Master-Slave$THREAD_STATUS_NAMEstatus is$THREAD_STATUS!"fidone
11、iptables自动屏蔽访问网站频繁的IP
场景:恶意访问,安全防范
1)屏蔽每分钟访问超过200的IP
方法1:根据访问日志(Nginx为例)
#!/bin/bashDATE=$(date +%d/%b/%Y:%H:%M)ABNORMAL_IP=$(tail -n5000 access.log |grep $DATE |awk '{a[$1]++}END{for(i in a)if(a[i]>100)print i}')#先tail防止文件过大,读取慢,数字可调整每分钟最大的访问量。awk不能直接过滤日志,因为包含特殊字符。for IP in $ABNORMAL_IP; do if [ $(iptables -vnL |grep -c "$IP") -eq 0 ]; then iptables -I INPUT -s $IP -j DROP fidone
方法2:通过TCP建立的连接
#!/bin/bashABNORMAL_IP=$(netstat -an |awk '$4~/:80$/ && $6~/ESTABLISHED/{gsub(/:[0-9]+/,"",$5);{a[$5]++}}END{for(i in a)if(a[i]>100)print i}')#gsub是将第五列(客户端IP)的冒号和端口去掉for IP in $ABNORMAL_IP; do if [ $(iptables -vnL |grep -c "$IP") -eq 0 ]; then iptables -I INPUT -s $IP -j DROP fidone
2)屏蔽每分钟SSH尝试登录超过10次的IP
方法1:通过lastb获取登录状态:
#!/bin/bashDATE=$(date +"%a %b %e %H:%M") #星期月天时分%e单数字时显示7,而%d显示07ABNORMAL_IP=$(lastb |grep "$DATE" |awk '{a[$3]++}END{for(i in a)if(a[i]>10)print i}')for IP in $ABNORMAL_IP; do if [ $(iptables -vnL |grep -c "$IP") -eq 0 ]; then iptables -I INPUT -s $IP -j DROP fidone
方法2:通过日志获取登录状态
#!/bin/bashDATE=$(date +"%b %d %H")ABNORMAL_IP="$(tail -n10000 /var/log/auth.log |grep "$DATE" |awk '/Failed/{a[$(NF-3)]++}END{for(i in a)if(a[i]>5)print i}')"for IP in $ABNORMAL_IP; do if [ $(iptables -vnL |grep -c "$IP") -eq 0 ]; then iptables -A INPUT -s $IP -j DROP echo "$(date +"%F %T") - iptables -A INPUT -s $IP -j DROP" >>~/ssh-login-limit.log fidone
12、判断用户输入的是否为IP地址
方法1:
#!/bin/bashfunction check_ip(){ IP=$1 VALID_CHECK=$(echo $IP|awk -F. '$1<=255&&$2<=255&&$3<=255&&$4<=255{print "yes"}') if echo $IP|grep -E "^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$">/dev/null; then if [ $VALID_CHECK == "yes" ]; then echo "$IP available." else echo "$IP not available!" fi else echo "Format error!" fi}check_ip 192.168.1.1check_ip 256.1.1.1
方法2:
#!/bin/bashfunction check_ip(){ IP=$1 if [[ $IP =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then FIELD1=$(echo $IP|cut -d. -f1) FIELD2=$(echo $IP|cut -d. -f2) FIELD3=$(echo $IP|cut -d. -f3) FIELD4=$(echo $IP|cut -d. -f4) if [ $FIELD1 -le 255 -a $FIELD2 -le 255 -a $FIELD3 -le 255 -a $FIELD4 -le 255 ]; then echo "$IP available." else echo "$IP not available!" fi else echo "Format error!" fi}check_ip 192.168.1.1check_ip 256.1.1.1
增加版:
加个死循环,如果IP可用就退出,不可用提示继续输入,并使用awk判断。
#!/bin/bashfunction check_ip(){ local IP=$1 VALID_CHECK=$(echo $IP|awk -F. '$1<=255&&$2<=255&&$3<=255&&$4<=255{print "yes"}') if echo $IP|grep -E "^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$" >/dev/null; then if [ $VALID_CHECK == "yes" ]; then return 0 else echo "$IP not available!" return 1 fi else echo "Format error! Please input again." return 1 fi}while true; do read -p "Please enter IP: " IP check_ip $IP [ $? -eq 0 ] && break || continuedone
13、判断用户输入的是否为数字
方法1:
#!/bin/bashif [[ $1 =~ ^[0-9]+$ ]]; then echo "Is Number."else echo "No Number."fi
方法2:
#!/bin/bashif [ $1 -gt 0 ] 2>/dev/null; then echo "Is Number."else echo "No Number."fi
方法3:
#!/bin/bashecho $1 |awk '{print $0~/^[0-9]+$/?"Is Number.":"No Number."}' #三目运算符
14、给定目录找出包含关键字的文件
#!/bin/bashDIR=$1KEY=$2for FILE in $(find $DIR -type f); do if grep $KEY $FILE &>/dev/null; then echo "--> $FILE" fidone
15、监控目录,将新创建的文件名追加到日志中
场景:记录目录下文件操作。
需先安装inotify-tools软件包。
#!/bin/bashMON_DIR=/optinotifywait -mq --format %f -e create $MON_DIR |\while read files; do echo $files >> test.logdone
16、给用户提供多个网卡选择
场景:服务器多个网卡时,获取指定网卡,例如网卡流量
#!/bin/bashfunction local_nic() { local NUM ARRAY_LENGTH NUM=0 for NIC_NAME in $(ls /sys/class/net|grep -vE "lo|docker0"); do NIC_IP=$(ifconfig $NIC_NAME |awk -F'[: ]+' '/inet addr/{print $4}') if [ -n "$NIC_IP" ]; then NIC_IP_ARRAY[$NUM]="$NIC_NAME:$NIC_IP" #将网卡名和对应IP放到数组let NUM++ fi done ARRAY_LENGTH=${#NIC_IP_ARRAY[*]} if [ $ARRAY_LENGTH -eq 1 ]; then #如果数组里面只有一条记录说明就一个网卡NIC=${NIC_IP_ARRAY[0]%:*} return 0 elif [ $ARRAY_LENGTH -eq 0 ]; then #如果没有记录说明没有网卡echo "No available network card!" exit 1 else#如果有多条记录则提醒输入选择for NIC in ${NIC_IP_ARRAY[*]}; do echo $NIC done while true; do read -p "Please enter local use to network card name: " INPUT_NIC_NAME COUNT=0 for NIC in ${NIC_IP_ARRAY[*]}; do NIC_NAME=${NIC%:*} if [ $NIC_NAME == "$INPUT_NIC_NAME" ]; then NIC=${NIC_IP_ARRAY[$COUNT]%:*} return 0 else COUNT+=1 fi done echo "Not match! Please input again." done fi}local_nic
17、查看网卡实时流量
适用于CentOS6操作系统。
#!/bin/bash# Description: Only CentOS6traffic_unit_conv() { local traffic=$1 if [ $traffic -gt 1024000 ]; then printf "%.1f%s" "$(($traffic/1024/1024))" "MB/s" elif [ $traffic -lt 1024000 ]; then printf "%.1f%s" "$(($traffic/1024))" "KB/s" fi}NIC=$1echo -e " In ------ Out"while true; do OLD_IN=$(awk -F'[: ]+' '$0~"'$NIC'"{print $3}' /proc/net/dev) OLD_OUT=$(awk -F'[: ]+' '$0~"'$NIC'"{print $11}' /proc/net/dev) sleep 1 NEW_IN=$(awk -F'[: ]+' '$0~"'$NIC'"{print $3}' /proc/net/dev) NEW_OUT=$(awk -F'[: ]+' '$0~"'$NIC'"{print $11}' /proc/net/dev) IN=$(($NEW_IN-$OLD_IN)) OUT=$(($NEW_OUT-$OLD_OUT)) echo "$(traffic_unit_conv $IN) $(traffic_unit_conv $OUT)" sleep 1done
使用:./traffic.sh eth0
18、MySQL数据库备份
#!/bin/bashDATE=$(date +%F_%H-%M-%S)HOST=192.168.1.120DB=testUSER=bakPASS=123456MAIL="zhangsan@example.com lisi@example.com"BACKUP_DIR=/data/db_backupSQL_FILE=${DB}_full_$DATE.sqlBAK_FILE=${DB}_full_$DATE.zipcd $BACKUP_DIRif mysqldump -h$HOST -u$USER -p$PASS --single-transaction --routines --triggers -B $DB > $SQL_FILE; then zip $BAK_FILE $SQL_FILE && rm -f $SQL_FILE if [ ! -s $BAK_FILE ]; then echo "$DATE内容" | mail -s "主题" $MAIL fielse echo "$DATE内容" | mail -s "主题" $MAILfifind $BACKUP_DIR -name '*.zip' -ctime +14 -exec rm {} \;
find命令详解:https://blog.csdn.net/m1585761297/article/details/80175634
19、Nginx服务管理脚本
场景:使用源码包安装Nginx不含带服务管理脚本,也就是不能使用"service nginx start"或"/etc/init.d/nginx start",所以写了以下的服务管理脚本。
#!/bin/bash# Description: Only support RedHat system. /etc/init.d/functionsWORD_DIR=/usr/local/nginxDAEMON=$WORD_DIR/sbin/nginxCONF=$WORD_DIR/conf/nginx.confNAME=nginxPID=$(awk -F'[; ]+' '/^[^#]/{if($0~/pid;/)print $2}' $CONF)if [ -z "$PID" ]; then PID=$WORD_DIR/logs/nginx.pidelse PID=$WORD_DIR/$PIDfistop() { $DAEMON -s stop sleep 1 [ ! -f $PID ] && action "* Stopping $NAME" /bin/true || action "* Stopping $NAME" /bin/false}start() { $DAEMON sleep 1 [ -f $PID ] && action "* Starting $NAME" /bin/true || action "* Starting $NAME" /bin/false}reload() { $DAEMON -s reload}test_config() { $DAEMON -t}case "$1" in start) if [ ! -f $PID ]; then start else echo "$NAME is running..." exit 0 fi ;; stop) if [ -f $PID ]; then stop else echo "$NAME not running!" exit 0 fi ;; restart) if [ ! -f $PID ]; then echo "$NAME not running!" start else stop start fi ;; reload) reload ;; testconfig) test_config ;; status) [ -f $PID ] && echo "$NAME is running..." || echo "$NAME not running!" ;; *) echo "Usage: $0 {start|stop|restart|reload|testconfig|status}" exit 3 ;;esac
20、用户根据菜单选择要连接的Linux主机
Linux主机SSH连接信息:
# cat host.txtWeb 192.168.1.10 root 22DB 192.168.1.11 root 22
内容格式:主机名 IP User Port
#!/bin/bashPS3="Please input number: "HOST_FILE=host.txtwhile true; do select NAME in $(awk '{print $1}' $HOST_FILE) quit; do [ ${NAME:=empty} == "quit" ] && exit 0 IP=$(awk -v NAME=${NAME} '$1==NAME{print $2}' $HOST_FILE) USER=$(awk -v NAME=${NAME} '$1==NAME{print $3}' $HOST_FILE) PORT=$(awk -v NAME=${NAME} '$1==NAME{print $4}' $HOST_FILE) if [ $IP ]; then echo "Name: $NAME, IP: $IP" ssh -o StrictHostKeyChecking=no -p $PORT -i id_rsa $USER@$IP #密钥免交互登录break else echo "Input error, Please enter again!" break fi donedone
21、从FTP服务器下载文件
#!/bin/bashif [ $# -ne 1 ]; then echo "Usage: $0 filename"fidir=$(dirname $1)file=$(basename $1)ftp -n -v << EOF # -n自动登录open 192.168.1.10 # ftp服务器user admin passwordbinary #设置ftp传输模式为二进制,避免MD5值不同或.tar.gz压缩包格式错误cd $dirget "$file"EOF
22、连续输入5个100以内的数字,统计和、最小和最大
#!/bin/bashCOUNT=1SUM=0MIN=0MAX=100while [ $COUNT -le 5 ]; do read -p "请输入1-10个整数:" INT if [[ ! $INT =~ ^[0-9]+$ ]]; then echo "输入必须是整数!" exit 1 elif [[ $INT -gt 100 ]]; then echo "输入必须是100以内!" exit 1 fi SUM=$(($SUM+$INT)) [ $MIN -lt $INT ] && MIN=$INT [ $MAX -gt $INT ] && MAX=$INT let COUNT++doneecho "SUM: $SUM"echo "MIN: $MIN"echo "MAX: $MAX"
23、将结果分别赋值给变量
应用场景:希望将执行结果或者位置参数赋值给变量,以便后续使用。
方法1:
for i in $(echo "4 5 6"); do eval a$i=$idoneecho $a4 $a5 $a6
方法2:将位置参数192.168.1.1{1,2}拆分为到每个变量
num=0for i in $(eval echo $*);do #eval将{1,2}分解为1 2let num+=1 eval node${num}="$i"doneecho $node1 $node2 $node3# bash a.sh 192.168.1.1{1,2}192.168.1.11 192.168.1.12
方法3:
arr=(4 5 6)INDEX1=$(echo ${arr[0]})INDEX2=$(echo ${arr[1]})INDEX3=$(echo ${arr[2]})
24、批量修改文件名
示例:
# touch article_{1..3}.html# lsarticle_1.html article_2.html article_3.html
目的:把article改为bbs
方法1:
for file in $(ls *html); do mv $file bbs_${file#*_} # mv $file $(echo $file |sed -r 's/.*(_.*)/bbs\1/') # mv $file $(echo $file |echo bbs_$(cut -d_ -f2)done
方法2:
for file in $(find . -maxdepth 1 -name "*html"); do mv $file bbs_${file#*_}done
方法3:
# rename article bbs *.html
25、统计当前目录中以.html结尾的文件总大
方法1:
# find . -name "*.html" -exec du -k {} \; |awk '{sum+=$1}END{print sum}'
方法2:
for size in $(ls -l *.html |awk '{print $5}'); do sum=$(($sum+$size))doneecho $sum
26、扫描主机端口状态
#!/bin/bashHOST=$1PORT="22 25 80 8080"for PORT in $PORT; do if echo &>/dev/null > /dev/tcp/$HOST/$PORT; then echo "$PORT open" else echo "$PORT close" fidone
27、Expect实现SSH免交互执行命令
Expect是一个自动交互式应用程序的工具,如telnet,ftp,passwd等。
需先安装expect软件包。
方法1:EOF标准输出作为expect标准输入
#!/bin/bashUSER=rootPASS=123.comIP=192.168.1.120expect << EOFset timeout 30spawn ssh $USER@$IP expect { "(yes/no)" {send "yes\r"; exp_continue} "password:" {send "$PASS\r"}}expect "$USER@*" {send "$1\r"}expect "$USER@*" {send "exit\r"}expect eofEOF
方法2:
#!/bin/bashUSER=rootPASS=123.comIP=192.168.1.120expect -c " spawn ssh $USER@$IP expect { \"(yes/no)\" {send \"yes\r\"; exp_continue} \"password:\" {send \"$PASS\r\"; exp_continue} \"$USER@*\" {send \"df -h\r exit\r\"; exp_continue} }"
方法3:将expect脚本独立出来
登录脚本:
# cat login.exp#!/usr/bin/expectset ip [lindex $argv 0]set user [lindex $argv 1]set passwd [lindex $argv 2]set cmd [lindex $argv 3]if { $argc != 4 } {puts "Usage: expect login.exp ip user passwd"exit 1}set timeout 30spawn ssh $user@$ipexpect { "(yes/no)" {send "yes\r"; exp_continue} "password:" {send "$passwd\r"}}expect "$user@*" {send "$cmd\r"}expect "$user@*" {send "exit\r"}expect eof
执行命令脚本:写个循环可以批量操作多台服务器
#!/bin/bashHOST_INFO=user_info.txtfor ip in $(awk '{print $1}' $HOST_INFO)do user=$(awk -v I="$ip" 'I==$1{print $2}' $HOST_INFO) pass=$(awk -v I="$ip" 'I==$1{print $3}' $HOST_INFO) expect login.exp $ip $user $pass $1done
Linux主机SSH连接信息:
# cat user_info.txt192.168.1.120 root 123456
28、批量修改服务器用户密码
Linux主机SSH连接信息:旧密码
# cat old_pass.txt 192.168.18.217 root 123456 22192.168.18.218 root 123456 22
内容格式:IP User Password Port
SSH远程修改密码脚本:新密码随机生成
#!/bin/bashOLD_INFO=old_pass.txtNEW_INFO=new_pass.txtfor IP in $(awk '/^[^#]/{print $1}' $OLD_INFO); do USER=$(awk -v I=$IP 'I==$1{print $2}' $OLD_INFO) PASS=$(awk -v I=$IP 'I==$1{print $3}' $OLD_INFO) PORT=$(awk -v I=$IP 'I==$1{print $4}' $OLD_INFO) NEW_PASS=$(mkpasswd -l 8) #随机密码echo "$IP $USER $NEW_PASS $PORT" >> $NEW_INFO expect -c " spawn ssh -p$PORT $USER@$IP set timeout 2 expect { \"(yes/no)\" {send \"yes\r\";exp_continue} \"password:\" {send \"$PASS\r\";exp_continue} \"$USER@*\" {send \"echo \'$NEW_PASS\' |passwd --stdin $USER\r exit\r\";exp_continue} }"done
生成新密码文件:
# cat new_pass.txt 192.168.18.217 root n8wX3mU% 22192.168.18.218 root c87;ZnnL 22
29、打印乘法口诀
方法1:
# awk 'BEGIN{for(n=0;n++<9;){for(i=0;i++
方法2:
for ((i=1;i<=9;i++)); do for ((j=1;j<=i;j++)); do result=$(($i*$j)) echo -n "$j*$i=$result " done echodone
30、getopts工具完善脚本命令行参数getopts是一个解析脚本选项参数的工具。
命令格式:getopts optstring name [arg]
初次使用你要注意这几点:
·脚本位置参数会与optstring中的单个字母逐个匹配,如果匹配到就赋值给name,否则赋值name为问号;
·optstring中单个字母是一个选项,如果字母后面加冒号,表示该选项后面带参数,参数值并会赋值给OPTARG变量;
·optstring中第一个是冒号,表示屏蔽系统错误(test.sh: illegal option -- h);
·允许把选项放一起,例如-ab
·下面写一个打印文件指定行的简单例子,引导你思路:
#!/bin/bashwhile getopts :f:n: option; do case $option in f) FILE=$OPTARG [ ! -f $FILE ] && echo "$FILE File not exist!" && exit ;; n) sed -n "${OPTARG}p" $FILE ;; ?) echo "Usage: $0 -f -n " echo "-f, --file specified file" echo "-n, --line-number print specified line" exit 1 ;; esacdone