前言

大家好，這里是浩道Linux，主要給大家分享Linux、Python、網絡通信、網絡安全等相關的IT知識平臺。

今天浩道跟大家分享幾個Linux運維中常用到的shell腳本！

一、根據PID過濾進程所有信息

#!?/bin/bash
#?Function:?根據用戶輸入的PID，過濾出該PID所有的信息
read?-p?"請輸入要查詢的PID:?"?P
n=`ps?-aux|?awk?'$2~/^'$P'$/{print?$11}'|wc?-l`
if?[?$n?-eq?0?];then
?echo?"該PID不存在！！"
?exit
fi
echo?"--------------------------------"
echo?"進程PID:?$P"
echo?"進程命令：`ps -aux| awk '$2~/^'$P'$/{print?$11}'`"
echo?"進程所屬用戶:?`ps?-aux|?awk?'$2~/^'$P'$/{print?$1}'`"
echo?"CPU占用率：`ps -aux| awk '$2~/^'$P'$/{print?$3}'`%"
echo?"內存占用率：`ps -aux| awk '$2~/^'$P'$/{print?$4}'`%"
echo?"進程開始運行的時刻：`ps -aux| awk '$2~/^'$P'$/{print?$9}'`"
echo?"進程運行的時間：`ps -aux| awk '$2~/^'$P'$/{print?$10}'`"
echo?"進程狀態：`ps -aux| awk '$2~/^'$P'$/{print?$8}'`"
echo?"進程虛擬內存：`ps -aux| awk '$2~/^'$P'$/{print?$5}'`"
echo?"進程共享內存：`ps -aux| awk '$2~/^'$P'$/{print?$6}'`"
echo?"--------------------------------"

?

二、根據進程名過濾進程信息
會顯示出該進程名包含的所有線程

?

#!?/bin/bash
#?Function:?根據輸入的程序的名字過濾出所對應的PID，并顯示出詳細信息，如果有幾個PID，則全部顯示
read?-p?"請輸入要查詢的進程名："?NAME
N=`ps?-aux?|?grep?$NAME?|?grep?-v?grep?|?wc?-l`?##統計進程總數
if?[?$N?-le?0?];then
??echo?"該進程名沒有運行！"
fi
i=1
while?[?$N?-gt?0?]
do
??echo?"進程PID:?`ps?-aux?|?grep?$NAME?|?grep?-v?grep?|?awk?'NR=='$i'{print?$0}'|?awk?'{print?$2}'`"
??echo?"進程命令：`ps -aux | grep $NAME?|?grep?-v?grep?|?awk?'NR=='$i'{print?$0}'|?awk?'{print?$11}'`"
??echo?"進程所屬用戶:?`ps?-aux?|?grep?$NAME?|?grep?-v?grep?|?awk?'NR=='$i'{print?$0}'|?awk?'{print?$1}'`"
??echo?"CPU占用率：`ps -aux | grep $NAME?|?grep?-v?grep?|?awk?'NR=='$i'{print?$0}'|?awk?'{print?$3}'`%"
??echo?"內存占用率：`ps -aux | grep $NAME?|?grep?-v?grep?|?awk?'NR=='$i'{print?$0}'|?awk?'{print?$4}'`%"
??echo?"進程開始運行的時刻：`ps -aux | grep $NAME?|?grep?-v?grep?|?awk?'NR=='$i'{print?$0}'|?awk?'{print?$9}'`"
??echo?"進程運行的時間：` ps -aux | grep $NAME?|?grep?-v?grep?|?awk?'NR=='$i'{print?$0}'|?awk?'{print?$11}'`"
??echo?"進程狀態：`ps -aux | grep $NAME?|?grep?-v?grep?|?awk?'NR=='$i'{print?$0}'|?awk?'{print?$8}'`"
??echo?"進程虛擬內存：`ps -aux | grep $NAME?|?grep?-v?grep?|?awk?'NR=='$i'{print?$0}'|?awk?'{print?$5}'`"
??echo?"進程共享內存：`ps -aux | grep $NAME?|?grep?-v?grep?|?awk?'NR=='$i'{print?$0}'|?awk?'{print?$6}'`"
??echo?"***************************************************************"
??let?N--?i++
done

?

三、根據用戶名查詢該用戶的相關信息

?

#!?/bin/bash
# Function：根據用戶名查詢該用戶的所有信息
read?-p?"請輸入要查詢的用戶名："?A
echo?"------------------------------"
n=`cat?/etc/passwd?|?awk?-F:?'$1~/^'$A'$/{print}'?|?wc?-l`
if?[?$n?-eq?0?];then
echo?"該用戶不存在"
echo?"------------------------------"
else
??echo?"該用戶的用戶名：$A"
??echo?"該用戶的UID：`cat /etc/passwd | awk -F:?'$1~/^'$A'$/{print}'|awk?-F:?'{print?$3}'`"
??echo?"該用戶的組為：`id $A?|?awk?{'print?$3'}`"
??echo?"該用戶的GID為：`cat /etc/passwd | awk -F:?'$1~/^'$A'$/{print}'|awk?-F:?'{print?$4}'`"
??echo?"該用戶的家目錄為：`cat /etc/passwd | awk -F:?'$1~/^'$A'$/{print}'|awk?-F:?'{print?$6}'`"
??Login=`cat?/etc/passwd?|?awk?-F:?'$1~/^'$A'$/{print}'|awk?-F:?'{print?$7}'`
??if?[?$Login?==?"/bin/bash"?];then
??echo?"該用戶有登錄系統的權限！！"
??echo?"------------------------------"
??elif?[?$Login?==?"/sbin/nologin"?];then
??echo?"該用戶沒有登錄系統的權限！！"
??echo?"------------------------------"
??fi
fi

?

四、加固系統的一些配置

?

#!?/bin/bash
#?Function:對賬戶的密碼的一些加固
read?-p?"設置密碼最多可多少天不修改："?A
read?-p?"設置密碼修改之間最小的天數："?B
read?-p?"設置密碼最短的長度："?C
read?-p?"設置密碼失效前多少天通知用戶："?D
sed?-i?'/^PASS_MAX_DAYS/cPASS_MAX_DAYS?'$A''?/etc/login.defs
sed?-i?'/^PASS_MIN_DAYS/cPASS_MIN_DAYS?'$B''?/etc/login.defs
sed?-i?'/^PASS_MIN_LEN/cPASS_MIN_LEN?'$C''?/etc/login.defs
sed?-i?'/^PASS_WARN_AGE/cPASS_WARN_AGE?'$D''?/etc/login.defs

echo?"已對密碼進行加固，新用戶不得和舊密碼相同，且新密碼必須同時包含數字、小寫字母，大寫字母！！"
sed?-i?'/pam_pwquality.so/cpassword?requisite?pam_pwquality.so?try_first_pass?local_users_only?retry=3?authtok_type=?difok=1?minlen=8?ucredit=-1?lcredit=-1?dcredit=-1'?/etc/pam.d/system-auth

echo?"已對密碼進行加固，如果輸入錯誤密碼超過3次，則鎖定賬戶！！"
n=`cat?/etc/pam.d/sshd?|?grep?"auth?required?pam_tally2.so?"|wc?-l`
if?[?$n?-eq?0?];then
sed?-i?'/%PAM-1.0/aauth?required?pam_tally2.so?deny=3?unlock_time=150?even_deny_root?root_unlock_time300'?/etc/pam.d/sshd
fi

echo??"已設置禁止root用戶遠程登錄！！"
sed?-i?'/PermitRootLogin/cPermitRootLogin?no'??/etc/ssh/sshd_config

read?-p?"設置歷史命令保存條數："?E
read?-p?"設置賬戶自動注銷時間："?F
sed?-i?'/^HISTSIZE/cHISTSIZE='$E''?/etc/profile
sed?-i?'/^HISTSIZE/aTMOUT='$F''?/etc/profile

echo?"已設置只允許wheel組的用戶可以使用su命令切換到root用戶！"
sed?-i?'/pam_wheel.so?use_uid/cauth?required?pam_wheel.so?use_uid?'?/etc/pam.d/su
n=`cat?/etc/login.defs?|?grep?SU_WHEEL_ONLY?|?wc?-l`
if?[?$n?-eq?0?];then
echo?SU_WHEEL_ONLY?yes?>>?/etc/login.defs
fi

echo?"即將對系統中的賬戶進行檢查...."
echo?"系統中有登錄權限的用戶有："
awk?-F:?'($7=="/bin/bash"){print?$1}'?/etc/passwd
echo?"********************************************"
echo?"系統中UID=0的用戶有："
awk?-F:?'($3=="0"){print?$1}'?/etc/passwd
echo?"********************************************"
N=`awk?-F:?'($2==""){print?$1}'?/etc/shadow|wc?-l`
echo?"系統中空密碼用戶有：$N"
if?[?$N?-eq?0?];then
?echo?"恭喜你，系統中無空密碼用戶！！"
?echo?"********************************************"
else
?i=1
?while?[?$N?-gt?0?]
?do
????None=`awk?-F:?'($2==""){print?$1}'?/etc/shadow|awk?'NR=='$i'{print}'`
????echo?"------------------------"
????echo?$None
????echo?"必須為空用戶設置密碼！！"
????passwd?$None
????let?N--
?done
?M=`awk?-F:?'($2==""){print?$1}'?/etc/shadow|wc?-l`
?if?[?$M?-eq?0?];then
??echo?"恭喜，系統中已經沒有空密碼用戶了！"
?else
echo?"系統中還存在空密碼用戶：$M"
?fi
fi

echo?"即將對系統中重要文件進行鎖定，鎖定后將無法添加刪除用戶和組"
read?-p?"警告：此腳本運行后將無法添加刪除用戶和組！！確定輸入Y，取消輸入N；Y/N："?i
case?$i?in
??????[Y,y])
????????????chattr?+i?/etc/passwd
????????????chattr?+i?/etc/shadow
????????????chattr?+i?/etc/group
????????????chattr?+i?/etc/gshadow
????????????echo?"鎖定成功！"
;;
??????[N,n])
????????????chattr?-i?/etc/passwd
????????????chattr?-i?/etc/shadow
????????????chattr?-i?/etc/group
????????????chattr?-i?/etc/gshadow
????????????echo?"取消鎖定成功！！"
;;
???????*)
????????????echo?"請輸入Y/y?or?N/n"
esac

?