Linux 巡检脚本
#!/bin/bash
export PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin
source /etc/profile
[ KaTeX parse error: Expected 'EOF', got '&' at position 17: …id -u) -gt 0 ] &̲& echo "请用root用…(awk ‘{print $(NF-1)}’ /etc/redhat-release)
VERSION=date +%F
#日志相关
PROGPATH=echo $0 | sed -e 's,[\\/][^\\/][^\\/]*$,,'
[ -f KaTeX parse error: Expected 'EOF', got '&' at position 12: PROGPATH ] &̲& PROGPATH="." …PROGPATH/log"
[ -e $LOGPATH ] || mkdir
L
O
G
P
A
T
H
R
E
S
U
L
T
F
I
L
E
=
"
LOGPATH RESULTFILE="
LOGPATHRESULTFILE="LOGPATH/HostDailyCheck-hostname
-date +%Y%m%d
.txt"
#定义报表的全局变量
report_DateTime=""
report_Hostname=""
report_OSRelease=""
report_Kernel=""
report_Language=""
report_LastReboot=""
report_Uptime=""
report_CPUs=""
report_CPUType=""
report_Arch=""
report_MemTotal=""
report_MemFree=""
report_MemUsedPercent=""
report_DiskTotal=""
report_DiskFree=""
report_DiskUsedPercent=""
report_InodeTotal=""
report_InodeFree=""
report_InodeUsedPercent=""
report_IP=""
report_MAC=""
report_Gateway=""
report_DNS=""
report_Listen=""
report_Selinux=""
report_Firewall=""
report_USERs=""
report_USEREmptyPassword=""
report_USERTheSameUID=""
report_PasswordExpiry=""
report_RootUser=""
report_Sudoers=""
report_SSHAuthorized=""
report_SSHDProtocolVersion=""
report_SSHDPermitRootLogin=""
report_DefunctProsess=""
report_SelfInitiatedService=""
report_SelfInitiatedProgram=""
report_RuningService=""
report_Crontab=""
report_Syslog=""
report_SNMP=""
report_NTP=""
report_JDK=""
function version(){
echo “”
echo “”
echo “系统巡检脚本:Version $VERSION”
}
function getCpuStatus(){
echo “”
echo -e “\033[33mCPU检查\033[0m”
Physical_CPUs=
(
g
r
e
p
"
p
h
y
s
i
c
a
l
i
d
"
/
p
r
o
c
/
c
p
u
i
n
f
o
∣
s
o
r
t
∣
u
n
i
q
∣
w
c
−
l
)
V
i
r
t
C
P
U
s
=
(grep "physical id" /proc/cpuinfo| sort | uniq | wc -l) Virt_CPUs=
(grep"physicalid"/proc/cpuinfo∣sort∣uniq∣wc−l)VirtCPUs=(grep “processor” /proc/cpuinfo | wc -l)
CPU_Kernels=$(grep “cores” /proc/cpuinfo|uniq| awk -F ': ’ '{print KaTeX parse error: Expected 'EOF', got '}' at position 2: 2}̲') CPU_Type…(grep “model name” /proc/cpuinfo | awk -F ': ’ '{print KaTeX parse error: Expected 'EOF', got '}' at position 2: 2}̲' | sort | uniq…(uname -m)
echo “物理CPU个数:
P
h
y
s
i
c
a
l
C
P
U
s
"
e
c
h
o
"
逻
辑
C
P
U
个
数
:
Physical_CPUs" echo "逻辑CPU个数:
PhysicalCPUs"echo"逻辑CPU个数:Virt_CPUs”
echo “每CPU核心数:
C
P
U
K
e
r
n
e
l
s
"
e
c
h
o
"
C
P
U
型
号
:
CPU_Kernels" echo " CPU型号:
CPUKernels"echo"CPU型号:CPU_Type”
echo " CPU架构:KaTeX parse error: Expected 'EOF', got '#' at position 15: CPU_Arch" #̲报表信息 report…Virt_CPUs
report_CPUType=
C
P
U
T
y
p
e
r
e
p
o
r
t
A
r
c
h
=
CPU_Type report_Arch=
CPUTypereportArch=CPU_Arch
}
function getMemStatus(){
echo “”
echo -e “\033[33m内存检查\033[0m”
if [[ KaTeX parse error: Expected 'EOF', got '#' at position 80: … -h fi #̲报表信息 MemTot…(grep MemTotal /proc/meminfo| awk '{print KaTeX parse error: Expected 'EOF', got '}' at position 2: 2}̲') #KB Mem…(grep MemFree /proc/meminfo| awk '{print KaTeX parse error: Expected 'EOF', got '}' at position 2: 2}̲') #KB l…(awk “BEGIN {if(KaTeX parse error: Can't use function '\"' in math mode at position 37: …00}else{printf \̲"̲%.2f\",MemUsed100/KaTeX parse error: Expected 'EOF', got '}' at position 9: MemTotal}̲}") report_…((MemTotal/1024))"“MB”
report_MemFree="
(
(
M
e
m
F
r
e
e
/
1024
)
)
"
"
M
B
"
r
e
p
o
r
t
M
e
m
U
s
e
d
P
e
r
c
e
n
t
=
"
((MemFree/1024))""MB" report_MemUsedPercent="
((MemFree/1024))""MB"reportMemUsedPercent="(awk "BEGIN {if(KaTeX parse error: Can't use function '\"' in math mode at position 37: …00}else{printf \̲"̲%.2f\",MemUsed100/$MemTotal}}”)""%"
}
function getDiskStatus(){
echo “”
echo -e “\033[33m磁盘检查\033[0m”
df -hiP | sed ‘s/Mounted on/Mounted/’> /tmp/inode
df -hTP | sed ‘s/Mounted on/Mounted/’> /tmp/disk
join /tmp/disk /tmp/inode | awk '{print $1,$2,"|",$3,$4,$5,$6,"|",$8,$9,$10,$11,"|",KaTeX parse error: Expected 'EOF', got '}' at position 3: 12}̲'| column -t …(df -TP | sed ‘1d’ | awk 'KaTeX parse error: Expected 'EOF', got '#' at position 21: …mpfs"{print}') #̲KB disktota…(echo “$diskdata” | awk '{total+=KaTeX parse error: Expected 'EOF', got '}' at position 2: 3}̲END{print total…(echo “$diskdata” | awk '{total+=KaTeX parse error: Expected 'EOF', got '}' at position 2: 4}̲END{print total…((disktotal-diskused)) #KB
diskusedpercent=$(echo $disktotal $diskused | awk '{if($10){printf 100}else{printf “%.2f”,$2*100/KaTeX parse error: Expected 'EOF', got '}' at position 2: 1}̲}') inodeda…(df -iTP | sed ‘1d’ | awk '
2
!
=
"
t
m
p
f
s
"
p
r
i
n
t
′
)
i
n
o
d
e
t
o
t
a
l
=
2!="tmpfs"{print}') inodetotal=
2!="tmpfs"print′)inodetotal=(echo “$inodedata” | awk '{total+=KaTeX parse error: Expected 'EOF', got '}' at position 2: 3}̲END{print total…(echo “$inodedata” | awk '{total+=KaTeX parse error: Expected 'EOF', got '}' at position 2: 4}̲END{print total…((inodetotal-inodeused))
inodeusedpercent=$(echo $inodetotal $inodeused | awk '{if($10){printf 100}else{printf “%.2f”,$2*100/KaTeX parse error: Expected 'EOF', got '}' at position 2: 1}̲}') report_…((disktotal/1024/1024))“GB”
report_DiskFree=
(
(
d
i
s
k
f
r
e
e
/
1024
/
1024
)
)
"
G
B
"
r
e
p
o
r
t
D
i
s
k
U
s
e
d
P
e
r
c
e
n
t
=
"
((diskfree/1024/1024))"GB" report_DiskUsedPercent="
((diskfree/1024/1024))"GB"reportDiskUsedPercent="diskusedpercent""%"
report_InodeTotal=
(
(
i
n
o
d
e
t
o
t
a
l
/
1000
)
)
"
K
"
r
e
p
o
r
t
I
n
o
d
e
F
r
e
e
=
((inodetotal/1000))"K" report_InodeFree=
((inodetotal/1000))"K"reportInodeFree=((inodefree/1000))“K”
report_InodeUsedPercent="$inodeusedpercent""%"
}
function getSystemStatus(){
echo “”
echo -e “\033[33m*******************************************************系统检查 ******************************************************\033[0m"
if [ -e /etc/sysconfig/i18n ];then
default_LANG="$(grep “LANG=” /etc/sysconfig/i18n | grep -v “^#” | awk -F ‘"’ '{print KaTeX parse error: Expected 'EOF', got '}' at position 2: 2}̲')" else …LANG
fi
export LANG=“en_US.UTF-8”
Release=
(
c
a
t
/
e
t
c
/
r
e
d
h
a
t
−
r
e
l
e
a
s
e
2
>
/
d
e
v
/
n
u
l
l
)
K
e
r
n
e
l
=
(cat /etc/redhat-release 2>/dev/null) Kernel=
(cat/etc/redhat−release2>/dev/null)Kernel=(uname -r)
OS=
(
u
n
a
m
e
−
o
)
H
o
s
t
n
a
m
e
=
(uname -o) Hostname=
(uname−o)Hostname=(uname -n)
SELinux=$(/usr/sbin/sestatus | grep "SELinux status: " | awk '{print KaTeX parse error: Expected 'EOF', got '}' at position 2: 3}̲') LastRebo…(who -b | awk '{print $3,KaTeX parse error: Expected 'EOF', got '}' at position 2: 4}̲') uptime=(uptime | sed 's/.up ([^,]), ./\1/’)
echo " 系统:
O
S
"
e
c
h
o
"
发
行
版
本
:
OS" echo " 发行版本:
OS"echo"发行版本:Release”
echo " 内核:
K
e
r
n
e
l
"
e
c
h
o
"
主
机
名
:
Kernel" echo " 主机名:
Kernel"echo"主机名:Hostname"
echo " SELinux:
S
E
L
i
n
u
x
"
e
c
h
o
"
语
言
/
编
码
:
SELinux" echo "语言/编码:
SELinux"echo"语言/编码:default_LANG"
echo " 当前时间:
(
d
a
t
e
+
′
e
c
h
o
"
最
后
启
动
:
(date +'%F %T')" echo " 最后启动:
(date+′echo"最后启动:LastReboot"
echo " 运行时间:KaTeX parse error: Expected 'EOF', got '#' at position 13: uptime" #̲报表信息 report…(date +"%F %T")
report_Hostname=“
H
o
s
t
n
a
m
e
"
r
e
p
o
r
t
O
S
R
e
l
e
a
s
e
=
"
Hostname" report_OSRelease="
Hostname"reportOSRelease="Release”
report_Kernel=“
K
e
r
n
e
l
"
r
e
p
o
r
t
L
a
n
g
u
a
g
e
=
"
Kernel" report_Language="
Kernel"reportLanguage="default_LANG”
report_LastReboot=“
L
a
s
t
R
e
b
o
o
t
"
r
e
p
o
r
t
U
p
t
i
m
e
=
"
LastReboot" report_Uptime="
LastReboot"reportUptime="uptime”
report_Selinux=“
S
E
L
i
n
u
x
"
e
x
p
o
r
t
L
A
N
G
=
"
SELinux" export LANG="
SELinux"exportLANG="default_LANG”
}
function getServiceStatus(){
echo “”
echo -e “\033[33m服务检查\033[0m”
echo “”
if [[
c
e
n
t
o
s
V
e
r
s
i
o
n
>
7
]
]
;
t
h
e
n
c
o
n
f
=
centosVersion > 7 ]];then conf=
centosVersion>7]];thenconf=(systemctl list-unit-files --type=service --state=enabled --no-pager | grep “enabled”)
process=KaTeX parse error: Expected 'EOF', got '#' at position 92: …vice") #̲报表信息 re…(echo "
c
o
n
f
"
∣
w
c
−
l
)
"
r
e
p
o
r
t
R
u
n
i
n
g
S
e
r
v
i
c
e
=
"
conf" | wc -l)" report_RuningService="
conf"∣wc−l)"reportRuningService="(echo "
p
r
o
c
e
s
s
"
∣
w
c
−
l
)
"
e
l
s
e
c
o
n
f
=
process" | wc -l)" else conf=
process"∣wc−l)"elseconf=(/sbin/chkconfig | grep -E “:on|:启用”)
process=KaTeX parse error: Expected 'EOF', got '#' at position 78: …正在运行") #̲报表信息 re…(echo "
c
o
n
f
"
∣
w
c
−
l
)
"
r
e
p
o
r
t
R
u
n
i
n
g
S
e
r
v
i
c
e
=
"
conf" | wc -l)" report_RuningService="
conf"∣wc−l)"reportRuningService="(echo “
p
r
o
c
e
s
s
"
∣
w
c
−
l
)
"
f
i
e
c
h
o
"
服
务
配
置
"
e
c
h
o
"
−
−
−
−
−
−
−
−
"
e
c
h
o
"
process" | wc -l)" fi echo "服务配置" echo "--------" echo "
process"∣wc−l)"fiecho"服务配置"echo"−−−−−−−−"echo"conf” | column -t
echo “”
echo “正在运行的服务”
echo “--------------”
echo “$process”
}
function getAutoStartStatus(){
echo “”
echo -e “\033[33m自启动检查\033[0m”
conf=KaTeX parse error: Expected group after '^' at position 11: (grep -v "^̲#" /etc/rc.d/rc…/d’)
echo “KaTeX parse error: Expected 'EOF', got '#' at position 11: conf" #̲报表信息 report…(echo $conf | wc -l)”
}
function getLoginStatus(){
echo “”
echo -e “\033[33m登录检查\033[0m”
last | head
}
function getNetworkStatus(){
echo “”
echo -e “\033[33m网络检查\033[0m”
if [[ $centosVersion < 7 ]];then
/sbin/ifconfig -a | grep -v packets | grep -v collisions | grep -v inet6
else
#ip a
for i in $(ip link | grep BROADCAST | awk -F: ‘{print $2}’);do ip add show $i | grep -E “BROADCAST|global”| awk '{print KaTeX parse error: Expected 'EOF', got '}' at position 2: 2}̲' | tr '\n' ' '…(ip route | grep default | awk '{print KaTeX parse error: Expected 'EOF', got '}' at position 2: 3}̲') DNS=(grep nameserver /etc/resolv.conf| grep -v “#” | awk ‘{print KaTeX parse error: Expected 'EOF', got '}' at position 2: 2}̲' | tr '\n' ','…//’)
echo “”
echo “网关:
G
A
T
E
W
A
Y
"
e
c
h
o
"
D
N
S
:
GATEWAY " echo "DNS:
GATEWAY"echo"DNS:DNS”
#报表信息
IP=$(ip -f inet addr | grep -v 127.0.0.1 | grep inet | awk ‘{print $NF,KaTeX parse error: Expected 'EOF', got '}' at position 2: 2}̲' | tr '\n' ','…//’)
MAC=$(ip link | grep -v “LOOPBACK|loopback” | awk ‘{print KaTeX parse error: Expected 'EOF', got '}' at position 2: 2}̲' | sed 'N;s/\n…//’)
report_IP="
I
P
"
r
e
p
o
r
t
M
A
C
=
IP" report_MAC=
IP"reportMAC=MAC
report_Gateway=“
G
A
T
E
W
A
Y
"
r
e
p
o
r
t
D
N
S
=
"
GATEWAY" report_DNS="
GATEWAY"reportDNS="DNS”
echo “”
ping -c 4 www.baidu.com >/dev/null 2>&1
if [ $? -eq 0 ];then
echo “网络连接:正常”
else
echo “网络连接:异常”
fi
}
function getListenStatus(){
echo “”
echo -e “\033[33m监听检查\033[0m”
TCPListen=
(
s
s
−
n
t
u
l
∣
c
o
l
u
m
n
−
t
)
e
c
h
o
"
(ss -ntul | column -t) echo "
(ss−ntul∣column−t)echo"TCPListen"
#报表信息
report_Listen=“
(
e
c
h
o
"
(echo "
(echo"TCPListen”| sed ‘1d’ | awk ‘/tcp/ {print $5}’ | awk -F: ‘{print $NF}’ | sort | uniq | wc -l)"
}
function getCronStatus(){
echo “”
echo -e “\033[33m计划任务检查\033[0m”
Crontab=0
for shell in $(grep -v “/sbin/nologin” /etc/shells);do
for user in
(
g
r
e
p
"
(grep "
(grep"shell" /etc/passwd| awk -F: ‘{print $1}’);do
crontab -l -u KaTeX parse error: Expected 'EOF', got '&' at position 19: …r >/dev/null 2>&̲1 s…?
if [
s
t
a
t
u
s
−
e
q
0
]
;
t
h
e
n
e
c
h
o
"
status -eq 0 ];then echo "
status−eq0];thenecho"user"
echo “--------”
crontab -l -u
u
s
e
r
l
e
t
C
r
o
n
t
a
b
=
C
r
o
n
t
a
b
+
user let Crontab=Crontab+
userletCrontab=Crontab+(crontab -l -u KaTeX parse error: Expected 'EOF', got '#' at position 80: …e done #̲计划任务 find /…(find /etc/cron* -type f | wc -l)
#报表信息
report_Crontab="KaTeX parse error: Expected 'EOF', got '}' at position 10: Crontab" }̲ function getHo…"
[ -z "KaTeX parse error: Expected 'EOF', got '&' at position 13: datetime" ] &̲& echo `stat /e…(date +%s -d "
d
a
t
e
t
i
m
e
"
)
N
o
w
T
i
m
e
s
t
a
m
p
=
datetime") Now_Timestamp=
datetime")NowTimestamp=(date +%s)
Difference_Timestamp=
(
(
((
((Now_Timestamp-
T
i
m
e
s
t
a
m
p
)
)
d
a
y
s
=
0
;
h
o
u
r
s
=
0
;
m
i
n
u
t
e
s
=
0
;
s
e
c
i
n
d
a
y
=
Timestamp)) days=0;hours=0;minutes=0; sec_in_day=
Timestamp))days=0;hours=0;minutes=0;secinday=((606024));
sec_in_hour=$((6060));
sec_in_minute=60
while ((
(
(
((
((Difference_Timestamp-$sec_in_day)) > 1 ))
do
let Difference_Timestamp=Difference_Timestamp-sec_in_day
let days++
done
while ((
(
(
((
((Difference_Timestamp-
s
e
c
i
n
h
o
u
r
)
)
>
1
)
)
d
o
l
e
t
D
i
f
f
e
r
e
n
c
e
T
i
m
e
s
t
a
m
p
=
D
i
f
f
e
r
e
n
c
e
T
i
m
e
s
t
a
m
p
−
s
e
c
i
n
h
o
u
r
l
e
t
h
o
u
r
s
+
+
d
o
n
e
e
c
h
o
"
sec_in_hour)) > 1 )) do let Difference_Timestamp=Difference_Timestamp-sec_in_hour let hours++ done echo "
secinhour))>1))doletDifferenceTimestamp=DifferenceTimestamp−secinhourlethours++doneecho"days 天 $hours 小时前"
}
function getUserLastLogin(){
# 获取用户最近一次登录的时间,含年份
# 很遗憾last命令不支持显示年份,只有"last -t YYYYMMDDHHMMSS"表示某个时间之间的登录,我
# 们只能用最笨的方法了,对比今天之前和今年元旦之前(或者去年之前和前年之前……)某个用户
# 登录次数,如果登录统计次数有变化,则说明最近一次登录是今年。
username=$1
:
u
s
e
r
n
a
m
e
:
=
"
‘
w
h
o
a
m
i
‘
"
t
h
i
s
Y
e
a
r
=
{username:="`whoami`"} thisYear=
username:="‘whoami‘"thisYear=(date +%Y)
oldesYear=$(last | tail -n1 | awk ‘{print $NF}’)
while(( $thisYear >=
o
l
d
e
s
Y
e
a
r
)
)
;
d
o
l
o
g
i
n
B
e
f
o
r
e
T
o
d
a
y
=
oldesYear));do loginBeforeToday=
oldesYear));dologinBeforeToday=(last $username | grep
u
s
e
r
n
a
m
e
∣
w
c
−
l
)
l
o
g
i
n
B
e
f
o
r
e
N
e
w
Y
e
a
r
s
D
a
y
O
f
T
h
i
s
Y
e
a
r
=
username | wc -l) loginBeforeNewYearsDayOfThisYear=
username∣wc−l)loginBeforeNewYearsDayOfThisYear=(last $username -t $thisYear"0101000000" | grep $username | wc -l)
if [ $loginBeforeToday -eq 0 ];then
echo “从未登录过”
break
elif [ $loginBeforeToday -gt
l
o
g
i
n
B
e
f
o
r
e
N
e
w
Y
e
a
r
s
D
a
y
O
f
T
h
i
s
Y
e
a
r
]
;
t
h
e
n
l
a
s
t
D
a
t
e
T
i
m
e
=
loginBeforeNewYearsDayOfThisYear ];then lastDateTime=
loginBeforeNewYearsDayOfThisYear];thenlastDateTime=(last -i KaTeX parse error: Expected '}', got 'EOF' at end of input: …++)printf"%s ",i}’)"
t
h
i
s
Y
e
a
r
"
l
a
s
t
D
a
t
e
T
i
m
e
=
thisYear" lastDateTime=
thisYear"lastDateTime=(date “+%Y-%m-%d %H:%M:%S” -d “
l
a
s
t
D
a
t
e
T
i
m
e
"
)
e
c
h
o
"
lastDateTime") echo "
lastDateTime")echo"lastDateTime”
break
else
thisYear=$((thisYear-1))
fi
done
}
function getUserStatus(){
echo “”
echo -e “\033[33m用户检查\033[0m”
#/etc/passwd 最后修改时间
pwdfile="
(
c
a
t
/
e
t
c
/
p
a
s
s
w
d
)
"
M
o
d
i
f
y
=
(cat /etc/passwd)" Modify=
(cat/etc/passwd)"Modify=(stat /etc/passwd | grep Modify | tr ‘.’ ’ ’ | awk ‘{print $2,$3}’)
echo "/etc/passwd: $Modify ($(getHowLongAgo $Modify))"
echo ""
echo "特权用户"
echo "--------"
RootUser=""
for user in $(echo "$pwdfile" | awk -F: '{print $1}');do
if [ $(id -u $user) -eq 0 ];then
echo "$user"
RootUser="$RootUser,$user"
fi
done
echo ""
echo "用户列表"
echo "--------"
USERs=0
echo "$(
echo "用户名 UID GID HOME SHELL 最后一次登录"
for shell in $(grep -v "/sbin/nologin" /etc/shells);do
for username in $(grep "$shell" /etc/passwd| awk -F: '{print $1}');do
userLastLogin="$(getUserLastLogin $username)"
echo "$pwdfile" | grep -w "$username" |grep -w "$shell"| awk -F: -v lastlogin="$(echo "$userLastLogin" | tr ' ' '_')" '{print $1,$3,$4,$6,$7,lastlogin}'
done
let USERs=USERs+$(echo "$pwdfile" | grep "$shell"| wc -l)
done
)" | column -t
echo ""
echo "空密码用户"
echo "----------"
USEREmptyPassword=""
for shell in $(grep -v "/sbin/nologin" /etc/shells);do
for user in $(echo "$pwdfile" | grep "$shell" | cut -d: -f1);do
r=$(awk -F: '$2=="!!"{print $1}' /etc/shadow | grep -w $user)
if [ ! -z $r ];then
echo $r
USEREmptyPassword="$USEREmptyPassword,"$r
fi
done
done
echo ""
echo "相同ID的用户"
echo "------------"
USERTheSameUID=""
UIDs=$(cut -d: -f3 /etc/passwd | sort | uniq -c | awk '$1>1{print $2}')
for uid in $UIDs;do
echo -n "$uid";
USERTheSameUID="$uid"
r=$(awk -F: 'ORS="";$3=='"$uid"'{print ":",$1}' /etc/passwd)
echo "$r"
echo ""
USERTheSameUID="$USERTheSameUID $r,"
done
#报表信息
report_USERs="$USERs"
report_USEREmptyPassword=$(echo $USEREmptyPassword | sed 's/^,//')
report_USERTheSameUID=$(echo $USERTheSameUID | sed 's/,$//')
report_RootUser=$(echo $RootUser | sed 's/^,//')
}
function getPasswordStatus {
echo “”
echo -e “\033[33m密码检查\033[0m”
pwdfile="$(cat /etc/passwd)"
echo “”
echo “密码过期检查”
echo “------------”
result=""
for shell in $(grep -v “/sbin/nologin” /etc/shells);do
for user in
(
e
c
h
o
"
(echo "
(echo"pwdfile" | grep "
s
h
e
l
l
"
∣
c
u
t
−
d
:
−
f
1
)
;
d
o
g
e
t
e
x
p
i
r
y
d
a
t
e
=
shell" | cut -d: -f1);do get_expiry_date=
shell"∣cut−d:−f1);dogetexpirydate=(/usr/bin/chage -l $user | grep ‘Password expires’ | cut -d: -f2)
if [[ $get_expiry_date = ’ never’ || $get_expiry_date = ‘never’ ]];then
printf “%-15s 永不过期\n”
u
s
e
r
r
e
s
u
l
t
=
"
user result="
userresult="result,
u
s
e
r
:
n
e
v
e
r
"
e
l
s
e
p
a
s
s
w
o
r
d
e
x
p
i
r
y
d
a
t
e
=
user:never" else password_expiry_date=
user:never"elsepasswordexpirydate=(date -d “
g
e
t
e
x
p
i
r
y
d
a
t
e
"
"
+
c
u
r
r
e
n
t
d
a
t
e
=
get_expiry_date" "+%s") current_date=
getexpirydate""+currentdate=(date “+%s”)
diff=
(
(
((
((password_expiry_date-
c
u
r
r
e
n
t
d
a
t
e
)
)
l
e
t
D
A
Y
S
=
current_date)) let DAYS=
currentdate))letDAYS=(($diff/(606024)))
printf “%-15s %s天后过期\n” $user
D
A
Y
S
r
e
s
u
l
t
=
"
DAYS result="
DAYSresult="result,
u
s
e
r
:
user:
user:DAYS days”
fi
done
done
report_PasswordExpiry=$(echo $result | sed ‘s/^,//’)
echo ""
echo "密码策略检查"
echo "------------"
grep -v "#" /etc/login.defs | grep -E "PASS_MAX_DAYS|PASS_MIN_DAYS|PASS_MIN_LEN|PASS_WARN_AGE"
}
function getSudoersStatus(){
echo “”
echo -e “\033[33mSudoers检查\033[0m”
conf=KaTeX parse error: Expected group after '^' at position 11: (grep -v "^̲#" /etc/sudoers…/d’)
echo “KaTeX parse error: Expected 'EOF', got '#' at position 23: … echo "" #̲报表信息 report…(echo $conf | wc -l)”
}
function getInstalledStatus(){
echo “”
echo -e “\033[33m软件检查\033[0m”
rpm -qa --last | head | column -t
}
function getProcessStatus(){
echo “”
echo -e “\033[33m进程检查\033[0m”
if [ $(ps -ef | grep defunct | grep -v grep | wc -l) -ge 1 ];then
echo “”
echo “僵尸进程”;
echo “--------”
ps -ef | head -n1
ps -ef | grep defunct | grep -v grep
fi
echo “”
echo “内存占用TOP10”
echo “-------------”
echo -e “PID %MEM RSS COMMAND
$(ps aux | awk '{print $2, $4, $6, KaTeX parse error: Expected 'EOF', got '}' at position 3: 11}̲' | sort -k3rn …(ps -ef | grep defunct | grep -v grep|wc -l)”
}
function getJDKStatus(){
echo “”
echo -e “\033[33mJDK检查\033[0m”
java -version 2>/dev/null
if [ KaTeX parse error: Expected 'EOF', got '&' at position 40: …ava -version 2>&̲1 fi ec…JAVA_HOME""
#报表信息
report_JDK="$(java -version 2>&1 | grep version | awk ‘{print $1,KaTeX parse error: Expected 'EOF', got '}' at position 2: 3}̲' | tr -d '"')"…(getState rsyslog)"
echo “”
echo “/etc/rsyslog.conf”
echo “-----------------”
cat /etc/rsyslog.conf 2>/dev/null | grep -v “^#” | grep -v "^\KaTeX parse error: Expected group after '^' at position 11: " | sed '/^̲/d’ | column -t
#报表信息
report_Syslog="$(getState rsyslog)"
}
function getFirewallStatus(){
echo “”
echo -e “\033[33m******************************************************* 防火墙检查*******************************************************\033[0m”
#防火墙状态,策略等
if [[ KaTeX parse error: Expected 'EOF', got '&' at position 76: … >/dev/null 2>&̲1 statu…?
if [ $status -eq 0 ];then
s=“active”
elif [ $status -eq 3 ];then
s=“inactive”
elif [
s
t
a
t
u
s
−
e
q
4
]
;
t
h
e
n
s
=
"
p
e
r
m
i
s
s
i
o
n
d
e
n
i
e
d
"
e
l
s
e
s
=
"
u
n
k
n
o
w
n
"
f
i
e
l
s
e
s
=
"
status -eq 4 ];then s="permission denied" else s="unknown" fi else s="
status−eq4];thens="permissiondenied"elses="unknown"fielses="(getState iptables)"
fi
echo “firewalld: KaTeX parse error: Expected 'EOF', got '#' at position 136: …>/dev/null #̲报表信息 report…s”
}
function getSNMPStatus(){
#SNMP服务状态,配置等
echo “”
echo -e “\033[33mSNMP检查\033[0m”
status=“
(
g
e
t
S
t
a
t
e
s
n
m
p
d
)
"
e
c
h
o
"
服
务
状
态
:
(getState snmpd)" echo "服务状态:
(getStatesnmpd)"echo"服务状态:status”
echo “”
if [ -e /etc/snmp/snmpd.conf ];then
echo “/etc/snmp/snmpd.conf”
echo “--------------------”
cat /etc/snmp/snmpd.conf 2>/dev/null | grep -v “^#” | sed '/^KaTeX parse error: Expected 'EOF', got '#' at position 16: /d' fi #̲报表信息 report…(getState snmpd)"
}
function getState(){
if [[ $centosVersion < 7 ]];then
if [ -e “/etc/init.d/$1” ];then
if [ /etc/init.d/$1 status 2>/dev/null | grep -E "is running|正在运行" | wc -l
-ge 1 ];then
r=“active”
else
r=“inactive”
fi
else
r=“unknown”
fi
else
#CentOS 7+
r="$(systemctl is-active KaTeX parse error: Expected 'EOF', got '&' at position 5: 1 2>&̲1)" fi …r"
}
function getSSHStatus(){
#SSHD服务状态,配置,受信任主机等
echo “”
echo -e “\033[33mSSH检查\033[0m”
#检查受信任主机
pwdfile="
(
c
a
t
/
e
t
c
/
p
a
s
s
w
d
)
"
e
c
h
o
"
服
务
状
态
:
(cat /etc/passwd)" echo "服务状态:
(cat/etc/passwd)"echo"服务状态:(getState sshd)"
Protocol_Version=$(cat /etc/ssh/sshd_config | grep Protocol | awk '{print KaTeX parse error: Expected 'EOF', got '}' at position 2: 2}̲') echo "SS…Protocol_Version"
echo “”
echo “信任主机”
echo “--------”
authorized=0
for user in
(
e
c
h
o
"
(echo "
(echo"pwdfile" | grep /bin/bash | awk -F: '{print KaTeX parse error: Expected 'EOF', got '}' at position 2: 1}̲');do a…(echo “$pwdfile” | grep -w $user | awk -F: '{printf KaTeX parse error: Expected 'EOF', got '}' at position 25: …uthorized_keys"}̲') auth…(cat $authorize_file 2>/dev/null | awk ‘{print KaTeX parse error: Expected 'EOF', got '}' at position 2: 3}̲' | tr '\n' ','…//’)
if [ ! -z
a
u
t
h
o
r
i
z
e
d
h
o
s
t
]
;
t
h
e
n
e
c
h
o
"
authorized_host ];then echo "
authorizedhost];thenecho"user 授权 "KaTeX parse error: Can't use function '\"' in math mode at position 16: authorized_host\̲"̲ 无密码访问" …(cat $authorize_file 2>/dev/null | awk ‘{print $3}’|wc -l)
done
echo ""
echo "是否允许ROOT远程登录"
echo "--------------------"
config=$(cat /etc/ssh/sshd_config | grep PermitRootLogin)
firstChar=${config:0:1}
if [ $firstChar == "#" ];then
PermitRootLogin="yes"
else
PermitRootLogin=$(echo $config | awk '{print $2}')
fi
echo "PermitRootLogin $PermitRootLogin"
echo ""
echo "/etc/ssh/sshd_config"
echo "--------------------"
cat /etc/ssh/sshd_config | grep -v "^#" | sed '/^$/d'
#报表信息
report_SSHAuthorized="$authorized"
report_SSHDProtocolVersion="$Protocol_Version"
report_SSHDPermitRootLogin="$PermitRootLogin"
}
function getNTPStatus(){
#NTP服务状态,当前时间,配置等
echo “”
echo -e “\033[33mNTP检查\033[0m”
if [ -e /etc/ntp.conf ];then
echo “服务状态:KaTeX parse error: Expected group after '^' at position 141: …ull | grep -v "^̲#" | sed '/^/d’
fi
#报表信息
report_NTP=”$(getState ntpd)"
}
function uploadHostDailyCheckReport(){
json="{
“DateTime”:“KaTeX parse error: Can't use function '\"' in math mode at position 16: report_DateTime\̲"̲, \"Hos…report_Hostname”,
“OSRelease”:“KaTeX parse error: Can't use function '\"' in math mode at position 17: …eport_OSRelease\̲"̲, \"Ker…report_Kernel”,
“Language”:“KaTeX parse error: Can't use function '\"' in math mode at position 16: report_Language\̲"̲, \"Las…report_LastReboot”,
“Uptime”:“KaTeX parse error: Can't use function '\"' in math mode at position 14: report_Uptime\̲"̲, \"CPU…report_CPUs”,
“CPUType”:“KaTeX parse error: Can't use function '\"' in math mode at position 15: report_CPUType\̲"̲, \"Arc…report_Arch”,
“MemTotal”:“KaTeX parse error: Can't use function '\"' in math mode at position 16: report_MemTotal\̲"̲, \"Mem…report_MemFree”,
“MemUsedPercent”:“KaTeX parse error: Can't use function '\"' in math mode at position 22: …_MemUsedPercent\̲"̲, \"Dis…report_DiskTotal”,
“DiskFree”:“KaTeX parse error: Can't use function '\"' in math mode at position 16: report_DiskFree\̲"̲, \"Dis…report_DiskUsedPercent”,
“InodeTotal”:“KaTeX parse error: Can't use function '\"' in math mode at position 18: …port_InodeTotal\̲"̲, \"Ino…report_InodeFree”,
“InodeUsedPercent”:“KaTeX parse error: Can't use function '\"' in math mode at position 24: …nodeUsedPercent\̲"̲, \"IP\…report_IP”,
“MAC”:“KaTeX parse error: Can't use function '\"' in math mode at position 11: report_MAC\̲"̲, \"Gat…report_Gateway”,
“DNS”:“KaTeX parse error: Can't use function '\"' in math mode at position 11: report_DNS\̲"̲, \"Lis…report_Listen”,
“Selinux”:“KaTeX parse error: Can't use function '\"' in math mode at position 15: report_Selinux\̲"̲, \"Fir…report_Firewall”,
“USERs”:“KaTeX parse error: Can't use function '\"' in math mode at position 13: report_USERs\̲"̲, \"USE…report_USEREmptyPassword”,
“USERTheSameUID”:“KaTeX parse error: Can't use function '\"' in math mode at position 22: …_USERTheSameUID\̲"̲, \"Pas…report_PasswordExpiry”,
“RootUser”:“KaTeX parse error: Can't use function '\"' in math mode at position 16: report_RootUser\̲"̲, \"Sud…report_Sudoers”,
“SSHAuthorized”:“KaTeX parse error: Can't use function '\"' in math mode at position 21: …t_SSHAuthorized\̲"̲, \"SSH…report_SSHDProtocolVersion”,
“SSHDPermitRootLogin”:“KaTeX parse error: Can't use function '\"' in math mode at position 27: …PermitRootLogin\̲"̲, \"Def…report_DefunctProsess”,
“SelfInitiatedService”:“KaTeX parse error: Can't use function '\"' in math mode at position 28: …nitiatedService\̲"̲, \"Sel…report_SelfInitiatedProgram”,
“RuningService”:“KaTeX parse error: Can't use function '\"' in math mode at position 21: …t_RuningService\̲"̲, \"Cro…report_Crontab”,
“Syslog”:“KaTeX parse error: Can't use function '\"' in math mode at position 14: report_Syslog\̲"̲, \"SNM…report_SNMP”,
“NTP”:“KaTeX parse error: Can't use function '\"' in math mode at position 11: report_NTP\̲"̲, \"JDK…report_JDK”
}"
#echo “
j
s
o
n
"
c
u
r
l
−
l
−
H
"
C
o
n
t
e
n
t
−
t
y
p
e
:
a
p
p
l
i
c
a
t
i
o
n
/
j
s
o
n
"
−
X
P
O
S
T
−
d
"
json" curl -l -H "Content-type: application/json" -X POST -d "
json"curl−l−H"Content−type:application/json"−XPOST−d"json” “$uploadHostDailyCheckReportApi” 2>/dev/null
}
function check(){
version
getSystemStatus
getCpuStatus
getMemStatus
getDiskStatus
getNetworkStatus
getListenStatus
getProcessStatus
getServiceStatus
getAutoStartStatus
getLoginStatus
getCronStatus
getUserStatus
getPasswordStatus
getSudoersStatus
getJDKStatus
getFirewallStatus
getSSHStatus
getSyslogStatus
getSNMPStatus
getNTPStatus
getInstalledStatus
}
#执行检查并保存检查结果
check > $RESULTFILE
echo -e “\033[44;37m 检查结果存放在:$RESULTFILE \033[0m”
#上传检查结果的文件
#curl -F “filename=@
R
E
S
U
L
T
F
I
L
E
"
"
RESULTFILE" "
RESULTFILE""uploadHostDailyCheckApi” 2>/dev/null