一键检查LINUX基础环境
一键检查LINUX基础环境
搞这个脚本的初衷:
每次我部署完环境,都得认真慢慢检查一般,有点费劲,一直想搞个像样的一键检查脚本,这不,可算抽空打个样了。
[root@z4 ~]# sh bench.sh
----------------------------------------------------------------------
检查时间
2020-03-13 02:58:54 Friday硬件配置CPU 型号 : Intel(R) Core(TM) i5-8265U CPU @ 1.60GHz
CPU 主频 : 1800.001 MHz
CPU 架构 : x86_64 (64 Bit)
CPU 物理数 : 1
CPU 逻辑数 : 1
CPU 核心数 : 1
磁盘空间 : 18.0 GB (6.4 GB Used)
物理内存 : 972 MB (111 MB Used)
虚拟内存 : 6047 MB (0 MB Used)
系统空闲时间 : 0 days, 17 hour 39 min
系统平均负载 : 0.10, 0.10, 0.07
系统版本 : CentOS 7.7.1908
内核版本 : 3.10.0-1062.12.1.el7.x86_64
----------------------------------------------------------------------
IO性能I/O speed(1st run) : 1.6 GB/s
I/O speed(2nd run) : 1.6 GB/s
I/O speed(3rd run) : 1.6 GB/s
平均I/O性能 : 1638.4 MB/s
----------------------------------------------------------------------
网络信息地址IP地址 : 192.168.162.14
MAC地址 : ens33:00:0c:29:21:bd:e6
DNS地址 : 8.8.8.8,114.114.114.114
网关地址 : 192.168.162.2连接ESTABLISHED 2监听127.0.0.1:25 1082/master
0.0.0.0:22 918/sshd
::1:25 1082/master
:::22 918/sshd
----------------------------------------------------------------------
主机信息主机名 : z4HOSTS文件192.168.162.11 z1
192.168.162.12 z2
192.168.162.13 z3
192.168.162.14 z4
192.168.162.15 z5
----------------------------------------------------------------------
端口信息UDPActive Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
udp 0 0 127.0.0.1:323 0.0.0.0:* 689/chronyd
udp6 0 0 ::1:323 :::* 689/chronyd TCPActive Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1082/master
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 918/sshd
tcp6 0 0 ::1:25 :::* LISTEN 1082/master
tcp6 0 0 :::22 :::* LISTEN 918/sshd
----------------------------------------------------------------------
语言环境JAVA版本 : OPENJDK 1.8.0_242
JAVA_HOME : "/usr/lib/jvm/java"
----------------------------------------------------------------------
磁盘信息Filesystem Type | Size Used Avail Use% | Inodes IUsed IFree IUse% | Mounted
devtmpfs devtmpfs | 475M 0 475M 0% | 119K 384 119K 1% | /dev
tmpfs tmpfs | 487M 0 487M 0% | 122K 1 122K 1% | /dev/shm
tmpfs tmpfs | 487M 0 487M 0% | 122K 718 121K 1% | /run
tmpfs tmpfs | 487M 0 487M 0% | 122K 16 122K 1% | /sys/fs/cgroup
/dev/mapper/centos-root xfs | 17G 6.2G 11G 37% | 8.5M 51K 8.5M 1% | /
/dev/sda1 xfs | 1014M 160M 855M 16% | 512K 333 512K 1% | /boot
tmpfs tmpfs | 98M 0 98M 0% | 122K 1 122K 1% | /run/user/0
----------------------------------------------------------------------
安全状态防火墙 :DEAD
SELINUX :DISABLED
----------------------------------------------------------------------
定时任务-rw-r--r--. 1 root root 128 Aug 9 2019 /etc/cron.d/0hourly
-rwx------. 1 root root 219 Oct 31 2018 /etc/cron.daily/logrotate
-rwxr-xr-x. 1 root root 618 Oct 30 2018 /etc/cron.daily/man-db.cron
-rw-------. 1 root root 0 Aug 9 2019 /etc/cron.deny
-rwxr-xr-x. 1 root root 392 Aug 9 2019 /etc/cron.hourly/0anacron
-rw-r--r--. 1 root root 451 Jun 10 2014 /etc/crontab
----------------------------------------------------------------------
服务列表正在运行1 auditd.service Security Auditing Service2 chronyd.service NTP client/server3 crond.service Command Scheduler4 dbus.service D-Bus System Message Bus5 getty@tty1.service Getty on tty16 lvm2-lvmetad.service LVM2 metadata daemon7 NetworkManager.service Network Manager8 polkit.service Authorization Manager9 postfix.service Postfix Mail Transport Agent10 rsyslog.service System Logging Service11 sshd.service OpenSSH server daemon12 systemd-journald.service Journal Service13 systemd-logind.service Login Service14 systemd-udevd.service udev Kernel Device Manager15 tuned.service Dynamic System Tuning Daemon开机自启1 auditd.service2 autovt@.service3 chronyd.service4 crond.service5 dbus-org.freedesktop.NetworkManager.service6 dbus-org.freedesktop.nm-dispatcher.service7 getty@.service8 ipmi.service9 ipmievd.service10 irqbalance.service11 kdump.service12 lm_sensors.service13 lvm2-monitor.service14 microcode.service15 NetworkManager-dispatcher.service16 NetworkManager-wait-online.service17 NetworkManager.service18 postfix.service19 rhel-autorelabel.service20 rhel-configure.service21 rhel-dmesg.service22 rhel-domainname.service23 rhel-import-state.service24 rhel-loadmodules.service25 rhel-readonly.service26 rsyslog.service27 sshd.service28 systemd-readahead-collect.service29 systemd-readahead-drop.service30 systemd-readahead-replay.service31 tuned.service----------------------------------------------------------------------
登录检查成功登录历史
33次
root pts/1 192.168.162.1 Thu Mar 12 22:13 still logged in
root pts/0 192.168.162.1 Thu Mar 12 22:08 still logged in
root pts/1 192.168.162.1 Thu Mar 12 10:42 - 22:06 (11:23)
root pts/0 192.168.162.1 Thu Mar 12 09:27 - 22:06 (12:38)
root pts/1 192.168.162.1 Wed Mar 11 12:31 - 21:12 (08:41)
root pts/0 192.168.162.1 Fri Mar 6 16:03 - 21:12 (5+05:09)
root pts/2 192.168.162.1 Fri Mar 6 07:43 - 15:10 (07:27)
root pts/1 192.168.162.1 Thu Mar 5 23:25 - 15:09 (15:43)
root pts/0 192.168.162.1 Thu Mar 5 23:01 - 09:51 (10:49)
root pts/1 192.168.162.1 Thu Mar 5 15:16 - 16:05 (00:49)
root pts/0 192.168.162.1 Thu Mar 5 15:08 - 16:05 (00:56)
root pts/0 192.168.162.1 Tue Mar 3 21:35 - 22:40 (01:04)
root pts/0 192.168.162.1 Sun Mar 1 01:50 - 01:53 (00:02)
root pts/0 192.168.162.1 Fri Feb 28 16:37 - 16:42 (00:04)
root pts/0 192.168.162.1 Fri Feb 28 12:19 - 16:35 (04:15)
root pts/1 192.168.162.1 Thu Feb 27 22:48 - 22:49 (00:01)
root pts/0 192.168.162.1 Thu Feb 27 09:33 - 12:00 (1+02:26)
root pts/0 192.168.162.1 Wed Feb 26 20:56 - crash (06:00)
root pts/0 192.168.162.1 Wed Feb 26 16:56 - crash (04:00)
root pts/0 192.168.162.1 Wed Feb 26 10:26 - 16:49 (06:23)
root pts/1 z4 Tue Feb 25 20:38 - 20:38 (00:00)
root pts/1 z4 Tue Feb 25 20:37 - 20:37 (00:00)
root pts/0 z2 Tue Feb 25 19:27 - 21:27 (01:59)
root tty1 Tue Feb 25 19:19 - 20:56 (1+01:37)
root tty1 Wed Feb 26 03:00 - 19:18 (-7:-42) wtmp begins Wed Feb 26 03:00:23 2020登录失败记录
0次btmp begins Tue Mar 3 22:31:02 2020系统重启记录
reboot system boot 3.10.0-1062.12.1 Thu Mar 12 07:59 - 02:58 (18:58)
reboot system boot 3.10.0-1062.12.1 Thu Mar 5 14:36 - 02:58 (7+12:22)
reboot system boot 3.10.0-1062.12.1 Tue Mar 3 21:35 - 02:58 (9+05:23)
reboot system boot 3.10.0-1062.12.1 Sat Feb 29 14:03 - 02:58 (12+12:55)
reboot system boot 3.10.0-1062.12.1 Thu Feb 27 02:57 - 02:58 (15+00:01)
reboot system boot 3.10.0-1062.12.1 Wed Feb 26 20:56 - 02:58 (15+06:02)
reboot system boot 3.10.0-862.el7.x Tue Feb 25 19:18 - 02:58 (16+07:40)
reboot system boot 3.10.0-862.el7.x Wed Feb 26 03:00 - 19:18 (-7:-41) 运行级别切换记录
runlevel (to lvl 3) 3.10.0-1062.12.1 Thu Mar 12 08:00 - 02:58 (18:58)
runlevel (to lvl 3) 3.10.0-1062.12.1 Thu Mar 5 14:36 - 08:00 (6+17:23)
runlevel (to lvl 3) 3.10.0-1062.12.1 Tue Mar 3 21:35 - 14:36 (1+17:01)
runlevel (to lvl 3) 3.10.0-1062.12.1 Sat Feb 29 14:03 - 21:35 (3+07:31)
runlevel (to lvl 3) 3.10.0-1062.12.1 Thu Feb 27 02:57 - 14:03 (2+11:06)
runlevel (to lvl 3) 3.10.0-1062.12.1 Wed Feb 26 20:56 - 02:57 (06:00)
runlevel (to lvl 3) 3.10.0-862.el7.x Tue Feb 25 19:19 - 20:56 (1+01:37)
runlevel (to lvl 3) 3.10.0-862.el7.x Wed Feb 26 03:00 - 19:18 (-7:-42) ----------------------------------------------------------------------
用户检查特权用户root可登录用户USER UID GID HOME SHELL last_login
root 0 0 /root /bin/bash 2020-03-12_22:13:00
tomcat 1040 1040 /home/tomcat /bin/bash 从未登录过空密码用户相同ID用户----------------------------------------------------------------------
密码检查最后一次改密码: 2020-03-05 15:22:15 (7 天 11 小时前)过期时间
root 永不过期
tomcat 永不过期密码策略PASS_MAX_DAYS 99999
PASS_MIN_DAYS 0
PASS_MIN_LEN 5
PASS_WARN_AGE 7
----------------------------------------------------------------------
软件安装记录最新安装: 475 个最新10条:net-tools-2.0-0.25.20131004git.el7.x86_64 Fri 06 Mar 2020 08:13:40 AM CST
lshw-B.02.18-13.el7.x86_64 Fri 06 Mar 2020 01:50:46 AM CST
xorg-x11-utils-7.5-23.el7.x86_64 Fri 06 Mar 2020 01:28:16 AM CST
perl-XML-Parser-2.41-10.el7.x86_64 Fri 06 Mar 2020 01:28:16 AM CST
perl-XML-Dumper-0.81-17.el7.noarch Fri 06 Mar 2020 01:28:16 AM CST
perl-Cpanel-JSON-XS-3.0104-1.el7.x86_64 Fri 06 Mar 2020 01:28:16 AM CST
perl-Convert-Bencode-1.03-9.el7.noarch Fri 06 Mar 2020 01:28:16 AM CST
libXxf86misc-1.0.3-7.1.el7.x86_64 Fri 06 Mar 2020 01:28:16 AM CST
libXv-1.0.11-1.el7.x86_64 Fri 06 Mar 2020 01:28:16 AM CST
libdmx-1.1.3-3.el7.x86_64 Fri 06 Mar 2020 01:28:16 AM CST
----------------------------------------------------------------------
时间同步当前时间 : 2020-03-13 02:58:58 Friday同步源
0.centos.pool.ntp.org
1.centos.pool.ntp.org
2.centos.pool.ntp.org
3.centos.pool.ntp.org服务状态
udp 0 0 127.0.0.1:323 0.0.0.0:* 689/chronyd
udp6 0 0 ::1:323 :::* 689/chronyd同步状态Local time: Fri 2020-03-13 02:58:58 CSTUniversal time: Thu 2020-03-12 18:58:58 UTCRTC time: Fri 2020-03-13 05:10:54Time zone: Asia/Shanghai (CST, +0800)NTP enabled: yes
NTP synchronized: noRTC in local TZ: noDST active: n/a----------------------------------------------------------------------
SSH远程服务状态
running协议版本
OpenSSH_7.4p1, OpenSSL 1.0.2k-fips 26 Jan 2017ROOT远程
#PermitRootLogin yes配置
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_ecdsa_key
HostKey /etc/ssh/ssh_host_ed25519_key
SyslogFacility AUTHPRIV
AuthorizedKeysFile .ssh/authorized_keys
PasswordAuthentication yes
ChallengeResponseAuthentication no
GSSAPIAuthentication yes
GSSAPICleanupCredentials no
UsePAM yes
X11Forwarding yes
AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE
AcceptEnv XMODIFIERS
Subsystem sftp /usr/libexec/openssh/sftp-server端口
22----------------------------------------------------------------------
自启动明细
1 个touch /var/lock/subsys/local----------------------------------------------------------------------
提权详情
root ALL=(ALL) ALL
%wheel ALL=(ALL) ALL----------------------------------------------------------------------
进程检查僵尸数量 0UID PID PPID C STIME TTY TIME CMD内存 TOP10
USER PID %MEM RSS COMMAND
root 922 1.9 19308 /usr/bin/python2
polkitd 669 1.0 10236 /usr/lib/polkit-1/polkitd
root 672 0.8 8948 /usr/sbin/NetworkManager
root 63034 0.6 6092 sshd:
root 64314 0.6 6092 sshd:
root 919 0.6 6640 /usr/sbin/rsyslogd
postfix 1090 0.4 4080 qmgr
postfix 82302 0.4 4060 pickup
root 1 0.4 3988 /usr/lib/systemd/systemd
root 918 0.4 4324 /usr/sbin/sshdCPU TOP10
PID USER %CPU COMMAND
1 root 0.0 systemd
2 root 0.0 kthreadd
4 root 0.0 kworker/0:0H
6 root 0.0 ksoftirqd/0
7 root 0.0 migration/0
8 root 0.0 rcu_bh
9 root 0.0 rcu_sched
10 root 0.0 lru-add-drain
11 root 0.0 watchdog/0
13 root 0.0 kdevtmpfs----------------------------------------------------------------------
系统日志配置日志类型 存放路径
*.info;mail.none;authpriv.none;cron.none /var/log/messages
authpriv.* /var/log/secure
mail.* -/var/log/maillog
cron.* /var/log/cron
*.emerg :omusrmsg:*
uucp,news.crit /var/log/spooler
local7.* /var/log/boot.log服务
running
bench.sh源码
#!/usr/bin/env bash
#
# Description: Auto test download & I/O speed script
#
#if [ ! -e '/usr/bin/wget' ]; thenecho "Error: wget command not found. You must be install wget command at first."exit 1
fi# Colors
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[0;33m'
PLAIN='\033[0m'get_opsy() {[ -f /etc/redhat-release ] && awk '{print ($1,$3~/^[0-9]/?$3:$4)}' /etc/redhat-release && return[ -f /etc/os-release ] && awk -F'[= "]' '/PRETTY_NAME/{print $3,$4,$5}' /etc/os-release && return[ -f /etc/lsb-release ] && awk -F'[="]+' '/DESCRIPTION/{print $2}' /etc/lsb-release && return
}next() {printf "%-70s\n" "-" | sed 's/\s/-/g'
}io_test() {(LANG=C dd if=/dev/zero of=test_$$ bs=64k count=16k conv=fdatasync && rm -f test_$$ ) 2>&1 | awk -F, '{io=$NF} END { print io}' | sed 's/^[ \t]*//;s/[ \t]*$//'
}calc_disk() {local total_size=0local array=$@for size in ${array[@]}do[ "${size}" == "0" ] && size_t=0 || size_t=`echo ${size:0:${#size}-1}`[ "`echo ${size:(-1)}`" == "K" ] && size=0[ "`echo ${size:(-1)}`" == "M" ] && size=$( awk 'BEGIN{printf "%.1f", '$size_t' / 1024}' )[ "`echo ${size:(-1)}`" == "T" ] && size=$( awk 'BEGIN{printf "%.1f", '$size_t' * 1024}' )[ "`echo ${size:(-1)}`" == "G" ] && size=${size_t}total_size=$( awk 'BEGIN{printf "%.1f", '$total_size' + '$size'}' )doneecho ${total_size}
}cname=$( awk -F: '/model name/ {name=$2} END {print name}' /proc/cpuinfo | sed 's/^[ \t]*//;s/[ \t]*$//' )
cores=$( awk -F: '/model name/ {core++} END {print core}' /proc/cpuinfo )
freq=$( awk -F: '/cpu MHz/ {freq=$2} END {print freq}' /proc/cpuinfo | sed 's/^[ \t]*//;s/[ \t]*$//' )
tram=$( free -m | awk '/Mem/ {print $2}' )
uram=$( free -m | awk '/Mem/ {print $3}' )
swap=$( free -m | awk '/Swap/ {print $2}' )
uswap=$( free -m | awk '/Swap/ {print $3}' )
up=$( awk '{a=$1/86400;b=($1%86400)/3600;c=($1%3600)/60} {printf("%d days, %d hour %d min\n",a,b,c)}' /proc/uptime )
load=$( w | head -1 | awk -F'load average:' '{print $2}' | sed 's/^[ \t]*//;s/[ \t]*$//' )
opsy=$( get_opsy )
arch=$( uname -m )
lbit=$( getconf LONG_BIT )
kern=$( uname -r )
ipv6=$( wget -qO- -t1 -T2 ipv6.icanhazip.com )
disk_size1=($( LANG=C df -ahPl | grep -wvE '\-|none|tmpfs|devtmpfs|by-uuid|chroot|Filesystem' | awk '{print $2}' ))
disk_size2=($( LANG=C df -ahPl | grep -wvE '\-|none|tmpfs|devtmpfs|by-uuid|chroot|Filesystem' | awk '{print $3}' ))
disk_total_size=$( calc_disk ${disk_size1[@]} )
disk_used_size=$( calc_disk ${disk_size2[@]} )
HOSTNAME=`hostname -s`
Physical_CPUs=$(grep "physical id" /proc/cpuinfo| sort | uniq | wc -l)
Virt_CPUs=$(grep "processor" /proc/cpuinfo | wc -l)clear
##############################################################################################################################################################################################
next
TIME=$(date +"%F %T %A" )
echo -e "\033[42m检查时间\033[0m\n$TIME"
echo ""echo -e "\033[33m硬件配置\033[0m"
echo ""
echo "CPU 型号 : $cname"
echo "CPU 主频 : $freq MHz"
echo "CPU 架构 : $arch ($lbit Bit)"
echo "CPU 物理数 : $Physical_CPUs"
echo "CPU 逻辑数 : $Virt_CPUs"
echo "CPU 核心数 : $cores"
echo "磁盘空间 : $disk_total_size GB ($disk_used_size GB Used)"
echo "物理内存 : $tram MB ($uram MB Used)"
echo "虚拟内存 : $swap MB ($uswap MB Used)"
echo "系统空闲时间 : $up"
echo "系统平均负载 : $load"
echo "系统版本 : $opsy"
echo "内核版本 : $kern"next
echo -e "\033[36mIO性能\033[0m"
echo ""
io1=$( io_test )
echo "I/O speed(1st run) : $io1"
io2=$( io_test )
echo "I/O speed(2nd run) : $io2"
io3=$( io_test )
echo "I/O speed(3rd run) : $io3"
ioraw1=$( echo $io1 | awk 'NR==1 {print $1}' )
[ "`echo $io1 | awk 'NR==1 {print $2}'`" == "GB/s" ] && ioraw1=$( awk 'BEGIN{print '$ioraw1' * 1024}' )
ioraw2=$( echo $io2 | awk 'NR==1 {print $1}' )
[ "`echo $io2 | awk 'NR==1 {print $2}'`" == "GB/s" ] && ioraw2=$( awk 'BEGIN{print '$ioraw2' * 1024}' )
ioraw3=$( echo $io3 | awk 'NR==1 {print $1}' )
[ "`echo $io3 | awk 'NR==1 {print $2}'`" == "GB/s" ] && ioraw3=$( awk 'BEGIN{print '$ioraw3' * 1024}' )
ioall=$( awk 'BEGIN{print '$ioraw1' + '$ioraw2' + '$ioraw3'}' )
ioavg=$( awk 'BEGIN{printf "%.1f", '$ioall' / 3}' )
echo "平均I/O性能 : $ioavg MB/s"next
echo -e "\033[36m网络信息\033[0m"
echo ""
echo -e "\033[36m地址\033[0m"
IP=$(ip a|grep -E 'eth0|ens33'|grep /2|awk '{print $2}'|awk -F'/' '{print $1}'| tr '\n' ',' | sed 's/,$//')
GATEWAY=$(ip route | grep default | awk '{print $3}')
MAC=$(ip link | grep -v "LOOPBACK\|loopback" | awk '{print $2}' | sed 'N;s/\n//' | tr '\n' ',' | sed 's/,$//')
DNS=$(grep nameserver /etc/resolv.conf| grep -v "#" | awk '{print $2}' | tr '\n' ',' | sed 's/,$//')
echo ""
echo "IP地址 : $IP "
echo "MAC地址 : $MAC"
echo "DNS地址 : $DNS"
echo "网关地址 : $GATEWAY"echo ""
echo -e "\033[36m连接\033[0m"
echo ""
netstat -n |grep -v '127.0.0.1'| awk '/^tcp/ {++S[$NF]} END {for(a in S) print a, S[a]}'echo ""
echo -e "\033[36m监听\033[0m"
echo ""
netstat -tnpl | awk 'NR>2 {printf "%-20s %-15s \n",$4,$7}'next
echo -e "\033[32m主机信息\033[0m"
echo ""
echo -e "\033[32m主机名\033[0m : $HOSTNAME"
HOST=$(grep -Ev '^#|127.0.0.1|localhost' /etc/hosts)
echo ""
echo -e "\033[32mHOSTS文件\033[0m\n\n$HOST"next
echo -e "\033[32m端口信息\033[0m"
echo ""
echo -e "\033[32mUDP\033[0m"
echo ""
netstat -nupl
echo ""
echo -e "\033[32mTCP\033[0m"
echo ""
netstat -ntplnext
echo -e "\033[36m语言环境\033[0m"
function getJDKStatus(){echo ""java -version 2>/dev/nullif [ $? -eq 0 ];thenjava -version 2>/dev/nullfireport_JDK="$(java -version 2>&1 | grep version | awk '{print $1,$3}' |tr '[:lower:]' '[:upper:]'| tr -d '"')"echo "JAVA版本 : $report_JDK"echo "JAVA_HOME : \"$JAVA_HOME\""
}
getJDKStatusnext
echo -e "\033[36m磁盘信息\033[0m"
echo ""
disk_status=$(join /tmp/disk /tmp/inode | awk '{print $1,$2,"|",$3,$4,$5,$6,"|",$8,$9,$10,$11,"|",$12}'| column -t|awk 'NR<=5||NR>=12{print}')
echo -e "$disk_status"next
echo -e "\033[36m安全状态\033[0m"
echo ""
fw_status=$(systemctl status firewalld|grep Active|awk -F '(' '{print $2}'|awk -F ')' '{print $1}'|tr '[:lower:]' '[:upper:]')
sl_status=$(grep -Ev '^#|SELINUXTYPE|^$' /etc/selinux/config |awk -F '=' '{print $2}'|tr '[:lower:]' '[:upper:]')
echo "防火墙 :$fw_status"
echo "SELINUX :$sl_status"next
echo -e "\033[36m定时任务\033[0m"
function getCronStatus(){echo ""Crontab=0for shell in $(grep -v "/sbin/nologin" /etc/shells);dofor user in $(grep "$shell" /etc/passwd| awk -F: '{print $1}');docrontab -l -u $user >/dev/null 2>&1status=$?if [ $status -eq 0 ];thenecho "$user"echo "--------"crontab -l -u $userlet Crontab=Crontab+$(crontab -l -u $user | wc -l)echo ""fidonedone#计划任务find /etc/cron* -type f | xargs -i ls -l {} | column -tlet Crontab=Crontab+$(find /etc/cron* -type f | wc -l)#报表信息report_Crontab="$Crontab"
}
getCronStatusnext
echo -e "\033[36m服务列表\033[0m"
echo ""
running_server=$(systemctl list-units --type=service --state=running --no-pager |grep .service|awk -F'loaded active running' '{print $1,$2}'|nl)
enabled_server=$(systemctl list-unit-files --type=service --state=enabled --no-pager |awk '{print $1}'|awk 'NR>2{print p}{p=$0}'|nl)
echo -e "\033[36m正在运行\033[0m\n$running_server"
echo ""
echo -e "\033[36m开机自启\033[0m\n$enabled_server"
echo ""next
echo -e "\033[36m登录检查\033[0m"
echo ""
login_old_n=$(last|grep -Ev '^$|^wtmp' |wc -l)
login_old=$(last |grep -v reboot)
echo -e "\033[36m成功登录历史\033[0m\n$login_old_n次\n$login_old"
echo ""
login_fail_n=$(lastb |grep -Ev '^$|^btmp' |wc -l)
login_fail=$(lastb)
echo -e "\033[36m登录失败记录\033[0m\n$login_fail_n次\n$login_fail"
echo ""
sys_reboot=$(last|grep reboot)
echo -e "\033[36m系统重启记录\033[0m\n$sys_reboot"
echo ""
runlevel_log=$(last -x|grep run)
echo -e "\033[36m运行级别切换记录\033[0m\n$runlevel_log"
echo ""next
echo -e "\033[36m用户检查\033[0m"
function getHowLongAgo(){# 计算一个时间戳离现在有多久了datetime="$*"[ -z "$datetime" ] && echo `stat /etc/passwd|awk "NR==6"`Timestamp=$(date +%s -d "$datetime") Now_Timestamp=$(date +%s)Difference_Timestamp=$(($Now_Timestamp-$Timestamp))days=0;hours=0;minutes=0;sec_in_day=$((60*60*24));sec_in_hour=$((60*60));sec_in_minute=60while (( $(($Difference_Timestamp-$sec_in_day)) > 1 ))dolet Difference_Timestamp=Difference_Timestamp-sec_in_daylet days++donewhile (( $(($Difference_Timestamp-$sec_in_hour)) > 1 ))dolet Difference_Timestamp=Difference_Timestamp-sec_in_hourlet hours++doneecho "$days 天 $hours 小时前"
}
function getUserLastLogin(){# 获取用户最近一次登录的时间,含年份# 很遗憾last命令不支持显示年份,只有"last -t YYYYMMDDHHMMSS"表示某个时间之间的登录,我# 们只能用最笨的方法了,对比今天之前和今年元旦之前(或者去年之前和前年之前……)某个用户# 登录次数,如果登录统计次数有变化,则说明最近一次登录是今年。username=$1: ${username:="`whoami`"}thisYear=$(date +%Y)oldesYear=$(last | tail -n1 | awk '{print $NF}')while(( $thisYear >= $oldesYear));dologinBeforeToday=$(last $username | grep $username | wc -l)loginBeforeNewYearsDayOfThisYear=$(last $username -t $thisYear"0101000000" | grep $username | wc -l)if [ $loginBeforeToday -eq 0 ];thenecho "从未登录过"breakelif [ $loginBeforeToday -gt $loginBeforeNewYearsDayOfThisYear ];thenlastDateTime=$(last -i $username | head -n1 | awk '{for(i=4;i<(NF-2);i++)printf"%s ",$i}')" $thisYear" lastDateTime=$(date "+%Y-%m-%d %H:%M:%S" -d "$lastDateTime")echo "$lastDateTime"breakelsethisYear=$((thisYear-1))fidone
}
function getUserStatus(){echo ""pwdfile="$(cat /etc/passwd)"Modify=$(stat /etc/passwd | grep Modify | tr '.' ' ' | awk '{print $2,$3}')echo -e "\033[36m特权用户\033[0m\n"RootUser=""for user in $(echo "$pwdfile" | awk -F: '{print $1}');doif [ $(id -u $user) -eq 0 ];thenecho "$user"RootUser="$RootUser,$user"fidoneecho ""echo -e "\033[36m可登录用户\033[0m"echo ""USERs=0echo "$(echo "USER UID GID HOME SHELL last_login"for shell in $(grep -v "/sbin/nologin" /etc/shells);dofor username in $(grep "$shell" /etc/passwd| awk -F: '{print $1}');douserLastLogin="$(getUserLastLogin $username)"echo "$pwdfile" | grep -w "$username" |grep -w "$shell"| awk -F: -v lastlogin="$(echo "$userLastLogin" | tr ' ' '_')" '{print $1,$3,$4,$6,$7,lastlogin}'donelet USERs=USERs+$(echo "$pwdfile" | grep "$shell"| wc -l)done)" | column -techo ""echo -e "\033[36m空密码用户\033[0m" echo ""USEREmptyPassword=""for shell in $(grep -v "/sbin/nologin" /etc/shells);dofor user in $(echo "$pwdfile" | grep "$shell" | cut -d: -f1);dor=$(awk -F: '$2=="!!"{print $1}' /etc/shadow | grep -w $user)if [ ! -z $r ];thenecho $rUSEREmptyPassword="$USEREmptyPassword,"$rfidone doneecho ""echo -e "\033[36m相同ID用户\033[0m"echo ""USERTheSameUID=""UIDs=$(cut -d: -f3 /etc/passwd | sort | uniq -c | awk '$1>1{print $2}')for uid in $UIDs;doecho -n "$uid";USERTheSameUID="$uid"r=$(awk -F: 'ORS="";$3=='"$uid"'{print ":",$1}' /etc/passwd)echo "$r"echo ""USERTheSameUID="$USERTheSameUID $r,"done#报表信息report_USERs="$USERs" report_USEREmptyPassword=$(echo $USEREmptyPassword | sed 's/^,//') report_USERTheSameUID=$(echo $USERTheSameUID | sed 's/,$//') report_RootUser=$(echo $RootUser | sed 's/^,//')
}
getUserStatusnext
echo -e "\033[36m密码检查\033[0m"
echo ""
echo "最后一次改密码: $Modify ($(getHowLongAgo $Modify))"
echo ""
function getPasswordStatus {pwdfile="$(cat /etc/passwd)"echo -e "\033[36m过期时间\033[0m"result=""for shell in $(grep -v "/sbin/nologin" /etc/shells);dofor user in $(echo "$pwdfile" | grep "$shell" | cut -d: -f1);doget_expiry_date=$(/usr/bin/chage -l $user | grep 'Password expires' | cut -d: -f2)if [[ $get_expiry_date = ' never' || $get_expiry_date = 'never' ]];thenprintf "%-15s 永不过期\n" $userresult="$result,$user:never"elsepassword_expiry_date=$(date -d "$get_expiry_date" "+%s")current_date=$(date "+%s")diff=$(($password_expiry_date-$current_date))let DAYS=$(($diff/(60*60*24)))printf "%-15s %s天后过期\n" $user $DAYSresult="$result,$user:$DAYS days"fidonedonereport_PasswordExpiry=$(echo $result | sed 's/^,//')echo ""echo -e "\033[36m密码策略\033[0m"echo ""grep -v "#" /etc/login.defs | grep -E "PASS_MAX_DAYS|PASS_MIN_DAYS|PASS_MIN_LEN|PASS_WARN_AGE"
}
getPasswordStatusnext
echo -e "\033[36m软件安装记录\033[0m"
echo ""
soft_number=$(rpm -qa --last |wc -l)
echo ""
echo -e "\033[36m最新安装:\033[0m $soft_number 个"
echo ""
echo -e "\033[36m最新10条:\033[0m"
echo ""
rpm -qa --last|head -10|column -tnext
echo -e "\033[34m时间同步\033[0m"
echo ""
time_now=$(date +"%F %T %A"|column -t )
echo -e "\033[34m当前时间\033[0m : $time_now"
echo ""
time_source=$(grep -Ev '^$|^#' /etc/chrony.conf |grep iburst|awk '{print $2}')
echo -e "\033[34m同步源\033[0m\n$time_source"
time_services=$(netstat -antulp | grep chronyd|column -t)
echo ""
echo -e "\033[34m服务状态\033[0m\n$time_services"
echo ""
time_status=$(timedatectl)
echo -e "\033[34m同步状态\033[0m\n$time_status"
echo ""next
echo -e "\033[34mSSH远程\033[0m"
echo ""
ssh_status=$(systemctl status sshd|grep Active|awk -F'(' '{print $2}'|awk -F')' '{print $1}')
echo ""
echo -e "\033[34m服务状态\033[0m\n$ssh_status"
echo ""
echo -e "\033[34m协议版本\033[0m"
ssh -V
echo ""
root_ssh=$(cat /etc/ssh/sshd_config | grep PermitRootLogin|grep -Ev '^# the')
echo ""
echo -e "\033[34mROOT远程\033[0m\n$root_ssh"
echo ""
ssh_conf=$(cat /etc/ssh/sshd_config | grep -Ev "^#|^$")
echo ""
echo -e "\033[34m配置\033[0m\n$ssh_conf"
echo ""
ssh_port=$(netstat -nutlp|grep sshd|column -t|awk 'NR==1{print $4}'|awk -F: '{print $2}')
echo ""
echo -e "\033[34m端口\033[0m\n\033[38m$ssh_port\033[0m"
echo ""next
echo -e "\033[34m自启动\033[0m"
auto_action=$(grep -Ev "^#|^$" /etc/rc.d/rc.local)
auto_number=$(grep -Ev "^#|^$" /etc/rc.d/rc.local|wc -l)
echo ""
echo -e "\033[34m明细\033[0m\n$auto_number 个\n\n$auto_action"
echo ""next
echo -e "\033[36m提权\033[0m"
echo ""
sudo_users=$(grep -v "^#" /etc/sudoers| grep -Ev "^$|^Defaults"|column -t)
echo -e "\033[36m详情\033[0m\n$sudo_users"
echo ""next
echo -e "\033[36m进程检查\033[0m"
echo ""
defunct_number=$(ps -ef | grep defunct | grep -v grep|wc -l)
echo -e "\033[36m僵尸数量\033[0m $defunct_number"
echo ""
ps -ef | head -n1
ps -ef | grep defunct | grep -v grep
echo ""
CPU_TOP10=$(top b -n1 | head -17 | tail -11|awk '{print $1, $2, $9, $12}'|column -t)
MEM_TOP10=$(ps aux | awk '{print $1, $2, $4, $6, $11}' | sort -k3rn | head -10 |column -t)
echo -e "\033[36m内存 TOP10\033[0m"
echo -e "USER PID %MEM RSS COMMAND\n$MEM_TOP10"|column -t
echo ""
echo -e "\033[36mCPU TOP10\033[0m\n$CPU_TOP10"
echo ""next
echo -e "\033[36m系统日志\033[0m"
echo -e "\n"
echo -e "\033[36m配置\033[0m"
echo ""
syslog_config=$(cat /etc/rsyslog.conf 2>/dev/null | grep -Ev "^#|^$|^\\$" | column -t)
echo -e "\033[36m日志类型 存放路径\033[0m\n$syslog_config"|column -t
echo ""
syslog_service=$(systemctl status rsyslog|awk 'NR==3{print $3}'|awk -F'(' '{print $2}'|awk -F')' '{print $1}')
echo -e "\033[36m服务\033[0m\n$syslog_service"
echo ""
主要参考哪两位大神的忘了,还是觉得很多代码逻辑写的太复杂,简化了不少,不过还是挺长的,希望以后可以用Python好好精简下。
不得不服原作者正则用的真溜,受益颇丰。
写出来,希望能对给各位运维小伙伴有所帮助。
一键检查LINUX基础环境相关推荐
- <<Linux基础环境常用工具—yum、vim、gcc/g++、gdb、git等>>
Linux基础环境常用工具-yum.vim.gcc/g++.gdb.git等. 1.软件包管理器: yum 2.编辑器:vim 3.编译器:gcc/g++ 4.调试器:gdb 5.项目自动化构建工具: ...
- Linux基础环境搭建(CentOS7)-安装JDK
Linux基础环境搭建(CentOS7)- 安装JDK 1 JDK的下载及安装 java是当前比较流行的一种编程语言,当我们开始学习java的时候肯定会先要安装jdk,然后进行环境变量控制. JRE( ...
- Linux基础环境搭建(CentOS7)- 安装Flume
Linux基础环境搭建(CentOS7)- 安装Flume 大家注意以下的环境搭建版本号,如果版本不匹配有可能出现问题! Linux基础环境搭建(CentOS7)- 虚拟机准备 Linux基础环境搭建 ...
- [Linux基础环境/软件]Linux下安装resin web服务器(涉及gcc、jdk环境部署)
由于Ubuntu自带是没有jdk和gcc编译器的,而安装resin需要C编译器和jdk的支持,而且resin本身是java写的.另外我本身的网站是zip打包的,所以linux也要安装了gcc.jdk. ...
- Linux基础环境搭建
Linux环境搭建 1.去网上下载VMware 下载完成直接无脑下一步安装 2.下载Linux版本(CentOS) CentOS是免费的.开源的.可以重新分发的开源操作系统,CentOS(Commun ...
- oneinstack 重启mysql_oneinstack一键部署linux生产环境那点事(ubuntu)
http://oneinstack.com/install/ (1)将oneinstack-full.tar.gz最新版安装文件上传至/usr/local/下 (2)解压tar xzvf oneins ...
- Linux 权限、磁盘操作命令-Linux基础环境命令学习笔记
1.创建用户和用户组 1)用户和用户组 /etc/passwd 保存系统用户的基本信息 /etc/group 保存用户组信息 用户名:x:UID:GID 2)基本命令 useradd 增加用户 gro ...
- 在笔记本上搭建高性价比的 Linux 学习环境:基础篇
本篇文章会尽可能详细的介绍如何在相对廉价的笔记本上搭建高性价比的 Linux 学习环境,让学习和工作都轻松和高效一些.尤其是针对国内网络环境下,如何快速的完成系统的安装和基础配置. 使用 Linux ...
- 嵌入式linux编程,嵌入式Linux学习笔记 - 嵌入式Linux基础知识和开发环境的构建_Linux编程_Linux公社-Linux系统门户网站...
注:所有内容基于友善之臂Mini2440开发板 一.嵌入式Linux开发环境的构建 嵌入式开发一般分为三个步骤: 1.编译bootloader,烧到开发板 2.编译嵌入式Linux内核,烧到开发板 3 ...
最新文章
- 只用一分钟,给你的宽带加速
- Windows Server 2008服务器管理新技巧6则第4/4页
- 00084_Map接口
- SAP UI技术演进过程
- asp.net core 自定义 Content-Type
- 初中数学知识点总结_初中数学知识点总结大全_经典版_
- 从基于直方图的Graph-Cut到Grab-Cut
- LeetCode 423. 从英文中重建数字(找规律)
- Spring Boot提交表单信息
- JavaScript css3模拟简单的视频弹幕功能
- cmd java转jar包,cmd 打包java成jar可执行文件
- leetcode74:二维矩阵搜索问题
- maven学习(6)-Maven依赖范围
- 2021-06-07java继承
- C++类与对象实验(六)
- 基于netty,hessian的RPC框架
- plc无线连接服务器,plc连接云服务器
- 01-Epicor开发总结
- 爬取boss直聘岗位数据进行数据分析
- 【马红“名师+”研修共同体成员风采】
热门文章
- 金蝶K3 V12.0 常用数据表(整理)
- Go 语言又称 Golang,是谷歌(Google)开发的一种静态强类型、编译型、并发型的编程语言。2009 年 11 月 10 日,Go 语言以开源方式向全球发布,如今许多大公司纷纷选择使用 Go
- 2021年新高考八省联考江苏成绩查询,2021年新高考八省联考模拟录取分数线公布-在线输入分数选大学...
- android 模拟器 启动,最好用的安卓模拟器推荐,AS单独启动模拟器
- Chief Ray and Margin Ray and Principle Ray(主光线和边缘光线)
- 专访银都餐饮丁文:通过数字化转型,为客户提供高效迅捷的服务
- 游戏高级场景关卡设计师(深圳)
- 获取今天是第几周,类似excel的WEEKNUM公式
- Python相关环境变量配置和模拟手机app登录
- Z-Wave Multi Channel Basics zwave多功能复合设备实现