shell脚本之十四:企业案例
十四、企业实战案例
(一)使用for循环在/oldboy目录下批量创建10个html文件,其中文件名包含10个随机小写字母加固定字符串0ldoby。
思路分析,产生随机数字方法:
①核心是创建10个随机小写字母。
方法1: echo $random 范围是0-32767 openssl rand -base64 100 方法2: date +%s%n 方法3: head /dev/urandom/cksum 方法4: uuidgen 方法5: cat /proc/sys/kernel/random/uuid 方法6: mkpasswd (yum install expect -y) -l:长度 -d:数字 -c:小写字母 -c:大写字母 -s:特殊字符
应用实例
[root@centos6-kvm3 shili]# cat 14-01.sh #!/bin/bash path="oldboy" [ -d /path ] || mkdir -p oldboy/ for n in {1..10} do random=`echo "oldboy$random" | md5sum | tr '0-9' 'm-z' | cut -c 2-11` touch $path/${random}_oldboy.html done [root@centos6-kvm3 shili]#
(二) 、批量改名特殊案例。将以上面试题1中结果 文件名中的oldboy字符串全部改成oldgirl(最好用for循环实现),并且将扩展名html全部改成大写。
方法1
[root@centos6-kvm3 shili]# cat 14-02.sh #!/bin/bash for file in `ls oldboy/*.html` do mv $file ${file/oldboy.html/oldgirl.html} done [root@centos6-kvm3 shili]#
方法2
[root@centos6-kvm3 oldboy]# ls | awk -f "oldgirl.html" '{print "mv",$0, $1 "oldboy.html"}' | bash
方法3
[root@centos6-kvm3 oldboy]# rename "oldboy.html" "oldgirl.html" *.html
(三)、企业shell面试题3:批量创建特殊要求用户案例。
批量创建10个系统账号oldboy01-oldboy10并设置密码(密码为随机数,要求数字和字母混合)。
方法1
[root@centos6-kvm3 shili]# cat 14-03.sh #!/bin/bash . /etc/init.d/functions if [ $uid -ne 0 ] then echo "please use root." exit 1 fi for n in {41..50} do pass=`openssl rand -base64 10` if [ `grep -w "oldboy$n" /etc/passwd|wc -l` -eq 0 ] then useradd oldboy$n &>/dev/null &&\ echo $pass | passwd --stdin oldboy$n &&\ echo -e "oldboy$n\t$pass" >>/tmp/user.txt &&\ action "oldboy$n is successful." /bin/true else action "oldboy$n is exist." /bin/false fi done [root@centos6-kvm3 shili]#
方法2
[root@centos6-kvm3 shili]# cat 14-03-01.sh #!/bin/bash for n in `seq -w 11 20` do pass=`openssl rand -base64 10` useradd oldboy$n echo "oldboy$n:$pass" >>/tmp/chpasswd.log done chpasswd </tmp/chpasswd.log [root@centos6-kvm3 shili]#
(四)扫描网络内存活主机案例。写一个shell脚本,判断10.0.0.0/24当前网络中主机数量。当前哪些在线的有哪些。
如何判断主机存活。
①ping
-c次数
-i 间隔
②nmap (yum)
nmap -sp 10.0.0.0/24
方法1
[root@centos6-kvm3 shili]# cat 14-04.sh #!/bin/bash for n in {1..254} do { if `ping -c 1 -w 3 10.0.0.$n &>/dev/null` then echo "10.0.0.$n is up." else echo "10.0.0.$n is down." fi } &#&表示并行 done
方法2
[root@centos6-kvm3 shili]# nmap -sp 10.0.0.0/24 | awk '/nmap scan report for/{print $nf}'
(五)、mysql数据库分库备份
mysql -uroot -poldboy123 -e "show databases" | grep -v _scheme|sed -1d 分库备份: mysqldump -b oldboy | gzip > bak.sql.gz [root@centos6-kvm3 scripts]# vim mysql.sh #!/bin/bash path=/back [ -d $path ] || mkdir $path -p for dbname in `mysql -uroot -poldboy123 -e "show databases;" 2>/dev/null | grep -v _schema | sed -1d` do mysqldump -uroot -poldboy123 -b $dbname | gzip >$path/${dbname}.sql.gz done
(六)、mysql分库分表备份案例分析及开发实现
如何实现mysql数据库进行分库加分表备份,请用脚本实现。
解答:
mysqldump oldboy test test1| gzip >bak.sql.gz
1,oldboy 库名
2,test\test1都是表名
方法:
mysqldump -b oldboy |gzip >bak.sql.gz mysqldump oldboy test1 mysqldump -b oldgril | gzip >bak.sql.gz mysqldump oldgril test1
案例
mysql -uroot -poldboy123 -e "show tables from wordpress;" 2>/dev/null | sed -1d [root@centos6-kvm3 scripts]# cat mysql.sh #!/bin/bash path=/back [ -d $path ] || mkdir $path -p for dbname in `mysql -uroot -poldboy123 -e "show databases;" 2>/dev/null | grep -v _schema | sed 1d` do for tname in `mysql -uroot -poldboy123 -e "show tables from $dbname;" 2>/dev/null | grep 1d ` do if [ "$dbname" = "mysql" ] then mysqldump -uroot -poldboy123 $dbname $tname | gzip >$path/${dbname}_${tname}.sql.gz else mysqldump $dbname $tname | gzip >$path/${dbname}_${tname}.sql.gz fi done done [root@centos6-kvm3 scripts]#
(七)、ssh免秘钥批量分发文件专业脚本
有3台机器,m01,backup,nfs01,采用ssh免秘钥实现从m01到其他两台机器无密码登录后,请写脚本实现从m01批量分发任意文件到其他两台机器的任意目录下。
免密环境生成:
[root@centos6-kvm3 scripts]# ssh-keygen generating public/private rsa key pair. enter file in which to save the key (/root/.ssh/id_rsa): created directory '/root/.ssh'. enter passphrase (empty for no passphrase): enter same passphrase again: your identification has been saved in /root/.ssh/id_rsa. your public key has been saved in /root/.ssh/id_rsa.pub. the key fingerprint is: 12:af:26:77:1e:2d:2b:ce:94:aa:f9:be:c5:a3:c8:90 root@centos6-kvm3 the key's randomart image is: +--[ rsa 2048]----+ | | | | | . | | o | | . s | | . . + . | |e . x + . | | o o x.+ + | | =+*oo.o | +-----------------+ [root@centos6-kvm3 scripts]# ll ~/.ssh/ total 8 -rw------- 1 root root 1675 jan 27 21:48 id_rsa -rw-r--r-- 1 root root 399 jan 27 21:48 id_rsa.pub [root@centos6-kvm3 scripts]# cd ~/.ssh/ [root@centos6-kvm3 .ssh]# ssh-copy-id id_rsa.pub 10.0.0.8
案例脚本
[root@centos6-kvm3 scripts]# cat fenfa.sh #!/bin/bash . /etc/init.d/functions if [ $# -ne 2 ] then echo "usage:$0 localdir remotedir" exit 1 fi for n in 8 41 43 do scp -rp $1 10.0.0.$n:$2 &>/dev/null if [ $? -eq 0 ] then action "10.0.0.$n is successful" /bin/true else action "10.0.0.$n is failure" /bin/false fi done [root@centos6-kvm3 scripts]#
(八)、破解random随机数案例
已知下面的字符串是通过random随机数变量md5sum后,再截取一部分字符串的结果,请破解这些字符串对应的使用的md5sum处理前的random对应的数字。
21029299
00205d1c
a3da1677
1f6d12dd
890684b
解答:
[root@centos6-kvm3 .ssh]# cat random.sh #!/bin/bash array=( 21029299 00205d1c a3da1677 1f6d12dd 890684b ) funmd5(){ for n in {1..32767} do echo "$n\t `$n|md5sum`" >>/tmp/md5sum.log done } funjudge(){ for n in ${array[*]} do if [ `echo grep $n /tmp/md5sum.log|wc -l` -eq 1 ] then echo `grep $n /tmp/md5sum.log` fi done } main(){ funmd5 funjudge } main [root@centos6-kvm3 .ssh]#
优化方法1:
[root@centos6-kvm3 .ssh]# cat random1.sh #!/bin/bash array=( 21029299 00205d1c a3da1677 1f6d12dd 890684b ) funmd5(){ for n in {1..32767} do echo "$n\t `$n|md5sum`" >>/tmp/md5sum1.log done } funjudge(){ char="`echo ${array[*]} | tr " " "|"`" egrep $char /tmp/md5sum1.log } main(){ funmd5 funjudge } main [root@centos6-kvm3 .ssh]#
(九)、批量检查多个网站地址是否正常
企业面试题:批量检查多个网站地址是否正常。
要求:
1、使用shell数组方法实现,检查策略尽量模拟用户访问。
2、每10s做一次所有的检测,无法访问的输出报警。
3、待检测的地址如下:
解答:wget --spider #模拟爬虫,不下载html文件。
方法1
方法1 [root@centos6-kvm3 .ssh]# cat url.sh #!/bin/bash . /etc/init.d/functions array=( http://blog.oldboyedu.com http://www.baidu.com http://blog.ettiantian.org http://www.luffycity.com http://10.0.0.7 ) checkurl(){ wget -t 2 -t 5 -o /dev/null -q $1 if [ $? -eq 0 ] then action "$1 is successfull." /bin/true else action "$1 is failure." /bin/false fi } dealurl(){ for n in ${array[*]} do checkurl $n done } main(){ while true do dealurl sleep 2 echo "--------" done } main [root@centos6-kvm3 .ssh]#
方法2
方法2 [root@centos6-kvm3 .ssh]# cat url1.sh #!/bin/bash . /etc/init.d/functions array=( http://blog.oldboyedu.com http://www.baidu.com http://blog.ettiantian.org http://www.luffycity.com http://10.0.0.7 ) checkurl(){ wget -t 2 -t 5 -o /dev/null -q $1 if [ $? -eq 0 ] then action "$1 is successfull." /bin/true else action "$1 is failure." /bin/false fi } dealurl(){ for ((i=0;i<${#array[*]};i++)) do checkurl ${array[$i]} done } main(){ while true do dealurl sleep 2 echo "--------" done } main [root@centos6-kvm3 .ssh]#
方法3
方法3 [root@centos6-kvm3 .ssh]# cat url2.sh #!/bin/bash . /etc/init.d/functions checkurl(){ wget -t 2 -t 5 -o /dev/null -q $1 if [ $? -eq 0 ] then action "$1 is successfull." /bin/true else action "$1 is failure." /bin/false fi } dealurl(){ while read line do checkurl $line done < ./url.log } main(){ while true do dealurl sleep 2 echo "--------" done } main [root@centos6-kvm3 .ssh]#
(十)、解决dos攻击生成案例
写一个shell脚本解决dos攻击生成案例。
请根据web日志或者网络连接数,监控某个ip并发连接数或者短时间内pv达到100(读者根据实际请设定),即调用防火墙命令封掉对应的ip。防火墙命令为:iptables -i input -s ip 地址 -j drop
解答:
dos deny of service
ddos
分析:
1、封ip的命令
iptables -i input -s ip 地址 -j drop
2、web日志或者网络连接数
日志文件,netstat -an| grep -i est 排序去重。
3、判断pv或者连接数大于100,取出ip后封。
取攻击ip的方法:
方法1 [root@centos6-kvm3 scripts]# awk '{s[$1]++}end{for(key in s) print s[key],key}' access_2010-12-8.log | uniq |sort -nr#依照数据大小排序,r逆序 35 59.33.26.105 23 123.122.65.226 8 124.115.4.18 方法2 [root@centos6-kvm3 scripts]# awk '{print $1}' access_2010-12-8.log | uniq -c | sort -nr 35 59.33.26.105 23 123.122.65.226 8 124.115.4.18 [root@centos6-kvm3 scripts]#
[root@centos6-kvm3 scripts]# cat dos.sh #!/bin/bash awk '{s[$1]++}end{for(key in s) print s[key],key}' access_2010-12-8.log |sort -nr | head >/tmp/ip.log while read line do ip=`echo $line|awk '{print $2}'` count=`echo $line|awk '{print $1}'` if [ $count -gt 30 -a `grep "$ip" /tmp/drop.log|wc -l` -lt 1 ] then iptables -i input -s `echo $line|awk '{print $2}'` -j drop &&\ echo "echo $line|awk '{print $2}'" >>/tmp/drop.log else echo "echo $line|awk '{print $2}'" >>/tmp/accept.log fi done </tmp/ip.log [root@centos6-kvm3 scripts]# [root@centos6-kvm3 scripts]# iptables -nl
获取网络连接数的方法:
[root@centos6-kvm3 scripts]# awk -f "[ :]+" '/estab/{s[$(nf-3)]++}end{for(k in s) print s[k],k}' netstat.log| sort -rn | head [root@centos6-kvm3 scripts]# awk '/estab/{print $(nf-1)}' netstat.log | awk -f ":" '{print $1}'| uniq -c | sort -rn |head
[root@centos6-kvm3 scripts]# vim dos1.sh #!/bin/bash awk -f "[ :]+" '/estab/{s[$(nf-3)]++}end{for(k in s) print s[k],k}' netstat.log| sort -rn | head >/tmp/ip.log while read line do ip=`echo $line|awk '{print $2}'` count=`echo $line|awk '{print $1}'` if [ $count -gt 30 -a `grep "$ip" /tmp/drop.log|wc -l` -lt 1 ] then iptables -i input -s `echo $line|awk '{print $2}'` -j drop &&\ echo "echo $line|awk '{print $2}'" >>/tmp/drop.log else echo "echo $line|awk '{print $2}'" >>/tmp/accept.log fi done </tmp/ip.log [root@centos6-kvm3 scripts]# iptables -nl
(十一)、开发mysql服务启动停止脚本
要求:用函数,case语句,if语句等实现。
解答:
/etc/init.d/mysqld {start | stop | restart}
分析:
1、启动
mysql_safe --user=mysql & 一定要在命令行测试成功。
2、停止
mysqladmin -uroot -ppasswd shutdown
killall,pkill
kill pid 推荐
[root@centos6-kvm3 scripts]# cat mysqld.sh # chkconfig: 2345 20 80 # description: mysql start stop #!/bin/bash lockfile=/var/lock/subsys/mysqld . /etc/init.d/functions mysqld_pid_file_path="/application/mysql/data/web01.pid" mysqld_safe=/application/mysql/bin/mysqld_safe start(){ /bin/sh $mysqld_safe --datadir=/application/mysql/data --pid-file=$mysqld_pid_file_path &>/dev/null & retval=$? if [ $retval -eq 0 ] then action "mysql start ok" /bin/true touch $lockfile return $retval else action "mysql start fail" /bin/false return $retval fi } stop(){ if test -s "$mysqld_pid_file_path" then mysqld_pid=`cat $mysqld_pid_file_path` if (kill -0 $mysql_pid &>/dev/null) #kill -0 检查 then kill $mysqld_pid retval=$? if [ $retval -eq 0 ] then action "mysql stop ok" /bin/true rm $lockfile return $retval else action "mysql stop fail" /bin/false return $retval fi else echo "mysqld process is not exits." return 2 fi else echo "$mysqld_pid_file_path is not exist,or mysqld does not startup." fi } case $1 in start) start retval=$? ;; stop) stop retval=$? ;; restart) stop sleep 2 start retval=$? ;; *) echo "usage:$0 {start|stop|restart}" exit 1 esac exit $retval [root@centos6-kvm3 scripts]#
(十二)、单词及字母去重排序案例
用shell脚本处理以下内容
1、按单词出现频率降序排序。
2、按字母出现频率降序排序。
the squid project provides a number of resources to assist users design,implement and support squid installations. please browse the documentation and support sections for more infomation,by oldboy training.
1、按单词出现频率降序排序。
方法1:
[root@centos6-kvm3 scripts]# tr " ," "\n" <12.log | sort|uniq -c| sort -rn 空格逗号替换成回车
方法2:
[root@centos6-kvm3 scripts]# tr " ," "\n" <12.log | awk '{s[$1]++}end{for(k in s) print s[k],k}'| sort -nr
方法3
[root@centos6-kvm3 scripts]# xargs -n1 <12.log | sort|uniq -c|sort -nr
2、按字母出现的频率进行降序排序。
方法1
[root@centos6-kvm3 scripts]# grep -o "[^ ]" 12.log | sort|uniq -c|sort -nr [^ ]表示非空
方法2
[root@centos6-kvm3 scripts]# grep -o "[^ ]" 12.log | awk '{s[$1]++}end{for(k in s) print s[k],k}'|sort -rn
方法3
[root@centos6-kvm3 scripts]# sed 's#[ ,\.]##g' 12.log | awk -f "" '{for(i=1;i<nf;i++)s[$i]++}end{for(k in s) print s[k],k}'| sort -nr
(十三)、按单词去重排序案例高级方法
竖着处理:
[root@centos6-kvm3 scripts]# awk -f '[ ,.]+' '{for(i=1;i<nf;i++)s[$i]++}end{for(k in s) print s[k],k}' 12.log | sort -nr