码迷,mamicode.com
首页 > 系统相关 > 详细

shell脚本编程测试类型下

时间:2019-06-26 01:15:48      阅读:190      评论:0      收藏:0      [点我收藏+]

标签:logout   cut   parameter   xxx   ogr   访问   su -   new   centos6   

 

 

 

 

 

一bash的数值测试

 


-v VAR
变量VAR是否设置


数值测试:
-gt 是否大于greater
-ge 是否大于等于
-eq 是否等于
-ne 是否不等于  not equal
-lt 是否小于
-le 是否小于等于

 

 

技术图片

 

 

 

 

 

-eq是否等于表示变量值是数字,=表示变量值是字符串

 

[root@centos7 ~]# num=10;  [[ "$num"  -eq  10 ]]   &&  echo  true  ||  echo false   

true
[root@centos7 ~]# num=50;  [[ "$num"  -eq  10 ]]   &&  echo  true  ||  echo false
false
[root@centos7 ~]# num=50;  [[ "$num"  =  10 ]]   &&  echo  true  ||  echo false   
false
[root@centos7 ~]# num=50;  [[ "$num"  =  50 ]]   &&  echo  true  ||  echo false
true

 

 

 

 

 

[root@centos7 ~]# num=abcd;  [  "$num"  =  50 ]   &&  echo  true  ||  echo false
false
[root@centos7 ~]# num=abcd;  [  "$num"  -eq   50 ]   &&  echo  true  ||  echo false
-bash: [: abcd: integer expression expected  
#语法错误,要求整数表达式
false
[root@centos7 ~]# num=50;  [  "$num"  =  50 ]   &&  echo  true  ||  echo false
true

[root@centos7 ~]# num=20;  [  "$num"  -ne   50 ]   &&  echo  true  ||  echo false
true
[root@centos7 ~]# num=20;  [  "$num"  -le   50 ]   &&  echo  true  ||  echo false
true
[root@centos7 ~]# num=20;  [  "$num"  -ge   50 ]   &&  echo  true  ||  echo false
false
[root@centos7 ~]# num=20;  [  "$num"  -gt   50 ]   &&  echo  true  ||  echo false
false

 

 

 

 

 

示例:判断变量的参数是否存在

 

 

完整脚本:

[root@centos73 shell_scripts]# cat  createuser1.sh 
#!/bin/bash
#Author=wang

[ $# -ne 1 ]  &&    echo -e    "the arg  must one\nUsage:createuser1.sh  usename"   &&  exit 20
#如果参数的个数不为1,那么就显示必须要有一个参数,并且退出。
#\n表示空一行,-e表示启用反斜线转义,对\进行转义
id $1 &> /dev/null && echo " $1 is exist " && exit 8
#因为不是正常结束的命令,所以退出的状态码为非0
useradd $1 && echo "$1 is created"
#因为是最后一个命令了,不写退出状态也表示退出了。

 

 

 

 

 

执行结果:

[root@centos7 bin]# chmod +x  createuser1.sh 
[root@centos7 bin]# ll createuser1.sh 
-rwxr-xr-x 1 root root 342 Dec 15 17:52 createuser1.sh
[root@centos7 bin]# createuser1.sh 
/root/bin/createuser1.sh: line 2: [: ne: binary operator expected
  is exist 
[root@centos7 bin]# vim createuser1.sh 
[root@centos7 bin]# createuser1.sh 
the arg  must one
Usage:createuser1.sh  usename
[root@centos7 bin]# createuser1.sh  wang
 wang is exist 
[root@centos7 bin]# createuser1.sh  tom
 tom is exist 
[root@centos7 bin]# createuser1.sh  abcd
abcd is created
[root@centos7 bin]# id abcd
uid=2001(abcd) gid=2001(abcd) groups=2001(abcd)

 

 

 

 

 脚本解析:

echo -e

-e enable interpretation of backslash escapes 启用反斜杠转义的解释

 

 

 

 

 

 

判断变量是否已经设置了

 查看test的帮助文档

[root@centos73 ~]# help test  |  grep  VAR
      -v VAR     True if the shell variable VAR is set

 

 

 

 

 

注意这里的VAR是不需要加$的

在字符串前面加$就是用来调用这个变量,相当于变量引用。

[root@centos7 bin]# var="";[ -v var ]   &&  echo true ||  echo false 
#定义了空值 true [root@centos7 bin]# var=" ";[ -v var ] && echo true || echo false
#有内容,是空格 true [root@centos7 bin]# var=123;[ -v var ] && echo true || echo false
#定义了数字 true [root@centos7 bin]# var=abcd;[ -v var ] && echo true || echo false true [root@centos7 bin]# var="abc";[ -v var ] && echo true || echo false
#定义了字符串 true [root@centos7 bin]# unset var;[ -v var ] && echo true || echo false false

 

 

 

 

 

判断变量是否定义了?

[root@centos73 shell_scripts]# cat createuser2.sh
#!/bin/bash
#Author=wang

[ -v  $1 ]    ||     ( echo -e    "the arg  must one\nUsage:$0.sh  usename"   &&  exit 20; )

#\n表示空一行,-e表示启用反斜杠转义的解释,因为后面要空行。
#如果为假才执行后面括号里面的命令,但是小括号会报错,小括号开了一个子进程,exit 20退出的是子进程,但是没有退出整个脚本。
#系统里面本身就有$1,只不过默认是没有赋值,不能判断$1是否存在。?



id $1  &> /dev/null  && echo " $1 is exist "  &&  exit 8

#因为不是正常结束的命令,所以退出的状态码为非0

useradd $1 && echo "$1 is created"

#因为是最后一个命令了,不写退出状态也表示退出了。

 

 

 

 

 

执行结果报错,说明上面的脚本有问题,还要对其修改

[root@centos73 shell_scripts]# bash   createuser2.sh 
  is exist 
[root@centos73 shell_scripts]# bash   createuser2.sh     wang
the arg  must one
Usage:createuser1.sh  usename
 wang is exist 
[root@centos73 shell_scripts]# id wang
uid=1022(wang) gid=1022(wang) groups=1022(wang)
[root@centos73 shell_scripts]# id  xixixi
id: xixixi: no such user
[root@centos73 shell_scripts]# bash   createuser2.sh     xixixi
the arg  must one
Usage:createuser1.sh  usename
xixixi is created
[root@centos73 shell_scripts]# id  xixixi
uid=1025(xixixi) gid=1025(xixixi) groups=1025(xixixi)

 

 

 

 

 

判断变量$1的值是否有内容

使用-n,如果字符串为非空就为真,为空返回的就是假,假就执行后续的命令。

[root@centos73 shell_scripts]# cat  createuser3.sh
#!/bin/bash
#Author=wang
[ -n  "$1" ]    ||     {  echo -e    "the arg  must one\nUsage:$0.sh  usename"   &&  exit 20; }

#\n表示空一行,-e表示启用反斜杠转义的解释,因为后面要空行。
#[-n]表示后面接的字符串不为空。 #-n STRING the length of STRING is nonzero id $1 &> /dev/null && echo "$1 is exist"

 

 

 

 

 

在系统脚本里面使用了很多的函数,用大括号来表示

[root@centos7 bin]# cat /etc/init.d/functions 


systemctl_redirect () {
    local s
    local prog=${1##*/}
    local command=$2
    local options=""

    case "$command" in
    start)
        s=$"Starting $prog (via systemctl): "
        ;;
    stop)
        s=$"Stopping $prog (via systemctl): "
        ;;
    reload|try-reload)
        s=$"Reloading $prog configuration (via systemctl): "
        ;;
    restart|try-restart|condrestart)
        s=$"Restarting $prog (via systemctl): "
        ;;
    esac

    if [ -n "$SYSTEMCTL_IGNORE_DEPENDENCIES" ] ; then
        options="--ignore-dependencies"
    fi

    if ! systemctl show "$prog.service" > /dev/null 2>&1 ||             systemctl show -p LoadState "$prog.service" | grep -q not-found‘ ; then
        action $"Reloading systemd: " /bin/systemctl daemon-reload
    fi

    action "$s" /bin/systemctl $options $command "$prog.service"
}

 

 

 

 

 

 

执行结果

[root@centos73 shell_scripts]# bash  createuser3.sh   
the arg  must one
Usage:createuser3.sh.sh  usename
[root@centos73 shell_scripts]# bash  createuser3.sh   wang
wang is exist
[root@centos73 shell_scripts]# bash  createuser3.sh   zhang
zhang is exist
[root@centos73 shell_scripts]# bash  createuser3.sh   zhao
zhao is exist
[root@centos73 shell_scripts]# bash  createuser3.sh  hahaha
[root@centos73 shell_scripts]# id  hahaha
id: hahaha: no such user
[root@centos73 shell_scripts]# id   wuwuwu
id: wuwuwu: no such user
[root@centos73 shell_scripts]# bash  createuser3.sh   wuwuwu
[root@centos73 shell_scripts]# id   wuwuwu
id: wuwuwu: no such user

 

 

 

 

 

 

 

二Bash的文件测试

 

如果在编程时需要处理一个对象,应先对对象进行测试。

只有在确定它符合要求时,才应进行操作处理,这样做的好处就是避免程序出错及无谓的系统资源消耗。

这个需要测试的对象可以是文件、字符串、数字等。

Bash的文件测试也就是判断各种文件是否存在.

 

 

(一)常用文件测试操作符

 

下面的操作符号对于[[ ]]、[ ]、test的测试表达式几乎是通用的,更多的操作符可以man test获得帮助。

 

-a文件,表示文件存在则为真,即测试表达式成立。

 

-b文件, b的全拼为block表示文件存在且为块设备则为真,即测试表达式成立。

 

-c文件, c的全拼为character表示文件存在且为字符设备则为真,即测试表达式成立。

 

-d文件, d的全拼为directory表示文件存在且为目录则为真,即测试表达式成立。

 

注意目录也是文件,是一种特殊的文件。

 

-e文件, e的全拼为exist表示文件存在则为真,即测试表达式成立。

 

-f文件,f的全拼为file表示文件存在且为普通文件则为真,即测试表达式成立。

 

注意区别于"-f",-e不辨别是目录还是文件。

 

-L文件, L的全拼为link表示文件存在且为链接文件则为真,即测试表达式成立

 

-p 文件:p的全拼为pipe表示文件存在且为命名管道文件则为真,即测试表达式成立。

 

-r文件, r的全拼为read表示文件存在且可读则为真,即测试表达式成立

 

-s文件, s的全拼为size表示文件存在且文件大小不为0则为真,即测试表达式成立

 

-S文件, S的全拼为socket表示文件存在且为套接字文件则为真,即测试表达式成立

 

-w文件, w的全拼为write表示文件存在且可写则为真,即测试表达式成立

 

-x文件, x的全拼为executable表示文件存在且可执行则为真,即测试表达式成立

 

f1-nt f2, nt的全拼为newer than表示文件f1比文件2旧则为真,即测试表达式成立。根据文件的修改时间来计算

 

fl-ot f2, ot的全拼为older than表示文件f1比文件12新则为真,即测试表达式成立。根据文件的修改时间来计算



 

 

查看test的帮助文档

[root@centos73 shell_scripts]# help  test
test: test [expr]
    Evaluate conditional expression.
    
    Exits with a status of 0 (true) or 1 (false) depending on
    the evaluation of EXPR.  Expressions may be unary or binary.  Unary
    expressions are often used to examine the status of a file.  There
    are string operators and numeric comparison operators as well.
    
    The behavior of test depends on the number of arguments.  Read the
    bash manual page for the complete specification.
    
    File operators:
    
      -a FILE        True if file exists.
      -b FILE        True if file is block special.
      -c FILE        True if file is character special.
      -d FILE        True if file is a directory.
      -e FILE        True if file exists.
      -f FILE        True if file exists and is a regular file.
      -g FILE        True if file is set-group-id.
      -h FILE        True if file is a symbolic link.
      -L FILE        True if file is a symbolic link.
      -k FILE        True if file has its `sticky bit set.
      -p FILE        True if file is a named pipe.
      -r FILE        True if file is readable by you.
      -s FILE        True if file exists and is not empty.
      -S FILE        True if file is a socket.
      -t FD          True if FD is opened on a terminal.
      -u FILE        True if the file is set-user-id.
      -w FILE        True if the file is writable by you.
      -x FILE        True if the file is executable by you.
      -O FILE        True if the file is effectively owned by you.
      -G FILE        True if the file is effectively owned by your group.
      -N FILE        True if the file has been modified since it was last read.
    
      FILE1 -nt FILE2  True if file1 is newer than file2 (according to
                       modification date).
    
      FILE1 -ot FILE2  True if file1 is older than file2.
    
      FILE1 -ef FILE2  True if file1 is a hard link to file2.
    
    String operators:
    
      -z STRING      True if string is empty.
    
      -n STRING
         STRING      True if string is not empty.
    
      STRING1 = STRING2
                     True if the strings are equal.
      STRING1 != STRING2
                     True if the strings are not equal.
      STRING1 < STRING2
                     True if STRING1 sorts before STRING2 lexicographically.
      STRING1 > STRING2
                     True if STRING1 sorts after STRING2 lexicographically.
    
    Other operators:
    
      -o OPTION      True if the shell option OPTION is enabled.
      -v VAR     True if the shell variable VAR is set
      ! EXPR         True if expr is false.
      EXPR1 -a EXPR2 True if both expr1 AND expr2 are true.
      EXPR1 -o EXPR2 True if either expr1 OR expr2 is true.
    
      arg1 OP arg2   Arithmetic tests.  OP is one of -eq, -ne,
                     -lt, -le, -gt, or -ge.
    
    Arithmetic binary operators return true if ARG1 is equal, not-equal,
    less-than, less-than-or-equal, greater-than, or greater-than-or-equal
    than ARG2.
    
    Exit Status:
    Returns success if EXPR evaluates to true; fails if EXPR evaluates to
    false or an invalid argument is given.

 

 

 

 

 

 

 

 

 

(二)测试文件存在性

 

注意中括号里面的内容要和中括号左右空一格

[root@centos73 ~]# [ -a  /etc/]   &&  echo  true   
-bash: [: missing `]‘
[root@centos73 ~]# [ -a  /etc/ ]   &&  echo  true   
true
[root@centos73 ~]# [ -a  /etc ]   &&  echo  true   
true

 

 

 

 -e和-a都是判断文件是否存在

[root@centos73 ~]# [ -e /etc/]   &&  echo  true   
-bash: [: missing `]‘
[root@centos73 ~]# [ -e /etc]   &&  echo  true   
-bash: [: missing `]‘
[root@centos73 ~]# [ -e /etc ]   &&  echo  true   
true
[root@centos73 ~]# [ -e /etc/ ]   &&  echo  true   
true

 

 

 

 

 

 

 

示例

1、编写脚本/root/bin/argsnum.sh,接受一个文件路径作为参数。

如果参数个数小于1,则提示用户“至少应该给一个参数”,并立即退出。

如果参数个数不小于1,则显示第一个参数所指向的文件中的空白行数。

涉及到正则表达式

法1:

完整脚本

[root@centos73 shell_scripts]# cat  argsnum.sh 
#!/bin/bash
#Author=wang
[ $# -lt 1 ] && echo "must one parameter" && exit 1
[ ! -f $1 ] && echo " file not exist" && exit 2
#[ -f $1 ] 表示判断文件存在,!表示取反,也就是文件不存在
echo `cat $1 |grep "^[[:space:]]*$" |wc -l`

 

 

 

 

执行结果

[root@centos73 shell_scripts]# bash  argsnum.sh   
must one parameter
[root@centos73 shell_scripts]# bash  argsnum.sh   /etc/issue
1
[root@centos73 shell_scripts]# bash  argsnum.sh   /etc/passwd
0
[root@centos73 shell_scripts]# bash  argsnum.sh   /etc/services 
17

[root@centos73 shell_scripts]# bash  argsnum.sh    xxxxxx
 file not exist

 

 

 

 

 

法2:

完整脚本

[root@centos73 shell_scripts]# cat  argsnum1.sh
#!/bin/bash
#Author=wang
[  $#   -lt 1 ]   &&   echo "You shound give a parameter at least!"   &&   exit 10

[ -e  $1 ]   &&   echo     "The blankLine   is    `grep ‘^[[:space:]]*$‘     $1 | wc  -l`"    ||   echo "No such file or directory!"

#注意要使用反引号调用命令执行的结果。
#如果文件存在那么就打印文件的空白行,否则就显示文件不存在。

 

 

 

 

 

 注意一定要加上*?

[root@centos73 shell_scripts]# grep ^[[:space:]]*$‘     /etc/issue | wc -l
1
[root@centos73 shell_scripts]# grep ^[[:space:]]$‘     /etc/issue | wc -l
0

 

 

 

 

 

执行结果

[root@centos73 shell_scripts]# bash  argsnum1.sh   
You shound give a parameter at least!
[root@centos73 shell_scripts]# bash  argsnum1.sh   /etc/issue
The blankLine   is    1
[root@centos73 shell_scripts]# bash  argsnum1.sh   /etc/passwd
The blankLine   is    0
[root@centos73 shell_scripts]# bash  argsnum1.sh   /etc/services 
The blankLine   is    17
[root@centos73 shell_scripts]# bash  argsnum1.sh    xxxxxx
No such file or directory!

 

 

 

 

 

3、编写脚本/root/bin/checkdisk.sh,检查磁盘分区空间和inode使用率,如果超过10%,就发广播警告空间将满

 完整脚本

[root@centos73 shell_scripts]# cat   checkdisk.sh 
#!/bin/bash
#Author=wang
Check_D=`df |grep "/sd" |tr -s " " "%" |cut -d% -f5 |sort -n |tail -1`
[ $Check_D -gt 10 ] &&  echo  space  of the disk will be full
inode=`df -i |grep "/sd" |tr -s " " "%" |cut -d% -f5 |sort -n |tail -1`
[ $inode  -ge 1 ] &&   echo  space of  inode will  be full

 

 

 

 

查看磁盘分区空间

[root@centos73 shell_scripts]# df
Filesystem     1K-blocks    Used Available Use% Mounted on
/dev/sda2       52403200 1509828  50893372   3% /
devtmpfs          487964       0    487964   0% /dev
tmpfs             498988       0    498988   0% /dev/shm
tmpfs             498988    7776    491212   2% /run
tmpfs             498988       0    498988   0% /sys/fs/cgroup
/dev/sr0         4364408 4364408         0 100% /mnt
/dev/sda3       20961280   87448  20873832   1% /app
/dev/sda1        1038336  126596    911740  13% /boot
tmpfs              99800       0     99800   0% /run/user/0

 

 

 

 查看inode的使用率

[root@centos73 shell_scripts]# df -i
Filesystem       Inodes IUsed    IFree IUse% Mounted on
/dev/sda2      26214400 39365 26175035    1% /
devtmpfs         121991   397   121594    1% /dev
tmpfs            124747     1   124746    1% /dev/shm
tmpfs            124747   716   124031    1% /run
tmpfs            124747    16   124731    1% /sys/fs/cgroup
/dev/sr0              0     0        0     - /mnt
/dev/sda3      10485760   181 10485579    1% /app
/dev/sda1        524288   326   523962    1% /boot
tmpfs            124747     1   124746    1% /run/user/0

 

 

 

 执行结果

[root@centos73 shell_scripts]# bash  checkdisk.sh 
space of the disk will be full
space of inode will be full

 

 

 

 

脚本解析

注意/dev/sd开头的才是磁盘分区

首先过滤出磁盘分区

[root@centos7 bin]# df |grep "/sd" 
/dev/sda3       10475520 6837332   3638188  66% /
/dev/sda1         201380  105340     96040  53% /boot

 

 

 

 

分割符空格替换为%

把所有的空白空格压缩成一个空格,并且替换成百分号。

分割符一定要加双引号

[root@centos7 bin]# df |grep "/sd" |tr -s " " "%" 
/dev/sda3%10475520%6837332%3638188%66%/
/dev/sda1%201380%105340%96040%53%/boot

 

 

 

 


[root@centos7 bin]# df |grep "/sd" |tr -s " " "%" |cut -d% -f5 
66
53
[root@centos7 bin]# df |grep "/sd" |tr -s " " "%" |cut -d% -f5 | sort -n  
53
66
[root@centos7 bin]# df |grep "/sd" |tr -s " " "%" |cut -d% -f5 | sort -n  | tail -1
66

cut -d% -f5 百分号作为分隔符,取第5列

sort -n    :使用『纯数字』进行排序

tail  -1  最后1行

 

 

 

 

 

(三)测试文件类型

 

 1是否为普通文件

[root@centos73 ~]# [ -f   /etc/issue ]   &&  echo  true   ||  echo  false
true
[root@centos73 ~]# [ -f   /etc/ ]   &&  echo  true   ||  echo  false
false
[root@centos73 ~]# [ -f   /etc ]   &&  echo  true   ||  echo  false
false

 

 

 

 

 

 2是否为目录

[root@centos73 ~]# [ -d  /etc ]   &&  echo  true   ||  echo  false
true
[root@centos73 ~]# [ -d  /etc/ ]   &&  echo  true   ||  echo  false
true
[root@centos73 ~]# [ -d  /etc/issue ]   &&  echo  true   ||  echo  false
false
[root@centos73 ~]# [ -d  /etc/passwd   ]   &&  echo  true   ||  echo  false
false

 

 

 

 

3是否为链接文件

-h FILE True if file is a symbolic link.
-L FILE True if file is a symbolic link.

注意有些文件是软连接文件,也是普通文件,因为他指向软连接的文件类型是普通文件。

[root@centos73 ~]# ll /etc/system-release
lrwxrwxrwx. 1 root root 14 Jan  9 13:55 /etc/system-release -> centos-release
[root@centos73 ~]# [ -L  /etc/system-release ]  &&  echo  true  ||  echo false 
true
[root@centos73 ~]# [ -f   /etc/system-release ]  &&  echo  true  ||  echo false 
true
[root@centos73 ~]# ll  /etc/centos-release
-rw-r--r--. 1 root root 38 Apr 29  2018 /etc/centos-release

 

 

 

 

4是否为套接字文件。

注意套接字文件是为了网络通信用的。

启动数据库

[root@centos73 ~]# rpm  -q  mariadb
mariadb-5.5.60-1.el7_5.x86_64
[root@centos73 ~]# ss -tnl
State      Recv-Q Send-Q                      Local Address:Port                                     Peer Address:Port              
LISTEN     0      128                                     *:22                                                  *:*                  
LISTEN     0      100                             127.0.0.1:25                                                  *:*                  
LISTEN     0      128                                    :::22                                                 :::*                  
LISTEN     0      100                                   ::1:25                                                 :::*                  
[root@centos73 ~]# systemctl   start  mariadb
[root@centos73 ~]# ss -tnl
State      Recv-Q Send-Q                      Local Address:Port                                     Peer Address:Port              
LISTEN     0      50                                      *:3306                                                *:*                  
LISTEN     0      128                                     *:22                                                  *:*                  
LISTEN     0      100                             127.0.0.1:25                                                  *:*                  
LISTEN     0      128                                    :::22                                                 :::*                  
LISTEN     0      100                                   ::1:25                                                 :::*    

 

 

 

 

 

[root@centos73 ~]# ls  /var/lib/mysql/
aria_log.00000001  centos73.huawei.com.err  ibdata1      ib_logfile1  mysql.sock          test
aria_log_control   centos73.huawei.com.pid  ib_logfile0  mysql        performance_schema
[root@centos73 ~]# ls  /var/lib/mysql/  -l
total 37860
-rw-rw----. 1 mysql mysql    16384 Apr 27 12:11 aria_log.00000001
-rw-rw----. 1 mysql mysql       52 Apr 27 12:11 aria_log_control
-rw-rw----. 1 mysql mysql     1886 Apr 27 12:11 centos73.huawei.com.err
-rw-rw----. 1 mysql mysql        5 Apr 27 12:11 centos73.huawei.com.pid
-rw-rw----. 1 mysql mysql 18874368 Apr 27 12:11 ibdata1
-rw-rw----. 1 mysql mysql  5242880 Apr 27 12:11 ib_logfile0
-rw-rw----. 1 mysql mysql  5242880 Apr 27 12:11 ib_logfile1
drwx------. 2 mysql mysql     4096 Apr 27 12:11 mysql
srwxrwxrwx. 1 mysql mysql        0 Apr 27 12:11 mysql.sock
drwx------. 2 mysql mysql     4096 Apr 27 12:11 performance_schema
drwx------. 2 mysql mysql        6 Apr 27 12:11 test

 

 

 

 

 

只有启动数据库服务才会生成此文件

[root@centos73 ~]#  [ -S   /var/lib/mysql/mysql.sock ]  &&  echo  true  ||  echo false 
true
[root@centos73 ~]# ll   /var/lib/mysql/mysql.sock
srwxrwxrwx. 1 mysql mysql 0 Apr 27 12:11 /var/lib/mysql/mysql.sock

 

 

 

 

停止数据库服务

[root@centos73 ~]# systemctl stop  mariadb
[root@centos73 ~]# ss -tnl
State      Recv-Q Send-Q                      Local Address:Port                                     Peer Address:Port              
LISTEN     0      128                                     *:22                                                  *:*                  
LISTEN     0      100                             127.0.0.1:25                                                  *:*                  
LISTEN     0      128                                    :::22                                                 :::*                  
LISTEN     0      100                                   ::1:25                                                 :::*                  
[root@centos73 ~]# ls   /var/lib/mysql/mysql.sock
ls: cannot access /var/lib/mysql/mysql.sock: No such file or directory
[root@centos73 ~]# ls   /var/lib/mysql/mysql.sock -l
ls: cannot access /var/lib/mysql/mysql.sock: No such file or directory
[root@centos73 ~]# [ -S   /var/lib/mysql/mysql.sock ]  &&  echo  true  ||  echo false 
false

 

 

 

 

 

 

 

(四)测试文件属性

 

1文件是否可读

[root@centos73 ~]# ll /etc/fstab 
-rw-r--r--. 1 root root 636 Feb  1 00:26 /etc/fstab
[root@centos73 ~]# [ -r   /etc/fstab]  &&  echo  true  ||  echo false 
-bash: [: missing `]false
[root@centos73 ~]# [ -r   /etc/fstab ]  &&  echo  true  ||  echo false 
true

 

 

 

 

 

2文件是否可写

因为是root用户登录的

[root@centos73 ~]# ll /etc/fstab 
-rw-r--r--. 1 root root 636 Feb  1 00:26 /etc/fstab
[root@centos73 ~]# [ -w   /etc/fstab ]  &&  echo  true  ||  echo false 
true

 

 

 

 

 

 

3文件是否可执行

[root@centos73 ~]# ll /etc/fstab 
-rw-r--r--. 1 root root 636 Feb  1 00:26 /etc/fstab
[root@centos73 ~]# [ -x   /etc/fstab ]  &&  echo  true  ||  echo false 
false

 

 

 

 

4文件是否有sgid权限

[root@centos73 ~]# touch   a.txt
[root@centos73 ~]# ll a.txt 
-rw-r--r--. 1 root root 0 Apr 27 11:56 a.txt
[root@centos73 ~]#  chmod  g+s  a.txt 
[root@centos73 ~]# ll a.txt 
-rw-r-Sr--. 1 root root 0 Apr 27 11:56 a.txt
[root@centos73 ~]# [ -g   a.txt ] && echo true || echo false
true
[root@centos73 ~]# touch  b.txt
[root@centos73 ~]# ll b.txt 
-rw-r--r--. 1 root root 0 Apr 27 11:56 b.txt
[root@centos73 ~]# [ -g   b.txt ] && echo true || echo false
false

 

 

5-k FILE:是否存在且拥有sticky权限

[root@centos73 ~]# ll -d /tmp/
drwxrwxrwt. 8 root root 112 Apr 27 12:16 /tmp/
[root@centos73 ~]#  [ -k   /tmp/  ]  &&  echo  true  ||  echo false     
true

 

 

 

6-u FILE:是否存在且拥有suid权限

[root@centos73 ~]#  ll /usr/bin/passwd 
-rwsr-xr-x. 1 root root 27832 Jun 10  2014 /usr/bin/passwd
[root@centos73 ~]# [ -u /usr/bin/passwd  ]  &&  echo  true  ||  echo false 
true
[root@centos73 ~]#  [ -u /etc/passwd   ]  &&  echo  true  ||  echo false    
false

 

 

 

 

注意是以实际权限为标准,而不是表面的权限

在root用户下面,显示无权限不一定真的无权限。

root就像是领导,有权限查看、写入的,但没有权限执行。

[root@centos73 ~]# ll /etc/shadow
----------. 1 root root 3418 Apr 26 23:08 /etc/shadow
[root@centos73 ~]# [ -u /etc/shadow    ]  &&  echo  true  ||  echo false
false
[root@centos73 ~]# [ -r  /etc/shadow    ]  &&  echo  true  ||  echo false 
true
[root@centos73 ~]# [ -w   /etc/shadow    ]  &&  echo  true  ||  echo false 
true
[root@centos73 ~]# [ -x   /etc/shadow    ]  &&  echo  true  ||  echo false 
false

 

 

 

 使用普通用户,文件显示什么权限就是什么权限

[root@centos73 ~]# id zhao
uid=1024(zhao) gid=1024(zhao) groups=1024(zhao)
[root@centos73 ~]# getent  passwd  zhao
zhao:x:1024:1024::/home/zhao:/bin/bash
[root@centos73 ~]# su - zhao
Last login: Sat Apr 27 15:45:44 CST 2019 on pts/0
[zhao@centos73 ~]$ ll /etc/shadow
----------. 1 root root 3418 Apr 27 15:46 /etc/shadow
[zhao@centos73 ~]$ [ -r  /etc/shadow    ]  &&  echo  true  ||  echo false 
false
[zhao@centos73 ~]$ [ -w   /etc/shadow    ]  &&  echo  true  ||  echo false 
false
[zhao@centos73 ~]$ [ -x   /etc/shadow    ]  &&  echo  true  ||  echo false 
false
[zhao@centos73 ~]$ exit 
logout

 

 

 

 

目前普通用户是没有权限查看的

[zhao@centos73 ~]$  cat /etc/shadow
cat: /etc/shadow: Permission denied
[zhao@centos73 ~]$ exit 
logout
[root@centos73 ~]#   cat /etc/shadow
root:$6$L4X4itWo9U1UhZ7D$1gFlp6MFqlmLtvCAtCt9XSXBvwFemj/Ke7AV01XEexKucltKKzgMxbr7yPiVEUuiyVcpnDE0s5JZ096lSLnv70::0:99999:7:::
bin:*:17632:0:99999:7:::
daemon:*:17632:0:99999:7:::
adm:*:17632:0:99999:7:::
lp:*:17632:0:99999:7:::
sync:*:17632:0:99999:7:::
shutdown:*:17632:0:99999:7:::
halt:*:17632:0:99999:7:::
mail:*:17632:0:99999:7:::
operator:*:17632:0:99999:7:::
games:*:17632:0:99999:7:::
ftp:*:17632:0:99999:7:::
nobody:*:17632:0:99999:7:::
systemd-network:!!:17905::::::
dbus:!!:17905::::::
polkitd:!!:17905::::::
sshd:!!:17905::::::
postfix:!!:17905::::::
dhcpd:!!:17905::::::
apache:!!:17927::::::
user1:$6$HLs6r0rh$XBgmqD/dFgU9W9J769cGPrSPX1xZt4lNKTjxXBJxiC.pY4BkR60DIOVo7vNCavLiutVQB5RaZwbl3fALys5yn0:18012:0:99999:7:::
user2:$6$jzrP/9Ye$f4AaH6gQebHuiUHvdTPuuJ5D7OraGtdNt0nbpDp2rDSpHHMPJOn0iMeU2nHrw/pMLTYxlKH9gREr2Ww9ckOvE.:18012:0:99999:7:::
user3:$6$.kPyYY7u$4I1Z9L.pK7JwUyceGeUsc3S/iechK8/grS3tk7VbCslvoYitG33/.3yf00BG0kKmtelOYg9cmhIZZn506c2cd0:18012:0:99999:7:::
user4:$6$3GsOV1NG$7sJRXhmcGV2fMginz1mIawW8/g1LU0Lv7riLRuaM77jZIhKxXirwZCQI9RZrHUxGGm6hz.M6l1ZcDqBlYScAA/:18012:0:99999:7:::
user5:$6$0Qed820A$cQPxR/0Eel0Sk1Kuq/DCatdGOfQkfgGnoQVxEdjgJElra8dAi/UqDhf9QG0SgX0bZESjacigwb/LOPDBdmXCD.:18012:0:99999:7:::
user6:$6$7K52M3R4$sDGhJHCM.qs0ASWv4F9zdOIRcH3ju1c6aJKIKG8aAm99l/Zn8PlFURurKTJxCGUy3C.tQmMOjbAe121sYQ5CV.:18012:0:99999:7:::
user7:$6$kbgzn9F7$NgyXkzu/mU2f7SZuf/N17o30lBE0OAdyQbvCtPYlVXdjP.iwHtWzRXqFMTzXTl0VX5UMC3RLmJoo3KW.E9JnC1:18012:0:99999:7:::
user8:$6$5oEyWVAd$14tH.xSv/njtRbQQRzlef5H6hrmUCYT9YQYgC3jntAlBkavYhmSDxwJx4WJoWFyIOGU5uwwax7RUplCXHbBbo1:18012:0:99999:7:::
user9:$6$7smw/DCA$Y4cHOXFx4k5tT1yNC9ldwaPZhZhO4TOTPzGN/X6q3.ZeoBI1eszMpGrEFi9X8x7uqIbfCTfTSe/TvuTmT8ftn1:18012:0:99999:7:::
user10:$6$EQOEW5ir$INCc4FovR7DD7ozn/iNCA/GE9aYW8J1BRfsUFOk0ta5/LTJB0nOp5BA.3ZE0ICqjLLl63CjurDAyON1SAyP.30:18012:0:99999:7:::
user11:$6$FnwlyVq2$Zw4o3CRM8HBopYjwS6bPuv1qh4711Qf1FZMK9n6h19.cOWFEfqQ9ooBciLIpffm0W40RSg/B9aB0Od0do3div/:18012:0:99999:7:::
user12:$6$vdNcdCrz$1F7REyBiXVMJX2u7XeIAmEignw0GvSYRGoVsLhJ9ufEz93.oUmBiQigZr2jRq8ngBG3mNMwTl3v3p.U5VTD5p0:18012:0:99999:7:::
user13:$6$9T7DmvNV$3ya3PKhXuvOvtVurLiT13Kv8unGwUFljVzuR5oNNGvpJOPS2VH.xmD.lhAb3J/QVZQy6u8yOdOpIEyYSnHetP1:18012:0:99999:7:::
user14:$6$qhnOz7W.$Wbiqvj9Wkw7YNIwQ2xpsNASbAZ5Ai90d1rx3WcdTRi8tvuiGaulttxlgG96KSyT8yBpXw/pyZci7uA92y0WnP0:17935:0:99999:7:::
user15:$6$QDVVXOnP$zM04k/zPCXK6tE72R80h0keNdPUoFPuL0yNLbsBfXtjWeftRbqhnAZRgYv6vnVk7uzyXWWb.EO/2DiLHrSdQO/:18012:0:99999:7:::
user16:$6$jSai7i1D$3TLTNUDntkwBxSUaE/4UAcONJYSSlrB/RjXsZCPXjYrTakDiuvfw0O8JXwwm/ypRrwQYdVk2dTLhkh2VE8zD40:18012:0:99999:7:::
user17:$6$FyW18HlF$VO1Ejg7nwQ8grc8jjEEtNmxDxGoNOKPya8ITWDZTLFPfyuBZ/V8eeneGPgIHCSJLsEh60Bx52xS1cQQzQ15YV.:18012:0:99999:7:::
user18:$6$.z2/Dohm$8HmdCleOB6zUTXgFVtB8BDoaaJ0TXO0yfkXLa/CJHYT.P9DzFXwKosunrp3h69dg0fvqOr7.jDrzbpY3KzWql/:18012:0:99999:7:::
user19:$6$A9a0tJNT$gMbp7ZqjdTqgOZ90Fe/qSw11cK0k993S2I15xYpzwBIHav/XLMJ7Ka7pakwkv3RmNW.D/6dWhi8w0.CnPxQl2.:18012:0:99999:7:::
user20:$6$52.ELIOk$FobPACG6D2IUKDup9aXpGxEUvEG/PxdHt1XvWkJs/tNpgHWKVkNUQHqpfGN.BxyDbQYnUbp33dgKf.bL5Wk3h/:18012:0:99999:7:::
tss:!!:17936::::::
cracker:$6$H775bLE6$tM5fjJtbAymFJT/adFBKV6PsVnPqrMfwtHBcBd.wbB7QPMbtbGkXVX6VpMKQEs6majhDDvgK/JLRMDUe.B5Pm/:17939:0:99999:7:::
mysql:!!:17939::::::
ntp:!!:17949::::::
zhang:!!:18012:0:99999:7:::
zhao:!!:18012:0:99999:7:::
xixixi:!!:18012:0:99999:7:::
op:!!:18012:0:99999:7:::
wang:!!:18013:0:99999:7:::
[root@centos73 ~]# ll /etc/shadow
----------. 1 root root 3418 Apr 27 15:46 /etc/shadow

 

 

 

如果给用户wang读的权限,就有权限读了,使用命令setfacl添加权限

[root@centos73 ~]# ll /etc/shadow
----------. 1 root root 3418 Apr 27 15:46 /etc/shadow
[root@centos73 ~]# setfacl -m u:zhao:r   /etc/shadow
[root@centos73 ~]# ll /etc/shadow
----r-----+ 1 root root 3418 Apr 27 15:46 /etc/shadow
[root@centos73 ~]# su - zhao
Last login: Sat Apr 27 15:49:27 CST 2019 on pts/0
[zhao@centos73 ~]$  ll /etc/shadow
----r-----+ 1 root root 3418 Apr 27 15:46 /etc/shadow
[zhao@centos73 ~]$ [ -r   /etc/shadow    ]  &&  echo  true  ||  echo false 
true
[zhao@centos73 ~]$ [ -w   /etc/shadow    ]  &&  echo  true  ||  echo false 
false
[zhao@centos73 ~]$ [ -x   /etc/shadow    ]  &&  echo  true  ||  echo false 
false

 

 

 

如果要清空所有的acl权限,加选项-b

只有管理员才可以清空权限

[zhao@centos73 ~]$ setfacl -b  /etc/shadow
setfacl: /etc/shadow: Operation not permitted
[zhao@centos73 ~]$ exit 
logout
[root@centos73 ~]# ll /etc/shadow
----r-----+ 1 root root 3418 Apr 27 15:46 /etc/shadow
[root@centos73 ~]#  setfacl -b  /etc/shadow
[root@centos73 ~]# ll /etc/shadow
----------. 1 root root 3418 Apr 27 15:46 /etc/shadow

 

 

 

 

 

文件是否打开:
-t fd: fd 文件描述符是否在某终端已经打开
-N FILE:文件自从上一次被读取之后是否被修改过
-O FILE:当前有效用户是否为文件属主
-G FILE:当前有效用户是否为文件属组

 

7-t fd: fd 文件描述符是否在某终端已经打开

-t FD True if FD is opened on a terminal.

$$表示当前进程

[root@centos7 ~]# ls  /proc/$$/fd
0  1  2  255
[root@centos7 ~]# ls  /proc/$$/fd   -l
total 0
lrwx------ 1 root root 64 Dec 15 15:52 0 -> /dev/pts/1
lrwx------ 1 root root 64 Dec 15 15:52 1 -> /dev/pts/1
lrwx------ 1 root root 64 Dec 15 15:52 2 -> /dev/pts/1
lrwx------ 1 root root 64 Dec 15 21:41 255 -> /dev/pts/1

 

 

 

 

当前进程打开了多少个文件

因为每打开一个文件就要打开一个文件描述符,其实就是统计文件描述符的个数

[root@centos7 ~]# ls  /proc/$$/fd   
0  1  2  255
[root@centos7 ~]# ls  /proc/$$/fd    | wc -l
4
[root@centos7 ~]# ls  /proc/$$/fd   -l  
total 0
lrwx------ 1 root root 64 Dec 15 15:52 0 -> /dev/pts/1
lrwx------ 1 root root 64 Dec 15 15:52 1 -> /dev/pts/1
lrwx------ 1 root root 64 Dec 15 15:52 2 -> /dev/pts/1
lrwx------ 1 root root 64 Dec 15 21:41 255 -> /dev/pts/1

 

 

 

-t fd: fd 文件描述符是否在某终端已经打开

[root@centos7 ~]# ls /proc/$$/fd
0  1  2  255
[root@centos7 ~]# [ -t 1 ]  &&  echo  true  ||  echo false 
true
[root@centos7 ~]# [ -t 2 ]  &&  echo  true  ||  echo false 
true
[root@centos7 ~]# [ -t 255 ]  &&  echo  true  ||  echo false 
true
[root@centos7 ~]# [ -t  0 ]  &&  echo  true  ||  echo false 
true

 

 

 

 

 
2-O FILE:当前有效用户是否为文件属主

-O FILE True if the file is effectively owned by you.

注意当前用户不一定是有效用户。

当一个用户执行SUID程序的时候,普通用户的身份变成了root,root就是当时的有效用户,

执行程序的用户是实际用户,真正生效的用户是有效用户。

如果没有特殊权限,当前用户就是有效用户。

[root@centos73 ~]#  whoami 
root
[root@centos73 ~]#  ll /usr/bin/passwd 
-rwsr-xr-x. 1 root root 27832 Jun 10  2014 /usr/bin/passwd

 

 

 

当前用户和有效用户都是root

[root@centos73 ~]# [ -O  /etc/issue   ]   &&  echo  true  ||  echo  false
true
[root@centos73 ~]# [ -O  /etc/passwd   ]   &&  echo  true  ||  echo  false
true
[root@centos73 ~]# [ -O  /usr/bin/passwd   ]   &&  echo  true  ||  echo  false
true

 

 

 
3-G FILE:当前有效用户是否为文件属组

[root@centos77 ~]# pwd
/root
[root@centos77 ~]# who
root     tty1         2019-01-24 19:47
root     pts/0        2019-04-27 15:43 (192.168.137.1)
[root@centos77 ~]# whoami
root
[root@centos77 ~]# ll /etc/passwd
-rw-r--r--. 1 root root 1005 Apr 27 17:25 /etc/passwd
[root@centos77 ~]# [ -G  /etc/passwd   ]   &&  echo  true  ||  echo  false
true

 

 

 

 

 4-N FILE:文件自从上一次被读取之后是否被修改过,也就是mtime比atime更新

-N FILE True if the file has been modified since it was last read.

[root@centos77 ~]# [ -N   /etc/fstab   ]   &&  echo  true  ||  echo  false
false
[root@centos77 ~]# vim  /etc/fstab 
[root@centos77 ~]# [ -N   /etc/fstab   ]   &&  echo  true  ||  echo  false
true
[root@centos77 ~]# ll /etc/fstab 
-rw-r--r--. 1 root root 636 Apr 27 20:48 /etc/fstab

 

 

 

 

当新创建一个文件时,文件的最后访问时间、最后内容修改时间、最后状态更新时间是一致的。

[root@centos77 ~]# stat /etc/fstab 
  File: ‘/etc/fstab’
  Size: 636           Blocks: 8          IO Block: 4096   regular file
Device: 802h/2050d    Inode: 67737177    Links: 1
Access: (0644/-rw-r--r--)  Uid: (    0/    root)   Gid: (    0/    root)
Context: system_u:object_r:etc_t:s0
Access: 2019-04-27 20:48:37.952425112 +0800
Modify: 2019-04-27 20:48:37.952425112 +0800
Change: 2019-04-27 20:48:37.977425111 +0800
 Birth: -

 

 

 

 

 

三Bash的逻辑操作符/组合测试条件

 

第一种方式:
COMMAND1 && COMMAND2 并且
COMMAND1 || COMMAND2 或者
! COMMAND 非
如:[[ -r FILE ]] && [[ -w FILE ]]

注意true和false本身就是命令,而且是内部命令,返回的结果是真,假

[root@centos73 ~]#  true 
[root@centos73 ~]# echo $?
0
[root@centos73 ~]# false 
[root@centos73 ~]# echo $?
1

 

 

 

[root@centos73 ~]#  true    &&  echo  true  ||  echo  false
true
[root@centos73 ~]#  false    &&  echo  true  ||  echo  false
false
[root@centos73 ~]# type true
true is a shell builtin
[root@centos73 ~]# type false 
false is a shell builtin

 

 

 

 

使用!取反

[root@centos73 ~]#  !   true    &&  echo  true  ||  echo  false
false
[root@centos73 ~]# !   false     &&  echo  true  ||  echo  false
true
[root@centos73 ~]# a=10;[  $a -eq 10  ]    &&  echo  true  ||  echo  false
true
[root@centos73 ~]# a=10;[  !  $a -eq 10  ]    &&  echo  true  ||  echo  false
false

 

 

 

 


第二种方式:
EXPRESSION1 -a EXPRESSION2 并且
EXPRESSION1 -o EXPRESSION2 或者
! EXPRESSION

文件存在并且有执行权限那么就显示指定文件的内容

[root@centos73 ~]# [ -f /bin/cat -a -x /bin/cat ] && cat /etc/fstab

#
# /etc/fstab
# Created by anaconda on Wed Jan  9 13:54:32 2019
#
# Accessible filesystems, by reference, are maintained under /dev/disk
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
#
UUID=154fb900-77cf-4d55-975f-b788805fe281 /                       xfs     defaults        0 0
UUID=f0c8487e-df2a-4042-81ca-f9011445c8bd /app                    xfs     defaults        0 0
UUID=e76ffa1a-9169-42d4-adcc-c6bdbfefd663 /boot                   xfs     defaults        0 0
UUID=809c994a-336d-4517-b3c4-7e0dae5ad738 swap                    swap    defaults        0 0
/dev/cdrom  /mnt   iso9660  defaults 0 0
[root@centos73 ~]#  ll /bin/cat
-rwxr-xr-x. 1 root root 54080 Apr 11  2018 /bin/cat

 

 

 

 

在centos6的文件/etc/rc.sysinit

15 if [ -z "$HOSTNAME" -o "$HOSTNAME" = "(none)" ]; then
 16     HOSTNAME=localhost
 17 fi

349         if [ "$HOSTNAME" = "localhost" -o "$HOSTNAME" = "localhost.localdomain" ]; then
350                 ipaddr=$(ip addr show to 0.0.0.0/0 scope global | awk /[[:space:]]inet / { print gensub("/.*","","g",$2) })
351                 for ip in $ipaddr ; do
352                         HOSTNAME=
353                         eval $(ipcalc -h $ip 2>/dev/null)
354                         [ -n "$HOSTNAME" ] && { hostname ${HOSTNAME} ; break; }
355                 done
356         fi

 

 

 

 

示例

1、编写脚本/bin/per.sh,判断当前用户对指定的参数文件,是否不可读并且不可写

法1:

脚本内容

[root@centos73 shell_scripts]# cat  per.sh 
#!/bin/bash
#Author=wang
[ $# -lt 1 ] && echo "please  input a parameter" && exit  9
#首先要判断是否有参数 [ ! -r $1 ] && [ ! -w $1 ] && echo " no read,and write" || echo "other permission"

 

 

 

 

 

 执行结果

[root@centos73 shell_scripts]# bash  per.sh  
please  input a parameter
[root@centos73 shell_scripts]# bash  per.sh  /etc/issue
other permission
[root@centos73 shell_scripts]# bash  per.sh  /etc/passwd
other permission

 

 

 

 

法2

注意括号前加上\用来转义。

上面的方法更容易理解

 脚本内容

[root@centos73 shell_scripts]# cat  per1.sh 
#!/bin/bash
#Author=wang
[ $# -lt 1 ] && echo "please  input a parameter" && exit  
[ !  \(   -r  $1   -a  -w   $1 \)   ]    &&   echo " no read,and write" || echo  "other permission"

 

 

 

 

执行结果

[root@centos73 shell_scripts]# bash  per1.sh   
please  input a parameter
[root@centos73 shell_scripts]# bash  per1.sh   /etc/issue
other permission
[root@centos73 shell_scripts]# bash  per1.sh   /etc/passwd
other permission

 

 

 

 

解析脚本

[root@centos73 ~]#  [  \(   -r  /etc/shadow   -a  -w  /etc/shadow \)   ]   &&  echo  true  ||  echo  false
true
[root@centos73 ~]# [ -r  /etc/shadow  ]   &&   [   -w  /etc/shadow   ]    &&  echo  true  ||  echo  false
true
[root@centos73 ~]#  [ !  -r  /etc/shadow  ]   &&   [  !   -w  /etc/shadow   ]    &&  echo  true  ||  echo  false
false

 

 

 

 

 

普通用户是没有读写权限的

[root@centos73 ~]# su  -  zhao
Last login: Sat Apr 27 16:51:31 CST 2019 on pts/0
[zhao@centos73 ~]$ ll /etc/shadow
----------. 1 root root 3418 Apr 27 15:46 /etc/shadow
[zhao@centos73 ~]$ [  \(   -r  /etc/shadow   -a  -w  /etc/shadow \)   ]   &&  echo  true  ||  echo  false
false
[zhao@centos73 ~]$ [ -r  /etc/shadow  ]   &&   [   -w  /etc/shadow   ]    &&  echo  true  ||  echo  false
false
[zhao@centos73 ~]$  [ !  -r  /etc/shadow  ]   &&   [  !   -w  /etc/shadow   ]    &&  echo  true  ||  echo  false
true

 

 

 

 

在此文件对其他用户添加读权限

[zhao@centos73 ~]$ pwd
/home/zhao
[zhao@centos73 ~]$ chmod     a+r   /etc/shadow
chmod: changing permissions of ‘/etc/shadow’: Operation not permitted
[zhao@centos73 ~]$ exit 
logout
[root@centos73 ~]# ll /etc/shadow
----------. 1 root root 3418 Apr 27 15:46 /etc/shadow
[root@centos73 ~]# chmod     a+r   /etc/shadow
[root@centos73 ~]# ll /etc/shadow
-r--r--r--. 1 root root 3418 Apr 27 15:46 /etc/shadow
[root@centos73 ~]# su  -  zhao
Last login: Sat Apr 27 17:03:21 CST 2019 on pts/0
[zhao@centos73 ~]$  [ !  -r  /etc/shadow  ]   &&   [  !   -w  /etc/shadow   ]    &&  echo  true  ||  echo  false
false
[zhao@centos73 ~]$ [ -r  /etc/shadow  ]   &&   [   -w  /etc/shadow   ]    &&  echo  true  ||  echo  false
false

 

 

 

 

上面的法2涉及到了德·摩根定律:

 

(非 A) 或 (非 B) = 非(A 且 B)
(非 A) 且 (非 B) = 非(A 或 B)
示例:
!A -a !B = !(A -o B)
!A -o !B = !(A -a B)

 

技术图片

 

 

 

 

2、编写脚本/root/bin/excute.sh ,判断参数文件是否为sh后缀的普通文件。

如果是,添加所有人可执行权限,否则提示用户非脚本文件。

 

脚本内容

=~  左侧字符串是否能够被右侧的PATTERN所匹配

[root@centos73 shell_scripts]# cat  excute.sh
#!/bin/bash
#Author=wang
[ $# -lt 1 ] && echo "please  input  a  parameter"   &&  exit 1
[ ! -f $1 ] && echo   "file not exist"
[[  "$1" =~ .*.sh$ ]]  && chmod  a+x  $1 ||  echo  "no shellscript file"

 

 

 

[root@centos73 shell_scripts]# cat  excute.sh
#!/bin/bash
#Author=wang
[ $# -lt 1 ] && echo "please  input  a  parameter"   &&  exit 1
[ ! -f $1 ] && echo   "file not exist"
#前面两步很容易被忽略,写脚本要考虑周到
[[  "$1" =~ .*.sh$ ]]  && chmod  a+x  $1 ||  echo  "no shellscript file"
#.*表示任意多个字符串,=~  左侧字符串是否能够被右侧的PATTERN所匹配
#此表达式一般用于[[ ]]中;扩展的正则表达式

 

 

 

 

 

执行结果

[root@centos73 shell_scripts]# ll   excute.sh 
-rw-r--r--. 1 root root 192 Apr 27 17:12 excute.sh
[root@centos73 shell_scripts]# bash  excute.sh    excute.sh 
[root@centos73 shell_scripts]# ll   excute.sh 
-rwxr-xr-x. 1 root root 192 Apr 27 17:12 excute.sh
[root@centos73 shell_scripts]# bash  excute.sh    
please  input  a  parameter

 

 



 

 

3编写脚本/root/bin/nologin.sh和login.sh,实现禁止和允许普通用户登录系统

touch /etc/nologin  创建这个文件实现不能登录系统是基于PAM模块实现的,涉及安全和加密内容

注意先要设置密码,为远程用户登录准备

[root@centos73 ~]# echo   centos  |    passwd  --stdin  zhao
Changing password for user zhao.
passwd: all authentication tokens updated successfully.

 

 

 

 

[root@centos73 shell_scripts]# cat /etc/nologin
cat: /etc/nologin: No such file or directory
[root@centos73 shell_scripts]# cd
[root@centos73 ~]# su  -  zhao
Last login: Sat Apr 27 17:06:14 CST 2019 on pts/0
[zhao@centos73 ~]$ exit 
logout
[root@centos73 ~]# touch  /etc/nologin
[root@centos73 ~]# ll  /etc/nologin 
-rw-r--r--. 1 root root 0 Apr 27 17:20 /etc/nologin
[root@centos73 ~]# su  -  zhao
Last login: Sat Apr 27 17:20:35 CST 2019 on pts/0
[zhao@centos73 ~]$ exit 
logout







在另外一台机器远程无法登录该主机的普通用户

[root@centos77 ~]# id  zhao
id: zhao: no such user
[root@centos77 ~]# useradd   zhao
[root@centos77 ~]# id  zhao
uid=1001(zhao) gid=1001(zhao) groups=1001(zhao)
[root@centos77 ~]# ssh  zhao@192.168.137.73
zhao@192.168.137.73s password: 
Authentication failed.
[root@centos77 ~]# ssh  zhao@192.168.137.73
zhao@192.168.137.73s password: 
Authentication failed.
[root@centos77 ~]# ssh  zhao@192.168.137.73
zhao@192.168.137.73s password: 
Authentication failed.

 

 

不过可以登录到对方的root用户

[root@centos77 ~]# ssh  192.168.137.73
root@192.168.137.73s password: 
Last login: Fri Apr 26 11:19:53 2019 from gateway
[root@centos73 ~]# hostname
centos73.huawei.com
[root@centos73 ~]# exit 
logout
Connection to 192.168.137.73 closed.
[root@centos77 ~]# hostname
centos77.jd.com
[root@centos77 ~]# ssh  root@192.168.137.73
root@192.168.137.73s password: 
Last login: Sat Apr 27 17:23:42 2019 from 192.168.137.77
[root@centos73 ~]# hostname
centos73.huawei.com
[root@centos73 ~]# exit 
logout
Connection to 192.168.137.73 closed.
[root@centos77 ~]# hostname
centos77.jd.com






删除了文件之后就可以连接到远程的普通用户了

[root@centos73 ~]# ll  /etc/nologin 
-rw-r--r--. 1 root root 0 Apr 27 17:20 /etc/nologin
[root@centos73 ~]# cat  /etc/nologin
[root@centos73 ~]# rm -rf   /etc/nologin 
[root@centos73 ~]# cat  /etc/nologin
cat: /etc/nologin: No such file or directory
[root@centos73 ~]# su  -  zhao
Last login: Sat Apr 27 17:26:21 CST 2019 on pts/0
[zhao@centos73 ~]$ exit 
logout

 

 
[root@centos77 ~]# ssh  zhao@192.168.137.73
zhao@192.168.137.73s password: 
Last failed login: Sat Apr 27 17:30:46 CST 2019 from 192.168.137.77 on ssh:notty
There were 3 failed login attempts since the last successful login.
Last login: Sat Apr 27 17:29:13 2019
[zhao@centos73 ~]$ pwd
/home/zhao

 

 

 

 

 

 禁止普通用户登录系统的脚本

[root@centos73 shell_scripts]# cat  nologin.sh 
#!/bin/bash
#Author=wang
[ ! -f /etc/nologin ] && touch /etc/nologin
#如果此文件不存在那么就创建文件

 

 

 

执行脚本之后会创建文件

[root@centos73 shell_scripts]# ls  /etc/nologin
ls: cannot access /etc/nologin: No such file or directory
[root@centos73 shell_scripts]# bash  nologin.sh 
[root@centos73 shell_scripts]# ls  /etc/nologin
/etc/nologin
[root@centos73 shell_scripts]# ls  /etc/nologin  -l
-rw-r--r--. 1 root root 0 Apr 27 17:34 /etc/nologin

 

 

 

 

[root@centos73 shell_scripts]# su -  zhao
Last login: Sat Apr 27 17:32:22 CST 2019 from 192.168.137.77 on pts/1
Last failed login: Sat Apr 27 17:35:14 CST 2019 from 192.168.137.77 on ssh:notty
There was 1 failed login attempt since the last successful login.
[zhao@centos73 ~]$ pwd
/home/zhao

 

 

 

 

 

执行结果

[root@centos77 ~]# ssh  zhao@192.168.137.73
zhao@192.168.137.73s password: 
Authentication failed.
[root@centos77 ~]# ssh  zhao@192.168.137.73
zhao@192.168.137.73s password: 
Authentication failed.

 

 

 

 

 

 

允许普通用户登录系统的脚本

[root@centos73 shell_scripts]# cat login.sh 
#!/bin/bash
#Author=wang
[ -f /etc/nologin ] &&  rm -rf /etc/nologin
#如果文件存在就删除文件,相当于解开了枷锁

 

 

 

 

[root@centos73 shell_scripts]# ls  /etc/nologin
/etc/nologin
[root@centos73 shell_scripts]# ls  /etc/nologin  -l
-rw-r--r--. 1 root root 0 Apr 27 17:34 /etc/nologin
[root@centos73 shell_scripts]# bash  login.sh 
[root@centos73 shell_scripts]# ls  /etc/nologin  -l
ls: cannot access /etc/nologin: No such file or directory
[root@centos73 shell_scripts]# su  -  zhao
Last login: Sat Apr 27 17:35:22 CST 2019 on pts/0
Last failed login: Sat Apr 27 17:35:51 CST 2019 from 192.168.137.77 on ssh:notty
There was 1 failed login attempt since the last successful login.
[zhao@centos73 ~]$ exit 

 

 

 

 

 

因为对方把之前的/etc/nologin文件删除就可以登录了

[root@centos77 ~]# ssh  zhao@192.168.137.73
zhao@192.168.137.73s password: 
Last login: Sat Apr 27 17:38:35 2019
[zhao@centos73 ~]$ pwd
/home/zhao
[zhao@centos73 ~]$ exit 
logout
Connection to 192.168.137.73 closed.
[root@centos77 ~]# ssh  zhao@192.168.137.73
zhao@192.168.137.73s password: 
Last login: Sat Apr 27 17:39:23 2019 from 192.168.137.77
[zhao@centos73 ~]$ exit 
logout
Connection to 192.168.137.73 closed.
[root@centos77 ~]# id zhao
uid=1001(zhao) gid=1001(zhao) groups=1001(zhao)
[root@centos77 ~]# getent  passwd  zhao
zhao:x:1001:1001::/home/zhao:/bin/bash

 

shell脚本编程测试类型下

标签:logout   cut   parameter   xxx   ogr   访问   su -   new   centos6   

原文地址:https://www.cnblogs.com/wang618/p/11041162.html

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!