Shell企业案例实战和企业面试题

shell企业面试题

1、批量创建带有随机小写字符文件程序

使用for循环在/pizza目录下创建10个html文件，其中每个文件包含10个随机小写字母加固定字母_pizza

1、思路分析：

核心是：创建10个随机小写字母

第一种：$RANDOM

[root@web- /server/scripts]# echo $RANDOM
  范围0- ，第一个容易被破解，使用的时候最好再加个字符串

第二种：openssl rand -base64 10

[root@web- /server/scripts]# openssl rand -base64 （最后面是长度）
yz+FH2zUNMlVnw==
[root@web- /server/scripts]# openssl rand -base64
wkfkVmliczOgoLl0z/m5S/7InZ8+4AzdHmR6t6hhE80oghRY46598L+no+HtDcHD
HyvQYnBWi6nQ0GbsjafyWZps7y6JpMEA6JOwQ+HlIOICXT7YLCcI9mQa6FUE+vHR
OcxHog==

第三种：date

[root@web- /server/scripts]# date +%N%s（）

第四种：head /dev/urandom |cksum

[root@web- /server/scripts]# head /dev/urandom |cksum
 

第五种：uuidgen

[root@web- /server/scripts]# uuidgen
218780c9-ee6f-41dc--a9a3a717cde1

第六种：cat /proc/sys/kernel/random/uuid

[root@web- /server/scripts]# cat /proc/sys/kernel/random/uuid
542f71d9-b240--b61d-632083ecf6be

第七种：expect的mkpasswd

[root@web- /server/scripts]# mkpasswd（yum install expect -y）
k3WlhJ|e7
 
[root@web- /server/scripts]# mkpasswd -l  -d  -c  （-l长度、-d数字、-c小写字母、-C大写字母、-s特殊字符）
nebiv;bnZi6vjluvczgP

本次使用$RANDOM，前面加字符串，md5加密 ，将数字替换为字母，截取第2-第11个，共10位

[root@web- ~]# echo "PIZZA$RANDOM" |md5sum|tr "0-9" "a-z"|cut -c -
befdbcdaee

2、for循环创建

path=/pizza
[ -d $path ] || mkdir $path
for n in {..}
do
    random=`echo "PIZZA$RANDOM" |md5sum|tr "0-9" "a-z"|cut -c -`
    touch $path/${random}_pizza.html
done

2、批量改名

将题1中的pizza都改成linux（最好用for循环实现，并且扩展名html全部改成大写）

思路分析：

1、先改一个

2、for循环

name=linux
path=/pizza/
cd $path
for file in `ls *.html`
do
    mv $file `echo ${file/pizza.html/linux.HTML}`
done

3、方法二--用一条命令

[root@web- /pizza]# ls *.HTML |awk -F 'linux.HTML' '{print "mv",$0,$1"pizza.html"}' |bash

4、方法三--专业的rename

[root@web- /pizza]# rename "pizza.html" "linux.HTML" *.html

3、批量创建特殊需求要求用户案例

批量创建10个系统账号 pizza01-pizza10 并设置密码（密码是随机数，要求字符和数字等混合）

思路分析：

1、创建10个账号

第一种：echo pizza{01..10}

第二种：seq -w 10

2、随机密码，题1已经讲了很多，这次用openssl rand -base64 100

3、创建用户的命令

第一种：

useradd  pizza01

echo   密码 | passwd  --stdin

第二种：chpasswd命令

格式要符合下面的形式

pizza01：passwd

pizza02：passwd

4、for循环

for n in {..}
do
    passwd=`openssl rand -base64 `
    useradd pizza$n
    echo $passwd |passwd --stdin pizza$n
    echo -e "pizza$n\t$passwb" >> /pizza/user.list
done

或者

for n in {..}
do
    passwd=`openssl rand -base64 `
    useradd pizza$n
    echo "pizza$n:$passwd" >> /pizza/pass.log
done
chpasswd < /pizza/pass.log 

5、优化，搞的专业一点

for n in {..}
do
    pass=`openssl rand -base64 `
    if `grep "pizza$n" /etc/passwd &>/dev/null`    # 判断是不是存在
    then
        useradd pizza$n &&\     # &&\设置强逻辑关系
            echo $pass|passwd --stdin pizza$n &&\
            echo -e "pizza$n\t$pass" >> /pizza/user.log
    else
        echo "pizza$n is exist."
    fi
done

优化：

for n in {..}
do
    pass=`openssl rand -base64 `
    if [ `grep -w "pizza$n" /etc/passwd|wc -l` -eq  ]
    then
        useradd pizza$n &&\
            echo $pass|passwd --stdin pizza$n &&\
            echo -e "pizza$n\t$pass" >> /pizza/user.log
        echo "adduser successful"
 
    else
        echo "pizza$n is exist."
    fi
done  

优化：

. /etc/init.d/functions
for n in {..}
do
    pass=`openssl rand -base64 `
    if [ `grep -w "pizza$n" /etc/passwd|wc -l` -eq  ]
    then
        useradd pizza$n &&\
            echo $pass|passwd --stdin pizza$n &>/dev/null &&\
            echo -e "pizza$n\t$pass" >> /pizza/user.log
        action "adduser successful" /bin/true
 
    else
        action "pizza$n is exist." /bin/false
    fi
done 

优化：

. /etc/init.d/functions
if [ $UID -ne  ]
then
    echo "必须用root执行本脚本"
    exit
fi
 
for n in {..}
do
    pass=`openssl rand -base64 `
    if [ `grep -w "pizza$n" /etc/passwd|wc -l` -eq  ]
    then
        useradd pizza$n &&\
            echo $pass|passwd --stdin pizza$n &>/dev/null &&\
            echo -e "pizza$n\t$pass" >> /pizza/user.log
        action "adduser successful" /bin/true
 
    else
        action "pizza$n is exist." /bin/false
    fi
done 

6、不用for循环的实现

http://user.qzone.qq.com/49000448/blog/1422183723

4、扫描网络内存活主机

写一个Shell脚本，判断10.0.0.0/24网络里面，当前在线的IP有哪些

思路分析

1、判断主机存活

ping  c  i  w  10.0.0.7
nmap  -sP 10.0.0.0/

2、搞起来

第一种：ping

for n in {..}
do
    # 将整个执行用大括号括起来 加 &，进行批量ping，原理就是放到后台执行
    {
    if `ping -c  -w  10.0..$n &>/dev/null`
    then
        echo "10.0.0.$n is up"
    else
        echo "10.0.0.$n is down"
    fi
} &
done

# 没有进行过滤，所以输出很多，可以优化一下
第二种：使用nmap命令行就可以

[root@web- /server/scripts]# nmap -sP 10.0.0.0/ |awk '/Nmap scan report for/{print $NF}'

5、MySQL分库备份

实现对MySQL数据库进行分库备份，用脚本实现

为什么要进行分库备份呢，因为，如果在以后需要备份一个小库，就会很麻烦

常规方法：

mysqldump -B userinfo click test | gzip >bak.sql.gz

分库备份：

mysqldump -B userinfo | gzip >bak.sql.gz
mysqldump -B click | gzip >bak.sql.gz
mysqldump -B test | gzip >bak.sql.gz

执行命令获取库名

mysql -uroot -ppizza123 -e "show databases"   |  grep -v _schema | sed 1d

把密码放到配置文件中

cat  /etc/my.cnf
[client]
user = root
passwd = pizza123

做完这一步就不用在脚本中添加-u和-p参数

备份脚本

path=/backup
mysql="mysql -uroot -ppizza123"
mysqldump="mysqldump -uroot -ppizza123"
[ -d $path ] || mkdir $path
for dbname in `$mysql -e "show databases;" >/dev/null|grep -v _schema | sed 1d`
do
    # 这个命令还有很多参数没有写
    $mysqldump -B $dbname |gzip >/backup/${dbname}_$(date +%F).sql.gz
done  

6、MySQL分库、分表备份

常规备份

mysqldump  pizza  test  test1 | gzip > bak.sql.gz
 
pizza是库名、test和test1是表名

分库、分表备份

mysqldump  -B pizza  | gzip >bak.sql.gz
mysqldump pizza test1
mysqldump pizza test2
mysqldump pizza test3

脚本编码

path=/backup
mysql="mysql -uroot -ppizza123"
mysqldump="mysqldump -uroot -ppizza123"
[ -d $path ] || mkdir $path
for tname in `$mysql -e "show tables from $dbname;" >/dev/null|sed 1d`
    do
        if [ "$dbname" = "mysql" ]
        then
            # 这个命令还有很多参数没有写
            $mysqldump --skip-lock-tables $dbname $tname |gzip >$path/${dbname}-$tname_$(date +%F).sql.gz >/dev/null
        else
            $mysqldump $dbname $tname |gzip >$path/${dbname}-$tname_$(date +%F).sql.gz >/dev/null
        fi
    done
done

7、SSH服务批量分发与管理服务

确保主机能用root登陆

vim /etc/ssh/sshd_config 字段 PermitRootLogin 为 yes

建立密钥对

ssh-keygen

发送公钥到其他服务器

ssh-copy-id  -i  id_rsa.pub  10.0.0.8

可能会很慢，调整其他机器的配置，让操作快一些

useDNS no
 
GSSAPIAuthentication no

重启服务，继续

ssh-copy-id  -i  id_rsa.pub  10.0.0.8
 
ssh-copy-id  -i  id_rsa.pub  10.0.0.9

写一个链接主机并可以执行命令的脚本

vim ssh_.sh

if [ $# -ne  ]
then
　　echo "usage:$0  cmd"
　　exit
fi
for  n  in
do
　　echo  "-----10.0.0.$n------"
　　ssh 10.0..$n  $
done

执行脚本

bash  ssh_.sh  "free -m"

编写分发脚本

. /etc/init.d/functions
if [ $# -ne ]
then
    echo "usage:$0 localdir remotedir"
    exit
fi
 
for n in
do
    scp -rp $ 10.0..$n:$ &>/dev/null
    if [ $? -eq  ]
    then
        action "10.0.0.$n sucessful" /bin/true
    else
        actin "10.0.0.$n fail" /bin/false
    fi
done

8、破解RANDOM随机数案例

已知下面这些字符串是通过RANDOM随机变量 md5sum 后，再截取一部分连续字符串的结果，亲个破解这些字符串对用的使用md5sum 处理前的RANDOM对应的数字

21023299

00205d1c

a3da1677

1f6d12dd

890684b

解答：

1、分析

RANDOM的随机范围是0-32767 。

显现需要把范围内的数字都加密，输出到md5.log中

2、比较

grep “890684b” md5.log | wc -l

3、编码实现

array=(
 
00205d1c
a3da1677
1f6d12dd
890684b
)
md5(){
    for n in {..}
    do
        echo -e "$n\t`echo $n|md5sum`" >> /pizza/md5.log
    done
 
}
crack_num(){
    for num in ${array[*]}
    do
        find=`grep $num /pizza/md5.log`
        if [ `echo $find|wc -l` -eq  ]
        then
            echo $find
        fi
    done
}
main(){
    md5
    crack_num
}
main 

第二种方法：egrep实现

[root@web- /server/scripts]# array=(
>
> 00205d1c
> a3da1677
> 1f6d12dd
> 890684b
> )
 
[root@web- /server/scripts]# cmd=`echo ${array[*]}|tr " " "|"`
 
[root@web- /server/scripts]# egrep "$cmd" /pizza/md5.log 

修改第一版

array=(
 
00205d1c
a3da1677
1f6d12dd
890684b
)
md5(){
    for n in {..}
    do
        echo -e "$n\t`echo $n|md5sum`" > /pizza/md5.log &
    done
 
}
crack_num(){
    cmd=`echo ${array[*]}|tr " " "|"`
    egrep "$cmd" /pizza/md5.log
}
 
main(){
    md5
    crack_num
}
main 

利用time命令对比两个版本的时间

time sh 8_random_crack.sh

9、检查多个网站地址是否正常

要求

1、使用shell数组方法，检测策略精良模拟用户访问

2、每10秒种做一次所有的检测，无法访问的输出报警

3、待检测网址如下

https://www.cnblogs.com/yxiaodao/

https://www.baidu.com/

检测工具：

url

curl

wget

脚本编码

. /etc/init.d/functions
url=(
https://www.cnblogs.com/yxiaodao/
https://www.baidu.com/
)
check_url(){
    wget -t  -T  -o /dev/null -q $
    if [ $? -eq  ]
    then
        action "$1 is ok" /bin/true
    else
        action "$1 is lost" /bin/false
    fi
}
 
DealUrl(){
    for url in ${url[*]}
    do
        check_url $url
    done
}
 
main(){
    while true
    do
        DealUrl
        sleep
    done
 
}
main 

修改题目，不用数组，将网址放在文件中，做如下修改

DealUrl(){
    while read line
    do
        check_url $line
    done < ./pizza/url.log
}

有一个问题，在我们操作完后，会产生大量的网页文件，因为我们的命令将网页下载了

需要在命令中添加参数 -- spider

10、利用Shell编程分析Web日志解决Dos攻击生产案例

DOS  Deny  of  Service

DDOS  分布式dos攻击

请根据web日志或者网络连接数，监控当某个IP并发连接数或者短时间内PV达到100（根据实际情况设定），即调用防火墙命令封掉对应的IP。

防火墙命令：iptables  -l  INPUT  -s  IP地址  -j  DROP

分析：

1、web日志或者网络连接数

　　日志文件，netstat  -an | grep  -i  est，排序去重

2、判断PV 或者连接数大于100 ，取出IP ，封IP

IP 在日志的第一列，取到IP---->排序---->统计数量----> 按数量从大到小排序

[root@web- /server/scripts]# awk '{print $1}' access_2010--.log |sort|uniq -c|sort -rn
      59.33.26.105
      123.122.65.226
       124.115.4.18

也能通过awk的数组来完成

[root@web- /server/scripts]# awk '{S[$1]++}END{for(key in S) print S[key],key}' access_2010--.log |sort -rn
 59.33.26.105
 123.122.65.226
 124.115.4.18

编码脚本

   awk '{S[$1]++}END{for(key in S) print S[key],key}' access_2010--.log |sort -rn > /pizza/ip.log
  while read line
  do
      ip=`echo $line|awk '{print $2}'`
      count=`echo $line|awk '{print $1}'`
      if [ $count -gt  -a `grep $ip /pizza/drop.log|wc -l` -lt   ]
      then
          iptables -I INPUT -s $ip -j DROP &&\
              echo "$ip" >>/pizza/drop.log
      else
          echo "$ip" >>/pizza/accept.log
      fi
  done</pizza/ip.log

本次采用了读取drop.log日志的方法，也可以采用查看 iptables -nL的方法

10、利用Shell编程分析Linux服务器网络链接数解决DOS攻击生产案例实践

还是上一个题，上面的题监控的是web日志，本次是监控网络链接数实现

命令：ESTABLISHED 正在建立的链接状态

[root@web- /server/scripts]# netstat -an |grep -i ESTABLISHED
Active Internet connections (servers and established)
tcp               172.17.214.84:     107.175.240.135:    ESTABLISHED
tcp               172.17.214.84:     100.100.30.25:        ESTABLISHED
tcp              172.17.214.84:        163.125.30.51:     ESTABLISHED
Active UNIX domain sockets (servers and established)

获取外部地址，统计，排序（为方便，将命令的输出到了日志）

[root@web- ~]# awk '/ESTAB/{print $0}' netstat.log|awk -F "[ :]+" '{print $(NF-3)}'|sort|uniq -c|sort -rn

高级写法，通过awk数组

[root@web- ~]# awk -F "[ :]+" '/ESTAB/{S[$(NF-3)]++}END{for(k in S) print S[k],k}' netstat.log | sort -rn |head

不用日志，用netstat -an

[root@web- ~]# netstat -an|awk -F "[ :]+" '/ESTAB/{S[$(NF-2)]++}END{for(k in S) print S[k],k}' | head
 163.125.30.51
 100.100.30.25
 107.175.240.135
因数据差异，具体命令中参数还要自己调

脚本编写，只需修改前一个脚本的第一行获取ip的命令即可

netstat -an|awk -F "[ :]+" '/ESTAB/{S[$(NF-2)]++}END{for(k in S) print S[k],k}'|head >/pizza/ip.log
 
while read line
do
    ip=`echo $line|awk '{print $2}'`
    count=`echo $line|awk '{print $1}'`
    if [ $count -gt  -a `grep $ip /pizza/drop.log|wc -l` -lt   ]
    then
        iptables -I INPUT -s $ip -j DROP &&\
            echo "$ip" >>/pizza/drop.log
    else
        echo "$ip" >>/pizza/accept.log
    fi
done</pizza/ip.log 
在实际工作中，可以设置定时任务，每3分钟执行一次，每天晚上0点取消

11、开发MySQL服务启动停止脚本

要求：用函数，case语句，if语句等实现 /etc/init.d/mysqld  {start | stop | restart} 命令

分析：

1、启动

mysqld_safe  --user=mysql &

2、停止

mysqladmin  -uroot  -ppasswd  shutdown

killall，pkill（参考之前写的rsync 第九章-case结构条件句）

3、脚本编码

看一下mysql的pid的文件位置

# 定义锁文件
lockfile=/var/lock/subsys/mysqld
# 定义变量，指定mysqld的的pid,是需要自己mysql的conf中去创建
mysql_pid_file_path=/application/mysql/data/`uname -n.pid`
. /etc/init.d/functions
start(){
    mysql_safe --user=mysql &>/dev/null &
    retval=$?
    if [ $retval -eq  ]
    then
        action  "mysql startup ok" /bin/true
        touch $lockfile
        return $retval
    else
        action "mysql startup fail" /bin/false
        return $retval
    fi
}
stop(){
    if test -s "$mysql_pid_file_path"
    then
        mysql_pid=`cat $mysql_pid_file_path`
        if (kill - $mysql_pid &>/dev/null)
        then
            # 为了在重复停止操作的时候，不提示，将其扔到黑洞
            kill $mysql_pi
            retval=$?
            if [ $? -eq  ]
            then
                action "mysql stop ok" /bin/true
                rm -f $lockfile
                return $retval
            else
                action "mysql stop fail" /bin/false
                return $retval
            fi
        else
            echo "mysqld_process is not exit."
            return
        fi
    else
        echo "$mysqld_pid_file_path is not exist,or mysqld does not startup"
    fi
 
}
restart(){
    killall mysql && sleep  && mysql --deamon
    retval=$?
    if [ $? -eq  ]
    then
        action "mysql restart ok" /bin/true
        return $retval
    else
        action "mysql restart fail" /bin/false
        return $retval
    fi
    }
case "$1" in
    start)
        start
        # 我了向外传值
        retval=$?
        ;;
    stop)
        stop
        retval=$?
        ;;
    restart)
        stop
        sleep
        start
        retval=$?
        ;;
 
    *)
        echo "usage:$0 {start|stop|restart}"
        exit
esac
exit $retval

出现问题，启动了，但是没有pid文件

解决：

1、先使用系统的命令开启。

2、通过查看ps -ef |grep mysql 查看 启动参数

添加启动参数 --pid-file=$mysql_pid_file_path

问题：进不去mysql

添加参数--datedir=/application/mysql/data

问题：启动的过程很快，执行脚本后，启动成功，但是没有发现进程和pid，无法进入

1、查看mysql日志

cat /application/mysql/data/web01.err

2、发现使用脚本中的命令，手动也起不来

3、使用系统执行后的启动命令

/bin/sh  /application/masql/bin/mysqld_safe  --datedir=/application/mysql/data  --pid-file=$mysql_pid_file_path

脚本一定要现在命令行测试成功，再写入脚本中

最后一个任务

拷贝到/etc/init.d中 ，变成chkconfig 可已使用的脚本

12、按单词去重排序

In the world of hackers, the kind of answers you get to your technical questions depends as much on the way you ask the questions as on the difficulty of developing the answer. This guide will teach you how to ask questions in a way more likely to get you a satisfactory answer.
Now that use of open source has become widespread, you can often get as good answers from other, more experienced users as from hackers. This is a Good Thing; users tend to be just a little bit more tolerant of the kind of failures newbies often have. Still, treating experienced users like hackers in the ways we recommend here will generally be the most effective way to get useful answers out of them, too.
The first thing to understand is that hackers actually like hard problems and good, thought-provoking questions about them. If we didn't, we wouldn't be here. If you give us an interesting question to chew on we'll be grateful to you; good questions are a stimulus and a gift. Good questions help us develop our understanding, and often reveal problems we might not have noticed or thought about otherwise. Among hackers, “Good question!” is a strong and sincere compliment.
Despite this, hackers have a reputation for meeting simple questions with what looks like hostility or arrogance. It sometimes looks like we're reflexively rude to newbies and the ignorant. But this isn't really true.
What we are, unapologetically, is hostile to people who seem to be unwilling to think or to do their own homework before asking questions. People like that are time sinks — they take without giving back, and they waste time we could have spent on another question more interesting and another person more worthy of an answer. We call people like this “losers” (and for historical reasons we sometimes spell it “lusers”).
We realize that there are many people who just want to use the software we write, and who have no interest in learning technical details. For most people, a computer is merely a tool, a means to an end; they have more important things to do and lives to live. We acknowledge that, and don't expect everyone to take an interest in the technical matters that fascinate us. Nevertheless, our style of answering questions is tuned for people who do take such an interest and are willing to be active participants in problem-solving. That's not going to change. Nor should it; if it did, we would become less effective at the things we do best.
We're (largely) volunteers. We take time out of busy lives to answer questions, and at times we're overwhelmed with them. So we filter ruthlessly. In particular, we throw away questions from people who appear to be losers in order to spend our question-answering time more efficiently, on winners.
If you find this attitude obnoxious, condescending, or arrogant, check your assumptions. We're not asking you to genuflect to us — in fact, most of us would love nothing more than to deal with you as an equal and welcome you into our culture, if you put in the effort required to make that possible. But it's simply not efficient for us to try to help people who are not willing to help themselves. It's OK to be ignorant; it's not OK to play stupid.
So, while it isn't necessary to already be technically competent to get attention from us, it is necessary to demonstrate the kind of attitude that leads to competence — alert, thoughtful, observant, willing to be an active partner in developing a solution. If you can't live with this sort of discrimination, we suggest you pay somebody for a commercial support contract instead of asking hackers to personally donate help to you.
If you decide to come to us for help, you don't want to be one of the losers. You don't want to seem like one, either. The best way to get a rapid and responsive answer is to ask it like a person with smarts, confidence, and clues who just happens to need help on one particular problem.

按单词出现的频率降序排序

1、把空格和符号都转换成空格--排序--统计--排序

2、命令

[root@web- /server/scripts]# cat english.txt |tr "“”! ,.)( " "\n" |sort|uniq -c |sort -rn

方法二：

[root@web- /server/scripts]# cat english.txt |tr "“”! ,.)( " "\n" |awk '{S[$1]++}END{for(k in S) print S[k],k}'|sort -rn

方法三：

cat english.txt |xargs -n1

12、按字母去重排序

按字母出现的频率降序排序

1、使用 grep -o ‘.’  匹配任意 之后，会挨个输出 或者 grep -o "[^ ]"

grep -o "[^ ,.()]" english.txt |awk '{S[$1]++}END{for(k in S) print S[k],k}'|sort -rn

2、awk可以用空做分隔符

sed 's#[ ,\.\]##g' english.txt|awk -F "" '{for(i=0;i<NF;i++)S[$i]++}END{for(k in S) print S[k],k}' |sort -rn

暂时没有设计出过滤换换行符

13、按单词去重排序高级方案

基于上面的awk统计单词

awk -F "[ ,.]" '{for(i=1;i<NF;i++)S[$i]++}END{for(k in S) print S[k],k}' english.txt |sort -rn

教学例题讲解

word文档

合格的运维人员必会的脚本列表

1）系统及各类服务的监控脚本，例如：文件、内存、磁盘、端口，URL监控报警等。

2）监控网站目录下文件是否被篡改，以及站点目录批量被篡改后如何批量恢复的脚本。

3）各类服务Rsync、Nginx、MySQL等的启动及停止专业脚本（使用chkconfig管理）。

4）MySQL主从复制监控报警以及自动处理不复制故障的脚本。

5）一键配置MySQL多实例、一键配置MySQL主从部署脚本。

6）监控HTTP/MySQL/Rsync/NFS/Memcached等服务是否异常的生产脚本。

7）一键软件安装及优化的脚本，比如LANMP、Linux一键优化，一键数据库安装、优化等。

8）MySQL多实例启动脚本，分库、分表自动备份脚本。

9）根据网络连接数以及根据Web日志PV封IP的脚本。

10）监控网站的PV以及流量，并且对流量信息进行统计的脚本。

11）检查Web服务器多个URL地址是否异常的脚本，要可以批量处理且通用。

12）系统的基础优化一键优化的脚本。

13）TCP连接状态及IP统计报警脚本。

14）批量创建用户并设置随机8位密码的脚本