Two virtual machines, all to be detected
1. is yum available
2. Firewall default zone modified to trusted
3. Whether the IP address is configured
#######################################################
Second, ordinary users (must restore the environment)
Client access to the service-side Nfs-server service,
The server will determine the permissions of the local user with the same UID as the client.
LDAP: Network user, providing user name
Kerberos: Password authentication, implementation of "One-time password authentication, multiple free login" pass mechanism
1. Two virtual machines run scripts to join LDAP and Kerberos
# Lab NFSKRB5 Setup
2. The server modifies the configuration file to create a read-write share
[Email protected] ~]# mkdir/test
[Email protected] ~]# Vim/etc/exports
/test * (rw,sec=krb5p)
3. Server-side deployment of encrypted keys
# wget Http://172.25.254.254/pub/keytabs/server0.keytab-O/etc/krb5.keytab
# Ls/etc/krb5.keytab
4. Service end multiplicity from Nfs-server and Nfs-secure-server
# systemctl Restart Nfs-server nfs-secure-server
5. Service side guarantee Ldapuser0 user has Write permission, set local permissions
[Email protected] ~]# setfacl-m u:ldapuser0:rwx/test
[Email protected] ~]# getfacl/test
6. Client Access and Mount sharing
[Email protected] ~]# showmount-e 172.25.0.11
[Email protected] ~]# Mkdir/mnt/nfs
[Email protected] ~]# Vim/etc/fstab
172.25.0.11:/test/mnt/nfs NFS _netdev,sec=krb5p 0 0
7. Client deployment key file, restart related services
# wget Http://172.25.254.254/pub/keytabs/desktop0.keytab-O/etc/krb5.keytab
# Systemctl Restart NFS Nfs-secure
8. Client-side verification mount, write (must be in SSH mode, SU without Kerberos authentication)
[Email protected] ~]# mount-a
[Email protected] ~]# df-h
[[email protected] ~]# ssh [email protected]
[Email protected] ~]$ cd/mnt/nfs/
[[email protected] nfs]$ Touch 1.txt
[[email protected] nfs]$ ls
1.txt
[[Email protected] nfs]$ exit
########################################################
Shell Script
Script: Can execute the file, after running can implement some function (command stack, non-interactive)
Standardize the general composition of shell scripts
#! Environmental Statement (Sha-bang)
# comment Text
Executable code
I. Writing the first script program
[Email protected] ~]# vim/root/1.sh
#!/bin/bash
echo Hello World
Hostname
Cat/etc/redhat-release
Ifconfig | head-2 | Tail-1
[Email protected] ~]#/root/1.sh
Second, write for SERVER0 automatically build Yum script
[Email protected] ~]# vim/root/yum.sh
#!/bin/bash
rm-rf/etc/yum.repos.d/*
Echo ' [DVD]
Name=dvd
baseurl=http://172.25.254.254/content/rhel7.0/x86_64/dvd/
Enabled=1
Gpgcheck=0 ' >/etc/yum.repos.d/haha.repo
Yum Clean All
Yum Repolist
[Email protected] ~]# chmod +x/root/yum.sh
[Email protected] ~]#/root/yum.sh
Pipeline Delivery
Use | Pipeline operation
– The standard output from the previous command is given to the latter command to process
Third, redirect output
Collect only the correct output from the previous command
2>: Collect only the error output from the previous command
&>: Collect errors and correct output from the previous command
[Email protected] ~]# echo 123 >/opt/1.txt
[Email protected] ~]# Cat/opt/1.txt
[Email protected] ~]# cat/opt/1.txt/etc/
[Email protected] ~]# cat/opt/1.txt/etc/>/opt/a.txt
[Email protected] ~]# Cat/opt/a.txt
[Email protected] ~]# cat/opt/1.txt/etc/2>/opt/a.txt
[Email protected] ~]# Cat/opt/a.txt
[Email protected] ~]# cat/opt/1.txt/etc/&>/opt/a.txt
[Email protected] ~]# Cat/opt/a.txt
######################################################
Iii. writing a script to create a user and set a password
/dev/null #Linux黑洞设备, designed to collect not output results
[Email protected] ~]# vim/root/user.sh
#!/bin/bash
Useradd test06 &>/dev/null
Echo Test06 created successfully
Echo 123 | passwd--stdin test06 &>/dev/null
echo test06 Password Setup succeeded
[Email protected] ~]# chmod +x/root/user.sh
[Email protected] ~]#/root/user.sh
Variables: In order to increase the ability of the script's applicable environment, increase the flexibility of the script, convenient.
Variables: containers, with immutable names, store changed values
Variable name = changed value
Use variable: $ variable name
To reduce the difficulty of using scripts, you can create interactive
READ: Can generate interaction to assign the contents of the keyboard input to a variable
[Email protected] ~]# vim/root/user.sh
#!/bin/bash
Read-p ' Please enter the user you want to create: ' Users
Read-p ' Please enter the password you want to set: ' Pass
Useradd $user &>/dev/null
Echo $user created successfully
echo $pass | passwd--stdin $user &>/dev/null
echo $user Password Setup succeeded
[Email protected] ~]#/root/user.sh
#########################################################
What is a variable
Values that are stored as immutable names that may vary
– Variable name = variable Value
– Easy to reuse a value with a fixed name
– Improved adaptability to mission requirements and operational environment changes
Considerations when setting a variable
– If the specified variable name already exists, it is equivalent to re-assigning a value to this variable
– Don't have spaces on both sides of the equals sign
– Variable names are made up of letters/numbers/underscores, case-sensitive
– Variable names cannot start with a number, do not use keywords and special characters
Basic format
– Reference variable Value: $ variable Name
– View variable values: Echo $ variable name, echo ${variable name}
Types of variables
Positional variables
Command-line arguments (non-interactive pass-through values) that are provided when the script is executed
[Email protected] ~]# vim/root/2.sh
#!/bin/bash
echo $
Echo
echo $
Echo ${10}
Echo ${11}
#/root/2.sh haha benniu xixi hehe lele DC TC DZ TZ 100 200
[Email protected] ~]# vim/root/3.sh
#!/bin/bash
Cat-n $ | Head-$2
[Email protected] ~]#/ROOT/3.SH/ETC/PASSWD 2
[Email protected] ~]#/ROOT/3.SH/ETC/PASSWD 3
Pre-defined variables
The execution information used to save the script
– Use these variables directly
– You cannot assign values directly to these variables
$# The number of position variables that have been loaded
$* values for all positional variables
$? Status value after program exit, 0 indicates normal, other value is abnormal
[Email protected] ~]# vim/root/2.sh
#!/bin/bash
echo $
Echo
echo $
Echo ${10}
Echo ${11}
Echo $#
Echo $*
[[email protected] ~]#/root/2.sh 1 2 3 4 5 6 7 8 9 10 11
########################################################
Operation
[[email protected] ~]# expr 10/3
[[email protected] ~]# Expr 10 \* 3
[[email protected] ~]# Expr 1 + 2
[[email protected] ~]# expr 3-1
[[email protected] ~]# Expr 3 #取余数 operation
$ (): The output of the command, as a parameter
[[Email protected] opt]# Date
[Email protected] opt]# date +%f
[Email protected] opt]# cd/opt
[[email protected] opt]# mkdir $ (date +%f)
[[email protected] opt]# ls
[Email protected] opt]# mkdir mydir-$ (date +%f)
[[email protected] opt]# ls
[Email protected] opt]# mkdir mariadb-$ (date +%f)
[[email protected] opt]# ls
[[email protected] opt]# mkdir $ (hostname)-$ (date +%f)
#######################################################
Common Test Options
Check file status
-e: Document exists as true
-D: Document exists and is directory-True
-F: Document exists and is file-true
-r: Document exists with Read permission true
-W: Document exists with Write permission true
-X: Document exists with Execute permission true
Compare integer size (with E equals two words, g means greater than, L is less than)
-GT: Greater Than
-ge: greater than or equal to
-eq: Equals
-ne: Not equal to
-LT: Less than
-le: Less than or equal to
string alignment
= =: Equal
! =: Not Equal
########################################################
If [condition test]; Then
Command sequence XX
Else
Command Sequence yy
Fi
[Email protected]/]# vim/root/5.sh
#!/bin/bash
If [$1-eq $];then
echo Hello
Else
echo Hi
Fi
[Email protected]/]#/root/5.sh 1 1
[Email protected]/]#/root/5.sh 1 2
Please write a script:
The user enters an IP address (read) to determine if it can communicate with the IP address.
Can output "IP OK" otherwise output "IP No"
[Email protected]/]# vim/root/6.sh
#!/bin/bash
Read-p ' Please enter an IP address: ' IP
Ping-c 2 $ip &>/dev/null
If [$?-eq 0];then
Echo ${ip} OK
Else
Echo ${ip} No
Fi
[Email protected]/]#/root/6.sh
######################################################
If [condition test 1]; Then
Command sequence XX
elif [condition Test 2]; Then
Command Sequence yy
Else
Command Sequence ZZ
Fi
Score greater than or equal to 90 excellent
Greater than or equal to 80 good
Greater than or equal to 70 pass
Greater than or equal to 60 still requires effort
60 below in the cattle of Chopin, also can not play the elder brother Sadness
[Email protected] ~]# vim/root/8.sh
#!/bin/bash
Read-p ' Please enter your score: ' num
If [$num-gt];then
Echo score is wrong
elif [$num-lt 0];then
Echo score is wrong
elif [$num-ge];then
Echo Excellent
elif [$num-ge];then
echo Good
elif [$num-ge];then
Echo Pass.
elif [$num-ge];then
Echo still needs to work hard
Else
echo in the Ox Chopin, also can not play the elder brother Sadness
Fi
#####################################################
Create a/root/foo.sh script on Server0
1) When running/root/foo.sh Redhat, the output is Fedora
2) When running/root/foo.sh fedora, output is Redhat
3) when no parameters or parameters are not redhat or
When fedora, its error output produces the following information:
/root/foo.sh Redhat|fedora
": The output of all special characters as normal text characters
[Email protected] ~]# vim/root/foo.sh
#!/bin/bash
if [= = = Redhat];then
echo Fedora
elif [= = = Fedora];then
Echo Redhat
Else
Echo '/root/foo.sh Redhat|fedora '
Fi
[Email protected] ~]#/root/foo.sh Redhat
[Email protected] ~]#/root/foo.sh Fedora
[Email protected] ~]#/root/foo.sh haha
#!/bin/bash
If [$#-eq 0];then
Echo '/root/foo.sh Redhat|fedora '
elif [= = Redhat];then
echo Fedora
elif [= = = Fedora];then
Echo Redhat
Else
Echo '/root/foo.sh Redhat|fedora '
Fi
"": You can Change "no" to "null"
#!/bin/bash
If ["$" = = Redhat];then
echo Fedora
elif ["$" = = Fedora];then
Echo Redhat
Else
Echo '/root/foo.sh Redhat|fedora ' >&2 #将正确输出变成错误
Exit 2 #脚本退出返回值
Fi
####################################################
For loop structure
Loop structure: The repeated execution of the statement, loop to execute
For variable name in value list
Do
Command sequence
Done
[Email protected]/]# vim/root/for.sh
#!/bin/bash
For a in 1 2 3 4 5
Do
Useradd nsd$a
Echo Nsd$a created successfully
Done
[Email protected]/]# vim/root/for02.sh
#!/bin/bash
For a in 1 2 3 4 5
Do
echo Hello
Done
######################################################
Case 5: Write a bulk Add user script
Create a/root/batchusers script on Server0
1) This script requires a user name list file as a parameter
2) If no parameters are provided, this script should give a hint
Usage:/root/batchusers, exit and return the corresponding value
3) If a nonexistent file is provided, this script should give a
Show Input file not found, exit and return the corresponding value
4) New User login Shell is/bin/false, no need to set password
5) User list test file:
Http://classroom/pub/materials/userlist
# wgethttp://classroom/pub/materials/userlist
[Email protected]/]# vim/root/batchusers
#!/bin/bash
If [$#-eq 0];then
Echo ' Usage:/root/batchusers ' >&2
Exit 1
Fi
if [!-e $];then
Echo ' Input file not found ' >&2
Exit 2
Fi
For a in $ (cat $)
Do
Useradd-s/bin/false $a
Echo $a created successfully
Done
##################################################
#!/bin/bash
If [$#-eq 0];then
Echo ' Usage:/root/batchusers ' >&2
Exit 1
Fi
If [-E $];then
For a in $ (cat $)
Do
Useradd-s/bin/false $a
Echo $a created successfully
Done
Else
Echo ' Input file not found ' >&2
Exit 2
Fi
Getting started with Linux shell scripts