加入收藏 | 设为首页 | 会员中心 | 我要投稿 李大同 (https://www.lidatong.com.cn/)- 科技、建站、经验、云计算、5G、大数据,站长网!
当前位置: 首页 > 大数据 > 正文

管理每台服务器的信任关系

发布时间:2020-12-15 21:09:47 所属栏目:大数据 来源:网络整理
导读:今天PHP站长网 52php.cn把收集自互联网的代码分享给大家,仅供参考。 #!/usr/bin/env perl -w #Description: This script is for looking up,adding,deleting user certification tool !#Date:2011/8/29#Hostgroup is def

以下代码由PHP站长网 52php.cn收集自互联网

现在PHP站长网小编把它分享给大家,仅供参考

#!/usr/bin/env perl -w 
#Description: This script is for looking up,adding,deleting user certification tool !
#Date:2011/8/29
#Hostgroup is defined by yourself !
#Version : 1.1
#####################################################################################

#use warnings;
use diagnostics;
use strict;
use Net::OpenSSH;
use Getopt::Long;
use vars qw($host $show $add $del $name $group $all $cert $role $cmd_line);

my $std;
my $user = 'root';
my $cmd_locate_II = "ls `cat /etc/passwd| grep -v 'nologin'| grep -v 'false' | awk -F: '{print $6"/.ssh/authorized_keys"}'` 2>/dev/null";
my @ip_hash;
my @path;
my $tmp = 0;
my $count = 0;
my ($flag_s,$flag_a,$flag_d,$flag_c);

GetOptions (
	'host=s' => $host,'show!' => $show,'add!' => $add,'del!' => $del,'index=s' => $name,'all!' => $all,'group=s' => $group,'cert!' => $cert,'role=s' => $role,'cmd!' => $cmd_line,);

my %param = (
		user => $user,timeout => 30
);

###########Hostgroup##############
my %hostgroup=(
		'xxx' => "xxx xxx xxx",#ip地址
);

#[Main]#
##################Show##################
if($show and not defined($add) and not defined($del) and not defined($cmd_line)){
	if($host and not defined($name) and not defined($group) and not defined($all) and not defined($role)){
		&sShow($host,$cmd_locate_II);
		print "nt t t*******Done !*******nn";
	}
	
	if($host and $name and not defined($group) and not defined($all) and not defined($role)){
		&mShow($host,$cmd_locate_II);
		print "nt t t*******Done !*******nn";
	}

	if($group and not defined($name) and not defined($all) and not defined($host) and not defined($role)){
		@ip_hash=split / /,$hostgroup{$group};
		foreach my $ip(@ip_hash){
			&sShow($ip,$cmd_locate_II);
		}
		print "nt t t*******Done !*******nn";		
	}
	
	if($name and $group and not defined($all) and not defined($host) and not defined($role)){
		@ip_hash=split / /,$hostgroup{$group};
		print"t t[---------------Certification $name in $group platform :--------------n";
		foreach my $ip(@ip_hash){
			&mShow($ip,$cmd_locate_II);
			$count = 0;
		}
	print "nt t t*******Done !*******nn";
	}

	if($name and $all and not defined($host) and not defined($group) and not defined($role)){
		my @tmp_ip=&ipLoop;
		foreach my $ip(@tmp_ip){
			&mShow($ip,$cmd_locate_II);
			$count = 0;
		}
	print "nt t t*******Done !*******nn";
	}

	if($all and not defined($name) and not defined($group) and not defined($host) and not defined($role)){
		my @tmp_ip = &ipLoop;
		foreach(@tmp_ip){
			&sShow($_,$cmd_locate_II);		
		}
		print "nt t t*******Done !*******nn";
	}

	if($host and $role and $name and not defined($all) and not defined($group)){
		print "t t[-------------------<<[$host]>>------------------]n";
		&roleSSH($host,$role);
		print "nt t t*******Done !*******nn";
	}
	
	if($group and $role and $name and not defined($all) and not defined($host)){
		@ip_hash = split / /,$hostgroup{$group};
		foreach(@ip_hash){
			print "t t[------------------<<[$_]>>------------------]n";
			&roleSSH($_,$role);
		}
		print "nt t t*******Done !*******nn";
	}	
 
	if($all and $role and not defined($group) and not defined($host) and $name){
		my @tmp_ip = &ipLoop;
		foreach(@tmp_ip){
			print "[-----------------<<[$_]>>------------------]n";
			&roleSSH($_,$role);
		}
		print "nt t t*******Done !*******nn";
	}

	if($host and $role and not defined($name) and not defined($all) and not defined($group)){
		print "t t[-------------------<<[$host]>>------------------]n";
		&roleSSH($host,$role);
		print "nt t t*******Done !*******nn";
	}
	
	if($group and $role and not defined($name) and not defined($all) and not defined($host)){
		@ip_hash = split / /,$role);
		}
		print "nt t t*******Done !*******nn";
	}	
 
	if($all and $role and not defined($group) and not defined($host) and not defined($name)){
		my @tmp_ip = &ipLoop;
		foreach(@tmp_ip){
			print "[-----------------<<[$_]>>------------------]n";
			&roleSSH($_,$role);
		}
		print "nt t t*******Done !*******nn";
	}
}elsif(not defined($add) and not defined($del) and not defined($cmd_line)){ 
	$flag_s = 's';
	&Usage if $flag_s eq 's';
}

##################Add#####################

if($add and not defined($del) and not defined($cmd_line) and not defined($show)){
	if($host and $role and not defined($group) and not defined($all)){
		print "Please enter your certification : ";
		my $id_rsa = <STDIN>;
		chomp($id_rsa);
		&sConsole;
		&sAdd($host,$cmd_locate_II,$id_rsa);
		print "nt t t t*******Done!*******nn";
	}
	
	if($all and $role and not defined($host) and not defined($group)){
		my @tmp_ip = &ipLoop;
		print "Please enter your certification : ";
		my $id_rsa = <STDIN>;
		chomp($id_rsa);
		&sConsole;
		foreach my $ip(@tmp_ip){
			$std=&SSH($ip,$cmd_locate_II);
			@path=split /n/,$std;
			my @cus_path = grep /$role/,@path;
			foreach my $p(@path){
				if($cus_path[0] eq $p){
					my $cmd_echo = "echo '$id_rsa' >> $p && echo 't t t t*******<'$ip'><'$p'> successful! *******'";
					$std = &SSH($ip,$cmd_echo);
					print "$std";
				}
			}
		}
	print "nt t t t*******Done !*******nn";	
	}

	if($group and $role and not defined($host) and not defined($all)){
		print "Please enter your certification : ";
		my $id_rsa = <STDIN>;
		chomp($id_rsa);
		&sConsole;
		@ip_hash=split / /,$hostgroup{$group};
		foreach (@ip_hash){
			&sAdd($_,$id_rsa);
		}
	print "nt t t t*******Done !*******nn";
	}
}elsif(not defined($show) and not defined($del) and not defined($cmd_line)){
	$flag_a = 'a';
	&Usage if $flag_a eq 'a' and $flag_s ne 's';
}

#######################Del###########################

if($del and not defined($show) and not defined($add) and not defined($cmd_line)){
	if($host and $role and $name and not defined($group) and not defined($all)){
		&sConsole;
		&sDel($host,$cmd_locate_II);
		print "nt t t t*******Done !*******nn";
	}

	if($group and $name and $role and not defined($host) and not defined($all)){
		@ip_hash = split / /,$hostgroup{$group};
		&sConsole;
		foreach(@ip_hash){
			&sDel($_,$cmd_locate_II);
			print "nt t t t*******Done !*******nn";
		}
	}

	if($all and $name and $role and not defined($host) and not defined($group)){
		my @tmp_ip = &ipLoop;
		&sConsole;
		foreach my $ip(@tmp_ip){
			$std=&SSH($ip,@path;
			foreach my $p(@path){
				if($cus_path[0] eq $p){
					my $cmd_del = "sed -i '/$name/d' $p && echo 't t t t*******<$ip>successful!*******'";
					$std = &SSH($ip,$cmd_del);
					print "$std";
				}
			}
		}
	print "nt t t t*******Done !*******nn";	
	}
}elsif(not defined($show) and not defined($add) and not defined($cmd_line)){
	$flag_d = 'd';
	&Usage if $flag_s ne 's' and $flag_a ne 'a' and $flag_d eq 'd';
}

if($cmd_line and not defined($add) and not defined($show) and not defined($del)){
  if($host and not defined($group) and not defined($all)){
    print "Please input your command : ";
    my $icmd = <STDIN>;
    chomp($icmd);
    &sCmd($host,$icmd);
    print "n t t t t******* Done ! *******nn";
  }

  if($group and not defined($host) and not defined($all)){
    print "Please input your command : ";
    my $icmd = <STDIN>;
    chomp($icmd);
    @ip_hash = split / /,$hostgroup{$group};
    foreach(@ip_hash){
      &sCmd($_,$icmd);
    }
    print "n t t t t******* Done ! *******nn";
  }

  if($all and not defined($group) and not defined($host)){
    print "Please input your command : ";
    my $icmd = <STDIN>;
    chomp($icmd);
    &sCmd($host,$icmd);
    my @tmp_ip = &ipLoop;
    foreach (@tmp_ip){
      &sCmd($_,$icmd);
    }
    print "nt t t t******* Done ! *******nn";
  }
}elsif(not defined($show) and not defined($add) and not defined($del)){
    $flag_c = 'c';
    &Usage if $flag_s ne 's' and $flag_a ne 'a' and $flag_d eq 'd' and $flag_c eq 'c';
}

######FUNCTION#####
###Usage for help###

sub Usage{
	print <<EOF;
	-host <ip> : Input the host ip for searching;
	-group <group name> : Input the groupname for searching;
	-all : Searching the whole hosts ip;
	-show : Display the host which have specified certifications;
	-del : Delete a name you choose for the host which have specified certifications with [-all && -dirpath|-group|-host];
	-add : Add a name you choose for the host which have specified certifications with [-all && -dirpath|-group|-host]; 
	-dirpath <pathname> : Input a path;
	-index <name> : Input searching index;
	-cert : Display whole certification;
	-role : Display specified user role;
	-cmd : useradd userdel groupadd groupdel are permitted !
	example:
		If you want to show a single host which has certification: 
				certmgr -host [ip] -show [-role] <rolename> [-cert]
		If you want to show whole host which have spicified certifications:
				certmgr -all -show -index <name> [-role] <rolename>
		If you want to show hostgroup which have spicified certifications:
				certmgr -show -group <groupname> -index <name>  [-role] <rolename>
		If you want to show hostgroup all certifications:
				certmgr -show -all [-cert]
		If you want to add a certification on a host:
				certmgr -add -host <ip> 
		If you want to add a certification on the whole hostgroup:
				certmgr -add -all -role <rolename>
		If you want to add a certification on a hostgroup:
				certmgr -add -group <groupname> -dirpath <dirpath>
		If you want to delelte a specified certification on a host:
				certmgr -del -host -index <name>
		If you want to delelte a specified certification on a hostgroup:
				certmgr -del -group <groupname> -index <name>
		If you want to add a specified certification on the whole hostgroup:
				certmgr -del -all -index <name> -role <rolename>
		If you want to input a cmd in a host or hostgroup which you chose:
				certmgr -host [-all | -group <groupname>] <hostname> -cmd 
				cmd no accept special symbol !
EOF
	exit;
}

sub SSH{
	 my $ssh = Net::OpenSSH->new($_[0],%param);
 	 my ($stdout,$stderr) = $ssh->capture2($_[1]);
 	 if($stdout){
 			return $stdout;
   }else{
      print $ssh->error;
      $stderr and return $stderr;
    }
}

sub ipLoop{
	my @all_ip;
	foreach(values(%hostgroup)){
		my @split_ip = split / /,$_;
		foreach(@split_ip){
			push @all_ip,$_; 
		}
	}
return @all_ip;
}

sub roleCheck{
	if(/^/root/){
		print "nttRole : rootnn";
	}elsif(/^/w+/(w+)//){
		print "nttRole : $1nn";
	}
}

sub roleSSH{
	my ($ip_role,$r_path) = @_;
	my $cmd_role = "cat /etc/passwd | grep '$r_path' | awk -F: '{print $6}'";
	$std = &SSH($ip_role,$cmd_role);
	$std =~ s/s+//.ssh/authorized_keys/ if $std;
	if($std){
		my $cmd_cat_role = $name ? "cat -n $std | grep $name" : "cat -n $std";
		$std = &SSH($ip_role,$cmd_cat_role);
		print "$std" if $std;
	}else{
		print "nt t tNo such user role !nn";
	}
}

sub sShow{
	my ($ip_role,$cmd) = @_;
	$std = &SSH($ip_role,$cmd);
	chomp($std);
	@path = split /n/,$std;
	print "<[--------------[$ip_role] has this certifications :-------------]>n";
	foreach my $p(@path){
		my $cmd_show = $cert ? "cat -n $p" : "cat -n $p |awk '{print "tt" $1 "  "$4}'|cut -d'@' -f1";
		$std = &SSH($ip_role,$cmd_show);
		print "nt[This Path : {$p} ]n" if $std;
		print "$std";
	}
	@path = ();
}

sub mShow{
	my ($ip_role,$cmd) = @_;
	$std=&SSH($ip_role,$std;
	print "t t<[------------------<<[$ip_role]>>-----------------]>n";
	foreach my $p(@path){
		my $cmd_search_name = "cat -n $p | grep $name | awk '{a++} END {print a}'";
		$std = &SSH($ip_role,$cmd_search_name);
		$tmp = $std and print"nt[$p] >>> cetification times: $tmp" if $std and $std ne "n";
		$_ = $p and &roleCheck($_) if $std ne "n";
		$count = $count+$tmp;
		$tmp = 0;
	}
	print "nttTotal times : $countnn";
}

sub sAdd{
	my ($ip_role,$cmd,$rsa) = @_;
	$std = &SSH($ip_role,$cmd);
	@path = split /n/,$std;
	my @cus_path = grep /$role/,@path;
	my $cmd_echo = "echo '$rsa' >> @cus_path && echo 't t t t*******[$ip_role] successful!*******'";
	$std = &SSH($ip_role,$cmd_echo);
	print "$std";
	print "n";
}

sub sDel{
	my ($ip_role,$cmd);
	my @path = split /n/,@path;
	my $cmd_del = "sed -i '/$name/d' @cus_path && echo 't t t t*******[$ip_role] successful!*******'";
	$std = &SSH($ip_role,$cmd_del);
	print "$std";
	print "n";
}

sub sCmd{
	my ($ip_role,$cmd) = @_;
	if(defined($cmd)){
		if($cmd =~ m/useradd/){
			my $uname = $cmd;
			$uname =~ s/.*s(w+)$/$1/;
			$uname =~ s/(w*)//home/$1/.ssh/;
			if(-d $uname){
				print "The directory already exits !n";
				exit;
			}else{
				$cmd =~ s/$/&&mkdir -p $uname&&touch $uname/authorized_keys&&echo "Successful"/;
				$std = &SSH($ip_role,$cmd);
				print "ntttt$std n";
			}
		}elsif($cmd =~ m/userdel/){
			$cmd =~ s/$/&&echo "Successful"/;
			$std = &SSH($ip_role,$cmd);
			print "ntttt$std n";
		}elsif($cmd =~ m/groupadd/){
			$cmd =~ s/$/&&echo "Successful"/;
			$std = &SSH($ip_role,$cmd);
			print "ntttt$std n";
		}elsif($cmd =~ m/groupdel/){
			$cmd =~ s/$/&&echo "Successful"/;
			$std = &SSH($ip_role,$cmd);
			print "ntttt$std n";
		}else{
			print "Sorry these [useradd | userdel | groupadd | groupdel] are permitted !n";
			exit;
		}
	}else{
		exit;
	}
}

sub sConsole{
	print "Are you sure ? [yes|no]: ";
	my $input = <STDIN>;
	chomp($input);
	if($input eq 'yes'){
		print "nttttOK ! Starting !nn";
	}else{
		exit;
	}
}
###END###

以上内容由PHP站长网【52php.cn】收集整理供大家参考研究

如果以上内容对您有帮助,欢迎收藏、点赞、推荐、分享。

(编辑:李大同)

【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容!

    推荐文章
      热点阅读