离线安装snmp服务、修改snmp、syslog配置及创建审计员账号shell脚本

工作前准备： 1、将snmp安装包上传至/root 目录下，可以使用u盘，也可以使用传输软件SCP、flashxp 等 2、提高权限 cd /root chmod 777 install-snmp-syslog-auditor.sh 3、删除脚本中的空白行和多余的符号 sed -i 's/\r$//' install-snmp-syslog-auditor.sh 4、执行脚本 ./install-snmp-syslog-auditor.sh （1）角色判断 判断当前登录的用时是否为root用户，防止安装软件时不能进行安装。如果不是root用户将退出脚本执行，否则将继续进行脚本执行。 #!/bin/bash #进行一键安装SNMP创建Shell脚本 # #判断当前用户是否为root if [ "$(id -u)" != "0" ] then echo "This Shell must be run as root" 1>&2 exit else echo "This is running as root" fi （2）检查snmp软件是否安装 if rpm -qa |grep snmp &>/dev/null; then echo "snmpd is already installed." exit else echo "snmpd is not installed!" fi （3）安装snmp服务包 #安装snmp脚本 echo "安装perl依赖" rpm -ivh /root/Linux_snmp/perl-Data-Dumper-2.145-3.el7.x86_64.rpm echo "安装mysql-compat" rpm -ivh /root/Linux_snmp/mysql-community-libs-compat-5.7.33-1.el7.x86_64.rpm echo "--------------安装net-snmp--------------" rpm -ivh /root/Linux_snmp/net-snmp*.rpm --force echo "--------------安装lm--------------" rpm -ivh /root/Linux_snmp/lm_sensors*.rpm --force （4）修改snmp配置文件 snmpd.conf echo "-----gredit snmp.conf----" cd /etc/snmp cp /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.bak echo "give profile permission" chmod 777 snmpd.conf echo "gredit snmp1" sed -i 's/com2sec notConfigUser default public/com2sec notConfigUser 10.225.206.103 tsgz@2018/g' snmpd.conf echo "gredit snmp2" sed -i 's/access notConfigGroup "" any noauth exact systemview none none/access notConfigGroup "" any noauth exact all none none/g' snmpd.conf echo "gredit snmp3" sed -i '56a view all included .1' snmpd.conf echo "gredit snmp4" sed -i '63a rocommunity tsgz@2018 10.225.106.103 -V systemonly' snmpd.conf echo "gredit snmp5" sed -i '64a trap2sink 10.225.206.103 tsgz@2018' snmpd.conf echo "---snmp.conf gredit Successful---" sleep 3s systemctl start snmpd echo "---Service snmpd start---" systemctl enable snmpd echo "--------------'systemctl enable snmpd --------------" systemctl restart snmpd echo "---snmpd restart successful---" echo "--------------chkconfig snmpd on--------------" chkconfig snmpd on systemctl status snmpd sleep 5s （5）修改syslog配置文件 rsyslog.conf echo "-----gredit rsyslog.conf----" cd /etc/ cp rsyslog.conf rsyslog.conf.bak echo "rsyslog.conf back Successful" sed -i 's/#*.* @@remote-host:514/*.* @@10.225.206.102:514/g' rsyslog.conf echo "---rsyslog.conf gredit Successful---" systemctl start rsyslog systemctl restart rsyslog echo "--start rsyslog--" systemctl status rsyslog sleep 4s （6）创建审计员账号 echo -e "RSAAuthentication yes" >>/etc/ssh/sshd_config echo -e "PubkeyAuthentication yes">>/etc/ssh/sshd_config echo -e "AuthorizedKeysFile .ssh/authorized_keys">>/etc/ssh/sshd_config echo -e "write successful......." sleep 3s useradd -m -d /home/tsgzAuditor -s /bin/bash tsgzAuditor echo "The tsgzAuditor is created....." mkdir /home/tsgzAuditor/.ssh echo "Where is /home/tsgzAuditor build .shh direct" touch /home/tsgzAuditor/.ssh/authorized_keys echo "在/home/tsgzAuditor/.ssh/ build 'authorized_keys' profile" chown -R tsgzAuditor:tsgzAuditor /home/tsgzAuditor/ echo "give .ssh permission......." cat /root/id_rsa_1024.pub >>/home/tsgzAuditor/.ssh/authorized_keys echo "authorized_keys write connact of id_rsa_1024.pub ......." chmod 700 /home/tsgzAuditor/.ssh echo "give .ssh permission" chmod 600 /home/tsgzAuditor/.ssh/authorized_keys echo "give authorized_keys permission" service sshd restart echo "restary sshd service" sleep 3s file1=/etc/shadow PASSWD=`cat $file1 | grep tsgzAuditor | awk -F: '{print $5}'` #获得当前用户的密码修改时间 echo "Gets the expiration time of the current password as:$PASSWD" TMP="99999" if [ $PASSWD -eq $TMP ]; then echo "Password update time is not set......" else sed -i "/tsgzAuditor/s#\($PASSWD\)#${TMP}#" $file1 echo "Password update time set successfully........" fi exit 0 (7)手动检查配置文件是否正确