``` if grep -q "auth sufficient pam_rootok.so" /etc/pam.d/su then sed -i '/auth sufficient pam_rootok.so/s/^#//' /etc/pam.d/su else echo 'auth sufficient pam_rootok.so' >> /etc/pam.d/su fi if grep -q "auth required pam_wheel.so group=wheel" /etc/pam.d/su then sed -i '/auth required pam_wheel.so group=wheel/s/^#//' /etc/pam.d/su else echo 'auth required pam_wheel.so group=wheel' >> /etc/pam.d/su fi if grep -q "export TMOUT=300" /etc/profile then sed -i '/export TMOUT=300/s/^#//' /etc/profile else echo 'export TMOUT=300' >> /etc/profile fi source /etc/profile ```
时间: 2023-09-18 19:06:56 浏览: 100
这段脚本的作用是对一些文件进行修改或添加配置,并且立即应用这些修改。具体解释如下:
1. 首先,检查/etc/pam.d/su文件中是否存在"auth sufficient pam_rootok.so"这一行。如果存在,则使用sed命令将该行的行首的注释符号#去掉,即取消注释;如果不存在,则在文件末尾添加一行"auth sufficient pam_rootok.so"。
2. 接着,检查/etc/pam.d/su文件中是否存在"auth required pam_wheel.so group=wheel"这一行。如果存在,则使用sed命令将该行的行首的注释符号#去掉,即取消注释;如果不存在,则在文件末尾添加一行"auth required pam_wheel.so group=wheel"。
3. 然后,检查/etc/profile文件中是否存在"export TMOUT=300"这一行。如果存在,则使用sed命令将该行的行首的注释符号#去掉,即取消注释;如果不存在,则在文件末尾添加一行"export TMOUT=300"。
4. 最后,使用source命令重新加载/etc/profile文件,以使修改立即生效。
这段脚本的目的是修改或添加一些系统配置,例如su命令的授权和超时时间的设置,并且立即应用这些修改。
相关问题
grep -q "auth sufficient pam_rootok.so" /etc/pam.d/su
这个命令是在 `/etc/pam.d/su` 文件中查找是否存在包含字符串 "auth sufficient pam_rootok.so" 的行,并且使用了 `-q` 选项来禁止输出结果。
具体而言,`grep` 命令用于在文件中搜索指定的模式。在这个命令中,我们搜索的模式是 "auth sufficient pam_rootok.so",文件路径是 `/etc/pam.d/su`。使用 `-q` 选项可以使 `grep` 命令在找到匹配的内容后保持静默,不会输出结果。
如果命令执行成功且没有产生输出,那么表示 `/etc/pam.d/su` 文件中存在一行包含 "auth sufficient pam_rootok.so" 的内容。如果没有找到匹配的内容或者命令执行失败,那么不会有任何输出。
请注意,执行此命令需要有足够的权限访问 `/etc/pam.d/su` 文件。
if [ -f "/etc/pam.d/system-auth" ];then if grep -q "password requisite pam_cracklib.so retry=3 minlen=8 minclass=3 ucredit=-1 lcredit=-1 dcredit=-1 ocredit=-1" /etc/pam.d/system-auth then sed -i '/password requisite pam_cracklib.so retry=3 minlen=8 minclass=3 ucredit=-1 lcredit=-1 dcredit=-1 ocredit=-1/s/^#//' /etc/pam.d/system-auth else echo 'password requisite pam_cracklib.so retry=3 minlen=8 minclass=3 ucredit=-1 lcredit=-1 dcredit=-1 ocredit=-1' >> /etc/pam.d/system-auth fi if grep -q "password required pam_unix.so remember=5 use_authtok md5 shadow" /etc/pam.d/system-auth then sed -i '/password required pam_unix.so remember=5 use_authtok md5 shadow/s/^#//' /etc/pam.d/system-auth else echo 'password required pam_unix.so remember=5 use_authtok md5 shadow' >> /etc/pam.d/system-auth fi fi if [ -f "/etc/pam.d/password-auth-ac" ];then if grep -q "password requisite pam_cracklib.so retry=3 minlen=8 minclass=3 ucredit=-1 lcredit=-1 dcredit=-1 ocredit=-1" /etc/pam.d/password-auth-ac then sed -i '/password requisite pam_cracklib.so retry=3 minlen=8 minclass=3 ucredit=-1 lcredit=-1 dcredit=-1 ocredit=-1/s/^#//' /etc/pam.d/password-auth-ac else echo 'password requisite pam_cracklib.so retry=3 minlen=8 minclass=3 ucredit=-1 lcredit=-1 dcredit=-1 ocredit=-1' >> /etc/pam.d/password-auth-ac fi if grep -q "password required pam_unix.so remember=5 use_authtok md5 shadow" /etc/pam.d/password-auth-ac then sed -i '/password required pam_unix.so remember=5 use_authtok md5 shadow/s/^#//' /etc/pam.d/password-auth-ac else echo 'password required pam_unix.so remember=5 use_authtok md5 shadow' >> /etc/pam.d/password-auth-ac fi fi
以下是将这些命令转换为Python代码的示例:
```python
import subprocess
system_auth_file = '/etc/pam.d/system-auth'
password_auth_ac_file = '/etc/pam.d/password-auth-ac'
# Update system-auth file
if subprocess.call('[ -f "/etc/pam.d/system-auth" ]', shell=True) == 0:
if subprocess.call('grep -q "password requisite pam_cracklib.so retry=3 minlen=8 minclass=3 ucredit=-1 lcredit=-1 dcredit=-1 ocredit=-1" /etc/pam.d/system-auth', shell=True) == 0:
subprocess.call("sed -i '/password requisite pam_cracklib.so retry=3 minlen=8 minclass=3 ucredit=-1 lcredit=-1 dcredit=-1 ocredit=-1/s/^#//' /etc/pam.d/system-auth", shell=True)
else:
subprocess.call("echo 'password requisite pam_cracklib.so retry=3 minlen=8 minclass=3 ucredit=-1 lcredit=-1 dcredit=-1 ocredit=-1' >> /etc/pam.d/system-auth", shell=True)
if subprocess.call('grep -q "password required pam_unix.so remember=5 use_authtok md5 shadow" /etc/pam.d/system-auth', shell=True) == 0:
subprocess.call("sed -i '/password required pam_unix.so remember=5 use_authtok md5 shadow/s/^#//' /etc/pam.d/system-auth", shell=True)
else:
subprocess.call("echo 'password required pam_unix.so remember=5 use_authtok md5 shadow' >> /etc/pam.d/system-auth", shell=True)
# Update password-auth-ac file
if subprocess.call('[ -f "/etc/pam.d/password-auth-ac" ]', shell=True) == 0:
if subprocess.call('grep -q "password requisite pam_cracklib.so retry=3 minlen=8 minclass=3 ucredit=-1 lcredit=-1 dcredit=-1 ocredit=-1" /etc/pam.d/password-auth-ac', shell=True) == 0:
subprocess.call("sed -i '/password requisite pam_cracklib.so retry=3 minlen=8 minclass=3 ucredit=-1 lcredit=-1 dcredit=-1 ocredit=-1/s/^#//' /etc/pam.d/password-auth-ac", shell=True)
else:
subprocess.call("echo 'password requisite pam_cracklib.so retry=3 minlen=8 minclass=3 ucredit=-1 lcredit=-1 dcredit=-1 ocredit=-1' >> /etc/pam.d/password-auth-ac", shell=True)
if subprocess.call('grep -q "password required pam_unix.so remember=5 use_authtok md5 shadow" /etc/pam.d/password-auth-ac', shell=True) == 0:
subprocess.call("sed -i '/password required pam_unix.so remember=5 use_authtok md5 shadow/s/^#//' /etc/pam.d/password-auth-ac", shell=True)
else:
subprocess.call("echo 'password required pam_unix.so remember=5 use_authtok md5 shadow' >> /etc/pam.d/password-auth-ac", shell=True)
```
上面的代码首先检查是否存在`/etc/pam.d/system-auth`文件,如果存在则更新该文件。如果文件中存在`password requisite pam_cracklib.so retry=3 minlen=8 minclass=3 ucredit=-1 lcredit=-1 dcredit=-1 ocredit=-1`行,则将其注释去除,否则将该行添加到文件末尾。接着,检查文件中是否存在`password required pam_unix.so remember=5 use_authtok md5 shadow`行,如果不存在则添加该行到文件末尾。
然后,检查是否存在`/etc/pam.d/password-auth-ac`文件,如果存在则更新该文件。如果文件中存在`password requisite pam_cracklib.so retry=3 minlen=8 minclass=3 ucredit=-1 lcredit=-1 dcredit=-1 ocredit=-1`行,则将其注释去除,否则将该行添加到文件末尾。接着,检查文件中是否存在`password required pam_unix.so remember=5 use_authtok md5 shadow`行,如果不存在则添加该行到文件末尾。
请确保你具有足够的权限来执行这些操作,并将需要修改的文件路径正确添加到`system_auth_file`和`password_auth_ac_file`变量中。运行代码后,命令将被执行。
阅读全文