Exemple #1
0
def install_zabbix_agent():
    print(green("准备安装'zabbix-agent'......"))
    if os.path.exists('/usr/local/zabbix/'):
        print(red("'/usr/local/zabbix/'文件已存在"))
    else:
        file_path = tar_file_path('zabbix_linux_2.6')
        os.system('tar -xvf %s -C /usr/local' % file_path)
    os.system('groupadd zabbix')
    os.system('useradd -g zabbix -M -s /sbin/nologin zabbix')
    os.system('chown -R zabbix.zabbix /usr/local/zabbix')

    zabbix_conf_path = '/usr/local/zabbix/conf/zabbix_agentd.conf'
    print(green("检测'%s'配置文件......" % zabbix_conf_path))
    specs = []
    # Server配置
    if 'zabbix_agentd.Server' in os_dict:
        exp_val = os_dict['zabbix_agentd.Server']
        specs.append(
            Spec('配置Server', zabbix_conf_path, 'Server', exp_val, '=', '='))
    # ServerActive配置
    if 'zabbix_agentd.ServerActive' in os_dict:
        exp_val = os_dict['zabbix_agentd.ServerActive']
        specs.append(
            Spec('配置ServerActive', zabbix_conf_path, 'ServerActive', exp_val,
                 '=', '='))
    # 配置hostname
    ip = get_host()
    specs.append(Spec('配置Hostname', zabbix_conf_path, 'Hostname', ip, '=',
                      '='))
    display_colorful(specs)
    modify_optional(specs)

    # 启动zabbix-agent
    startup_command = '/usr/local/zabbix/sbin/zabbix_agentd -c %s' % zabbix_conf_path
    if promised("是否启动'zabbix-agentd' ? "):
        os.system(startup_command)
    # 开机自启
    if len(
            execute(
                'cat /etc/rc.d/rc.local | grep /usr/local/zabbix/sbin/zabbix_agentd'
            )) == 0:
        if promised('是否开机自启 ? '):
            os.system('chmod a+x /etc/rc.d/rc.local')
            os.system("echo '%s' >> /etc/rc.d/rc.local" % startup_command)
    else:
        print(green('检测到已配置开机自启...'))
    # 设置读权限
    os.system('setfacl -m u:zabbix:r /var/log/messages')
Exemple #2
0
def rpm_install_iperf():
    print(green("准备安装'iperf'......"))
    file_path = rpm_file_path("iperf")
    if len(file_path) > 0:
        if promised("是否安装'%s' ? " % file_path):
            execute('rpm -Uvh %s' % file_path)
            yum_install('iperf')
    else:
        print(red("'iperf'安装包不存在"))
def path_check():
    """
    系统路径检测
    """
    path = str(os.environ.get("PATH"))
    prefix = "系统路径检测"
    if path.find('.:') == -1:
        print("%s [%s]" % (padding(prefix), green("通过")))
    else:
        print("%s [%s]" % (padding(prefix), red("不通过")))
Exemple #4
0
def install_all_required_software():
    yum_install('vim')
    if promised(green("是否安装gcc(如果yum源有问题, 可以ctrl+c在此结束运行)")):
        yum_install('gcc')
    yum_install('telnet')
    yum_install('tar')
    yum_install('zip')
    yum_install('unzip')
    yum_install('lvm2')
    yum_install('firewalld')
    yum_install('bind-utils')  # nslookup
    yum_install('java')
    yum_install(
        'libpcap'
    )  # Fix error "Failed dependencies" when install iftop in some machines
    rpm_install_iftop()
    rpm_install_iperf()
    install_zabbix_agent()
    if promised(green("是否安装nginx(安装时间较长, 没有必要可以不安装)")):
        install_nginx()
def display_colorful(specs, newline_at_end=True):
    for spec in specs:
        pad = padding(spec.desc)
        if spec.status == -2:
            print("%s [%s]" % (pad, red("文件不存在")))
        elif spec.status == -1:
            print(
                "%s [%s]" %
                (pad, red("配置错误, 期望'%s', 实际'%s'" %
                          (spec.exp_val, spec.act_val))))
        elif spec.status == 0:
            print("%s [%s]" % (pad, yellow("未配置")))
        elif spec.status == 1:
            print("%s [%s]" % (pad, green("配置正确")))
    if newline_at_end:
        print("")
Exemple #6
0
def firewall_service_management():
    """防火墙服务管理"""
    # 启动防火墙
    os.system('systemctl start firewalld')
    # 查看允许的服务
    act_service_list = execute('firewall-cmd --list-services')[0:-1].split(" ")
    print(green("实际允许的服务:"))
    print(act_service_list)
    exp_service_list = ['ssh', 'zabbix-agent', 'chronyd']
    need_reload = False
    # 删除非期望的服务
    for act_service in act_service_list:
        if act_service not in exp_service_list and len(act_service) > 0:
            if promised("是否删除'%s'服务 ? " % act_service):
                os.system('firewall-cmd --remove-service=%s --permanent' %
                          act_service)
                need_reload = True
    # 添加期望的服务
    for exp_service in exp_service_list:
        if exp_service not in act_service_list:
            if promised("是否添加'%s'服务 ? " % exp_service):
                if exp_service == 'chronyd':
                    # 自定义服务
                    os.system('firewall-cmd --new-service=chronyd --permanent')
                    os.system(
                        'firewall-cmd --service=chronyd --add-port=323/tcp --permanent'
                    )
                    os.system(
                        'firewall-cmd --service=chronyd --add-port=323/udp --permanent'
                    )
                    # 重新加载, 不然仍会服务无效
                    os.system('firewall-cmd --reload')
                    # 添加
                    os.system('firewall-cmd --add-service=chronyd --permanent')
                else:
                    os.system("firewall-cmd --add-service=%s --permanent" %
                              exp_service)
                need_reload = True
    if need_reload:
        os.system('firewall-cmd --reload')
def password_check():
    """
    口令检测 /etc/shadow
    """
    prefix = "口令检测"
    pad = padding(prefix)
    try:
        f = open("/etc/shadow", "rb")
        context = f.read()
        f.close()
        correct = True
        for line in context.splitlines():
            arr = line.split(b":")
            if arr[1] == "":
                correct = False
                print("%s [%s]" % (pad, red("'%s'密码为空" % arr[0])))
            elif arr[2] == "0":
                correct = False
                print("%s [%s]" % (pad, red("'%s'UID为0" % arr[0])))
        if correct:
            print("%s [%s]" % (pad, green("通过")))
    except IOError:
        print("%s [%s]" % (pad, red("文件不存在")))
Exemple #8
0
def yum_install(name):
    print(green("准备安装'%s'......" % name))
    os.system("yum -y install %s" % name)
Exemple #9
0
def install_nginx():
    if not os.path.exists('/usr/local/nginx') or promised(
            green("检测到nginx已安装, 是否覆盖安装")):
        os.system('sh shell/nginx_install.sh')