用户名 expect 密码
- #!/bin/bash
- # 全局变量:用户名,普通用户密码,root密码
- loginname="xxxx"
- userpwd="xxxx"
- rootpwd="xxxx"
- # 读取iplist(逐行存储IP地址)
- cat /root/iplist | while read line
- do
- ip=($line)
- # scp脚本及ssh登录执行
- /usr/bin/expect<<EOF
- set timeout 10
- spawn scp /root/check_and_fix.sh $loginname@$ip:/home/xxxx
- expect {
- "*yes/no" {send "yesr";exp_continue}
- "*password:" {
- send "$userpwdr"
- expect eof
- }
- }
- spawn ssh $ip -l $loginname -p 22
- expect {
- "*yes/no" {send "yesr";exp_continue}
- "*password:" {
- send "$userpwdr"
- expect "~]$"
- send "su -r"
- expect "*assword:"
- send "$rootpwdr"
- expect "~]#"
- send "md5sum /home/xxx/check_and_fix.shr"
- expect {
- # a4e3eb6a16f78129cf78d67d1c737ce9为上述文件正确的md5值,若正确则执行该脚本
- "a4e3eb6a16f78129cf78d67d1c737ce9" { send "/home/xxxx/check_and_fix.shr"}
- }
- expect {
- "存在漏洞并已修复" { exit 0 }
- # "存在漏洞并已修复"为脚本执行输出结果,匹配后退出expect并向bash提供返回值0
- }
- expect eof
- exit 1 # 若md5值不正确,则匹配上一条expect eof后匹配exit 1,退出expect并向bash返回1
- }
- }
- EOF
- # 记录修复日志
- if [ $? -eq 0 ]
- then
- echo "$ip 漏洞修复完成" >> /var/log/patch.log
- else
- echo "$ip 漏洞修复失败" >> /var/log/patch.log
- fi
- done
来源: http://www.bubuko.com/infodetail-2100087.html