运维自动化时代,手动升级太徒劳了,为了提高效率及准确率,自动化安装是必备的。

下面是通过shell写的脚本。也可以将其应用到ansible上.

准备好安装文件:

openssh-8.0p1.tar.gz

openssl-1.1.0k.tar.gz

zlib-1.2.11.tar.gz

openssl-fips-2.0.16.tar.gz

perl-5.10.0.tar.gz(redhat5以下需要,由于编辑openssl,perl版本最底为5.10.0)

脚本内容如下:

#!/bin/bash
#
#setup && update openssh8.0p1

#Action state
mstate(){
    if [ $? -eq 0 ];then
        echo "--------------------------By installing--------------------------"
    else
    echo "--------------------------Installation failed--------------------"
        exit 1
    fi
}

MDIR=`pwd`

#zlib1.2.11
mzlib(){
if [ -d /usr/local/zlib-1.2.11 ];then
    echo "------------------------zlib-1.2.11 installation complete------------"
else
    echo "-----------------------Start setup zlib------------------------------"
    cd $MDIR
    tar -xzvf zlib-1.2.11.tar.gz >> /dev/null
    cd zlib-1.2.11
    ./configure --prefix=/usr/local/zlib-1.2.11 && make && make install
    mstate
fi
}

#openssl-fips
mopenssl_fips(){
if [ -d /usr/local/ssl/fips-2.0 ];then
    echo "-------------openssl-fips-2.0 installation complete-----------------"
else
    cd $MDIR
    tar -xzvf openssl-fips-2.0.16.tar.gz >> /dev/null
    cd openssl-fips-2.0.16
    ./config && make && make install
    mstate
fi
}

mperl(){
if [ -d /usr/local/perl-5.10.0 ];then
    echo "-------------perl-5.10.0 installation complete----------------------"
else
    cd $MDIR
    tar -xzvf perl-5.10.0.tar.gz >> /dev/null
    cd perl-5.10.0
    ./configure.gnu -des -Dprefix=/usr/local/perl-5.10.0 && make && make install
    mstate
    export PATH=/usr/local/perl-5.10.0/bin:$PATH
fi
}
   
#openssl-1.1.0k
mopenssl(){
if [ -d /usr/local/openssl-1.1.0k ];then
    echo "---------------openssl-1.1.0k installation complete----------------"
else
    echo "-------------------Start setup openssl-----------------------------"
    cd $MDIR
    tar -xzvf openssl-1.1.0k.tar.gz >> /dev/null
    cd openssl-1.1.0k
    ./config --prefix=/usr/local/openssl-1.1.0k --with-fipslibdir=/usr/local/ssl/fips-2.0/lib/ && make && make install
    mstate
    grep /usr/local/openssl-1.1.0k/lib/ /etc/ld.so.conf
    if [ $? -ne 0 ];then
        echo "/usr/local/openssl-1.1.0k/lib/" >> /etc/ld.so.conf
    fi
    ldconfig
fi
}

#openssh-8.0p1
mopenssh(){
if [ -d /usr/local/openssh-8.0p1 ];then
    echo "---------------------openshh-8.0p1 installation complete----------"
else
    echo "----------------------Start setup openssh-------------------------"
    mopenssh_bak
    cd $MDIR
    tar -xzvf openssh-8.0p1.tar.gz >> /dev/null
    cd openssh-8.0p1
    ./configure --prefix=/usr/local/openssh-8.0p1 --sysconfdir=/etc/ssh --with-ssl-dir=/usr/local/openssl-1.1.0k --with-zlib=/usr/local/zlib-1.2.11 --with-md5-passwords && make && make install
    mstate
fi
}

#openssh bak
mopenssh_bak(){
echo "--------bak old openssh config files---------------------------------"
if [ -d /etc/ssh ];then
    mv /etc/ssh /etc/ssh_`date +%Y%m%d`
    echo "-----------------------/etc/ssh mv complete------------------------"
else
    echo "---------------------/etc/ssh no exist-----------------------------"
fi
}

#openssh config (redhat 5 6)
mopenssh_config(){
\cp -a $MDIR/openssh-8.0p1/contrib/redhat/sshd.init /etc/init.d/sshd
sed -i 's/SSHD=\/usr\/sbin\/sshd/SSHD=\/usr\/local\/openssh-8.0p1\/sbin\/sshd/g' /etc/init.d/sshd
sed -i 's/\/usr\/bin\/ssh-keygen -A/\/usr\/local\/openssh-8.0p1\/bin\/ssh-keygen -A/g' /etc/init.d/sshd
chkconfig --add sshd
chkconfig sshd on
}

mopenssh_config7(){
\cp -a $MDIR/openssh-8.0p1/contrib/redhat/sshd.init /etc/init.d/sshd
sed -i 's/SSHD=\/usr\/sbin\/sshd/SSHD=\/usr\/local\/openssh-8.0p1\/sbin\/sshd/g' /etc/init.d/sshd
sed -i 's/\/usr\/bin\/ssh-keygen -A/\/usr\/local\/openssh-8.0p1\/bin\/ssh-keygen -A/g' /etc/init.d/sshd
if [ -f /usr/lib/systemd/system/ssh* ];then
    mv -f /usr/lib/systemd/system/ssh* $MDIR
    echo "-------------------move redhat7 systemctl sshd.service-----------"
else
    echo "-------------------redhat7 systemctl sshd.service no file--------"
fi
chkconfig --add sshd
chkconfig sshd on
}

#openssh path
mopenssh_path(){
grep "export PATH=/usr/local/openssh-8.0p1/bin:$PATH" /etc/profile
if [ $? -ne 0 ];then
    echo "export PATH=/usr/local/openssh-8.0p1/bin:$PATH" >> /etc/profile
    source /etc/profile
fi
}

magain(){
read -p "Please try again(y/Y) :" mresult
if [ $mresult == 'y' ] || [ $mresult == 'Y' ];then
    echo "***************************************************************"
else
    echo "**********************Question*********************************"
    exit 1 
fi
}

mrestart(){
echo "---------------------------sshd service restart--------------------"
service sshd restart

}

m5(){
echo "-------------------------------------------------------------------"
sleep 3
mzlib
echo "-------------------------------------------------------------------"
sleep 3
mopenssl_fips
echo "-------------------------------------------------------------------"
sleep 3
mperl
echo "-------------------------------------------------------------------"
sleep 3
mopenssl
echo "-------------------------------------------------------------------"
sleep 3
mopenssh
echo "-------------------------------------------------------------------"
sleep 3
mopenssh_config
echo "-------------------------------------------------------------------"
sleep 3
mopenssh_path
echo "-------------------------------------------------------------------"
}

m6(){
echo "-------------------------------------------------------------------"
sleep 3
mzlib
echo "-------------------------------------------------------------------"
sleep 3
mopenssl_fips
echo "-------------------------------------------------------------------"
sleep 3
mopenssl
echo "-------------------------------------------------------------------"
sleep 3
mopenssh
echo "-------------------------------------------------------------------"
sleep 3
mopenssh_config
echo "-------------------------------------------------------------------"
sleep 3
mopenssh_path
echo "-------------------------------------------------------------------"
}

m7(){
echo "-------------------------------------------------------------------"
sleep 3
mzlib
echo "-------------------------------------------------------------------"
sleep 3
mopenssl_fips
echo "-------------------------------------------------------------------"
sleep 3
mopenssl
echo "-------------------------------------------------------------------"
sleep 3
mopenssh
echo "-------------------------------------------------------------------"
sleep 3
mopenssh_config7
mopenssh_config
echo "-------------------------------------------------------------------"
sleep 3
mopenssh_path
echo "-------------------------------------------------------------------"
mrestart
}
#system_release
echo "-------------------------system release----------------------------"
cat /etc/redhat-release 
echo "---------------------------select release--------------------------"
PS3="Please select a number(1,2,3,4) :"
select mrelease in redhat5 redhat6 redhat7 Quit
do
    case $mrelease in
    redhat5)
    echo "Start $mrelease Setup openssh"
    echo "---------------------you select redhat5----------------------"
    magain
    echo "--------------------------------------------------------------"
    m5
    echo "--------------------------------------------------------------"
    ;;
    redhat6)
    echo "Start $mrelease Setup openssh"
    echo "---------------------you select redhat6-----------------------"
    magain
    echo "--------------------------------------------------------------"
    m6
    echo "--------------------------------------------------------------"
    ;;
    redhat7)
    echo "Start $mrelease Setup openssh"
    echo "---------------------you select redhat7-----------------------"
    magain
    echo "--------------------------------------------------------------"
    m7
    echo "--------------------------------------------------------------"
    ;;
    Quit)
    echo "---------------------Goodble----------------------------------"
    exit 0
    ;;
    *)
    echo "---------------------Sorry, No release------------------------"
    ;;
    esac
done

最新文章

  1. 【码在江湖】前端少侠的json故事(中)ng的json
  2. UNIX 系统调用函数errno返回值搜集(in updating )
  3. Kafka 分布式的,基于发布/订阅的消息系统
  4. iOS开发——项目篇—高仿百思不得姐
  5. Spring概况
  6. set QUOTED_IDENTIFIER ON事故记录
  7. asp.net GDI+绘制折线
  8. How To Set Up vsftpd on CentOS 6
  9. .NET设计模式(5):工厂方法模式(Factory Method)
  10. HashMap多线程死循环问题
  11. 基于redis 内存数据库简单使用
  12. java与数据结构(6)---java实现链栈
  13. bash 学习笔记(一)
  14. sql server中的 stuff 函数
  15. struts2之高危远程代码执行漏洞,可造成服务器被入侵,下载最新版本进行修复
  16. [ JDK ] 列表转数组 toArray
  17. 【程序员的吃鸡大法】利用OCR文字识别+百度算法搜索,玩转冲顶大会、百万英雄、芝士超人等答题赢奖金游戏
  18. iOS-隐藏Navigationbar【导航栏无缝圆滑的隐藏】
  19. 【Zabbix】zabbix设置邮件报警
  20. Create-react-app+Antd-mobile+Less配置(学习中的记录)

热门文章

  1. rosbag record and play
  2. eclipse和myeclipse怎么在项目中查找指定代码?https://www.jb51.net/softjc/554889.html
  3. cobbler批量安装系统
  4. jmeter的cookie跨线程传递
  5. 【MM系列】SAP MM模块-科目分配的配置
  6. 应用安全 - CMS - vBulletin漏洞汇总
  7. 20191127 Spring Boot官方文档学习(4.10)
  8. [转帖]16nm国内最先进 兆芯展示x86 KX-6000八核处理器
  9. 【监控笔记】【1.3】监控事件系列——SQL Trace(黑盒跟踪 BlackBox Trace)
  10. Vue 2.0 入门系列(14)学习 Vue.js 需要掌握的 es6 (1)