检查ssh是否正在另一个管理员用户上运行并将其终止。 (AppleScript的)

时间:2015-02-26 23:57:00

标签: ssh applescript kill-process multiple-users

我想检查进程'sshd'是否在用户'ladmin'上运行,如果是,则从我的用户'patrick'中删除它。我也是管理员。

这是我的代码:

tell application "System Events"
    set ProcessList to name of every process
    if "sshd" is in ProcessList then
        set ThePID to unix id of process "sshd"
        do shell script "kill -KILL " & ThePID with administrator privileges
    end if
end tell

我的问题是ProcessList只包含我用户的进程。此外,它还只包含某些进程,包括我的所有应用程序以及系统事件和Dock。即使进程sshd在我的用户上,它也不会显示出来。

另外,有没有办法可以将其设置为在启动/登录时运行?

1 个答案:

答案 0 :(得分:0)

这是我自己的答案:

而不是使用set ProcessList to name of every process。 改为使用shell脚本作为root。

set kill_pid to do shell script "ps ax | grep sshd | grep -v grep | awk '{ print $1 }'" password "<PASSWORD>" with administrator privileges

但这引发了一个问题,因为当有人通过SSH访问您的计算机时,三个不同的用户运行sshd进程。

这三个用户是:

根 _sshd

此外,用户_sshd在大约十到二十秒后消失。

因此,这意味着前几秒kill_pid包含三位数的五位数,但在此之后kill_pid只包含两位五位数字。另外,这些数字用空格分隔。

对此的修复非常简单:

set kill_pid to do shell script "echo '" & kill_pid & "'| cut -c 7-"
        if length of kill_pid > 5 then
            set kill_pid to do shell script "echo '" & kill_pid & "'| cut -c 7-"
        end if

总的来说还有更多的问题。如果我希望脚本继续检查sshd而不是只需要将整个程序放入循环中。但是,当进程sshd没有运行时,这个:

set kill_pid to do shell script "ps ax | grep sshd | grep -v grep | awk '{ print $1 }'" password "<password>" with administrator privileges

返回错误。

这也是一个非常简单的解决方案,您只需使用try即可。 在上下文中,这看起来像这样:

repeat
    try
        set kill_pid to do shell script "ps ax | grep sshd | grep -v grep | awk '{ print $1 }'" password "<password>" with administrator privileges
        set kill_pid to do shell script "echo '" & kill_pid & "'| cut -c 7-"
        if length of kill_pid > 5 then
            set kill_pid to do shell script "echo '" & kill_pid & "'| cut -c 7-"
        end if
    end try
end repeat

最后一个问题是重复此操作会导致脚本占我CPU 400%的127%。

同样,一个非常简单的解决方法:

delay 1

这是我的整个代码:

repeat
    try
        set kill_pid to do shell script "ps ax | grep sshd | grep -v grep | awk '{ print $1 }'" password "<PASSWORD>" with administrator privileges
        set kill_pid to do shell script "echo '" & kill_pid & "'| cut -c 7-"
        if length of kill_pid > 5 then
            set kill_pid to do shell script "echo '" & kill_pid & "'| cut -c 7-"
        end if
        if kill_pid is equal to "" then
        end if
        if kill_pid is not equal to "" and length of kill_pid is equal to 5 then
            tell application "System Events"
                set question to display dialog "Do you want SSH to be running right now?" buttons {"No", "Yes"} default button 2
                set answer to button returned of question
                if answer is equal to "No" then
                    do shell script "kill -KILL " & kill_pid password "<PASSWORD>" with administrator privileges
                end if
                if answer is equal to "Yes" then
                    set wait to display dialog "Press OK when you are done running SSH. Or click Stop to stop checking for SSH." buttons {"Stop", "OK"} default button 2
                    set ok to button returned of wait
                    if ok is equal to "OK" then
                    end if
                    if ok is equal to "Stop" then
                        exit repeat
                    end if
                end if
            end tell
        end if
    end try
    delay 1
end repeat

现在,如果您希望将其作为应用程序运行并在登录时运行,请执行以下操作:

将脚本复制并粘贴到脚本编辑器中,然后转到文件&gt;导出并将其另存为应用程序。

enter image description here

然后要在登录时运行,您必须转到系统偏好设置&gt;用户&amp;群组&gt;登录项目并将其设置为在登录时运行。

enter image description here

最后,如果您想要自定义应用程序图标,只需将图像文件的一部分复制并粘贴到“获取信息”选项卡中的图标中即可。

复制(Command + c)一张图片。

enter image description here

右键单击该应用程序。

enter image description here

点击小图标(它应突出显示为蓝色)并粘贴(Command + v)复制的图片。

enter image description here

现在您有一个应用程序可以检查您计算机上运行的任何SSH!

enter image description here

修改

我添加了一项功能,以便您可以看到哪些IP已连接到您的计算机。

这是新代码:

repeat
    try
        set kill_pid to do shell script "ps ax | grep sshd | grep -v grep | awk '{ print $1 }'" password "PASSWORD" with administrator privileges
        set kill_pid to do shell script "echo '" & kill_pid & "'| cut -c 7-"
        if length of kill_pid > 5 then
            set kill_pid to do shell script "echo '" & kill_pid & "'| cut -c 7-"
        end if
        if kill_pid is equal to "" then
        end if
        if kill_pid is not equal to "" and length of kill_pid is equal to 5 then
            tell application "System Events"
                set userset to do shell script ("w")
                set question to display dialog "Do you want SSH to be running right now?" buttons {"Show Users", "No", "Yes"} default button 3
                set answer to button returned of question
                if answer is equal to "Show Users" then
                    set userset to do shell script "echo '" & userset & "'| cut -c 56-"
                    set question2 to display dialog "Current users:
                " & userset buttons {"Stop SSH", "Run SSH"} default button 2
                    set answer2 to button returned of question2
                    if answer2 is equal to "Stop SSH" then
                        set answer to "No"
                    end if
                    if answer2 is equal to "Run SSH" then
                        set answer to "Yes"
                    end if
                end if
                if answer is equal to "No" then
                    do shell script "kill -KILL " & kill_pid password "PASSWORD" with administrator privileges
                end if
                if answer is equal to "Yes" then
                    set wait to display dialog "Press OK when you are done running SSH. Or click Stop to stop checking for SSH." buttons {"Stop", "OK"} default button 2
                    set ok to button returned of wait
                    if ok is equal to "OK" then
                    end if
                    if ok is equal to "Stop" then
                        exit repeat
                    end if
                end if
            end tell
        end if
    end try
    delay 1
end repeat
相关问题
最新问题