htb monitored root方式其中的一种(仅作记录)

发布时间:2024年01月17日

快下班时候审出来的,目前root的第5种方式

nagios@monitored:~$ cat /usr/local/nagiosxi/scripts/backup_xi.sh
#!/bin/bash
#
# Creates a Full Backup of Nagios XI
# Copyright (c) 2011-2020 Nagios Enterprises, LLC. All rights reserved.
#

BASEDIR=$(dirname $(readlink -f $0))
SBLOG="/usr/local/nagiosxi/var/components/scheduledbackups.log"
ts=`date +%s`

# Import Nagios XI and xi-sys.cfg config vars
. $BASEDIR/../etc/xi-sys.cfg
eval $(php $BASEDIR/import_xiconfig.php)

###############################
# USAGE / HELP
###############################
usage () {
    echo ""
    echo "Use this script to backup Nagios XI."
    echo ""
        echo " -n | --name              Set the name of the backup minus the .tar.gz"
        echo " -p | --prepend           Prepend a string to the .tar.gz name"
        echo " -a | --append            Append a string to the .tar.gz name"
        echo " -d | --directory         Change the directory to store the compressed backup"
    echo ""
}

###############################
# ADDING LOGIC FOR NEW BACKUPS
###############################
while [ -n "$1" ]; do
    case "$1" in
        -h | --help)
            usage
            exit 0
            ;;
        -n | --name)
            fullname=$2
            ;;
        -p | --prepend)
            prepend=$2"."
            ;;
        -a | --append)
            append="."$2
            ;;
        -d | --directory)
            rootdir=$2
            ;;
    esac
    shift
done

echo "\nStarting new backup....\n"

# Restart nagios to forcibly update retention.dat
$BASEDIR/manage_services.sh restart nagios
sleep 10

if [ -z "$rootdir" ]; then
    rootdir="/store/backups/nagiosxi"
fi

# Move to root dir to store backups
cd "$rootdir"

#############################
# SET THE NAME & TIME
#############################
name=$fullname

if [ -z "$fullname" ]; then
    name="$prepend$ts$append"
fi

# Clean the name
name=$(echo "$name" | sed -e 's/[^[:alnum:].|-]//g')

# Get current Unix timestamp as name
if [ -z "$name" ]; then
    name="$ts"
fi

# My working directory
mydir=$rootdir/$name

# Make directory for this specific backup
mkdir -p "$mydir"

##############################
# BACKUP DIRS
##############################

# Only backup NagiosQL if it exists
if [ -d "/var/www/html/nagiosql" ]; then
    echo "Backing up NagiosQL..."
    tar czfp "$mydir/nagiosql.tar.gz" /var/www/html/nagiosql
    tar czfp "$mydir/nagiosql-etc.tar.gz" /etc/nagiosql
fi

echo "Backing up Nagios Core..."
tar czfp "$mydir/nagios.tar.gz" /usr/local/nagios

# Backup ramdisk if it exists
if [ -f "/etc/sysconfig/nagios" ]; then
    echo "Copying ramdisk configuration..."
    cp /etc/sysconfig/nagios "$mydir/ramdisk.nagios"
fi

echo "Backing up Nagios XI..."
tar czfp "$mydir/nagiosxi.tar.gz" /usr/local/nagiosxi

echo "Backing up MRTG..."
tar czfp "$mydir/mrtg.tar.gz" /var/lib/mrtg
cp /etc/mrtg/mrtg.cfg "$mydir/"
cp -r /etc/mrtg/conf.d "$mydir/"

# SNMP configs and MIBS
echo "Backing up the SNMP directories"
tar czfp "$mydir/etc-snmp.tar.gz" /etc/snmp
tar czfp "$mydir/usr-share-snmp.tar.gz" /usr/share/snmp

echo "Backing up NRDP..."
tar czfp "$mydir/nrdp.tar.gz" /usr/local/nrdp

echo "Backing up Nagvis..." 
tar czfp "$mydir/nagvis.tar.gz" /usr/local/nagvis

echo "Backing up nagios user home dir..." 
tar czfp "$mydir/home-nagios.tar.gz" /home/nagios

##############################
# BACKUP DATABASES
##############################
echo "Backing up MySQL databases..."
mkdir -p "$mydir/mysql"
if [[ "$cfg__db_info__ndoutils__dbserver" == *":"* ]]; then
    ndoutils_dbport=`echo "$cfg__db_info__ndoutils__dbserver" | cut -f2 -d":"`
    ndoutils_dbserver=`echo "$cfg__db_info__ndoutils__dbserver" | cut -f1 -d":"`
else
    ndoutils_dbport='3306'
    ndoutils_dbserver="$cfg__db_info__ndoutils__dbserver"
fi
mysqldump -h "$ndoutils_dbserver" --port="$ndoutils_dbport" -u $cfg__db_info__ndoutils__user --password="$cfg__db_info__ndoutils__pwd" --add-drop-database -B $cfg__db_info__ndoutils__db > $mydir/mysql/nagios.sql
res=$?
if [ $res != 0 ]; then
    echo "Error backing up MySQL database 'nagios' - check the password in this script!"
    rm -r "$mydir"
    exit $res;
fi
if [[ "$cfg__db_info__nagiosql__dbserver" == *":"* ]]; then
    nagiosql_dbport=`echo "$cfg__db_info__nagiosql__dbserver" | cut -f2 -d":"`
    nagiosql_dbserver=`echo "$cfg__db_info__nagiosql__dbserver" | cut -f1 -d":"`
else
    nagiosql_dbport='3306'
    nagiosql_dbserver="$cfg__db_info__nagiosql__dbserver"
fi
mysqldump -h "$nagiosql_dbserver" --port="$nagiosql_dbport" -u $cfg__db_info__nagiosql__user --password="$cfg__db_info__nagiosql__pwd" --add-drop-database -B $cfg__db_info__nagiosql__db > $mydir/mysql/nagiosql.sql
res=$?
if [ $res != 0 ]; then
    echo "Error backing up MySQL database 'nagiosql' - check the password in this script!"
    rm -r "$mydir"
    exit $res;
fi

# Only backup PostgresQL if we are still using it 
if [ $cfg__db_info__nagiosxi__dbtype == "pgsql" ]; then
    echo "Backing up PostgresQL databases..."
    mkdir -p "$mydir/pgsql"
    if [ -z $cfg__db_info__nagiosxi__dbserver ]; then
        cfg__db_info__nagiosxi__dbserver="localhost"
    fi
    pg_dump -h $cfg__db_info__nagiosxi__dbserver -c -U $cfg__db_info__nagiosxi__user $cfg__db_info__nagiosxi__db > "$mydir/pgsql/nagiosxi.sql"
    res=$?
    if [ $res != 0 ]; then
        echo "Error backing up PostgresQL database 'nagiosxi' !"
        rm -r "$mydir"
        exit $res;
    fi
else
    if [[ "$cfg__db_info__nagiosxi__dbserver" == *":"* ]]; then
        nagiosxi_dbport=`echo "$cfg__db_info__nagiosxi__dbserver" | cut -f2 -d":"`
        nagiosxi_dbserver=`echo "$cfg__db_info__nagiosxi__dbserver" | cut -f1 -d":"`
    else
        nagiosxi_dbport='3306'
        nagiosxi_dbserver="$cfg__db_info__nagiosxi__dbserver"
    fi
    mysqldump -h "$nagiosxi_dbserver" --port="$nagiosxi_dbport" -u $cfg__db_info__nagiosxi__user --password="$cfg__db_info__nagiosxi__pwd" --add-drop-database -B $cfg__db_info__nagiosxi__db > $mydir/mysql/nagiosxi.sql
    res=$?
    if [ $res != 0 ]; then
        echo "Error backing up MySQL database 'nagiosxi' - check the password in this script!"
        rm -r "$mydir"
        exit $res;
    fi
fi

##############################
# BACKUP CRONJOB ENTRIES
##############################
echo "Backing up cronjobs for Apache..."
mkdir -p "$mydir/cron"
if [[ "$distro" == "Ubuntu" ]] || [[ "$distro" == "Debian" ]]; then
    cp "/var/spool/cron/crontabs/$apacheuser" "$mydir/cron/apache"
else
    cp /var/spool/cron/apache "$mydir/cron/apache"
fi

##############################
# BACKUP SUDOERS
##############################
# Not necessary

##############################
# BACKUP LOGROTATE
##############################
echo "Backing up logrotate config files..."
mkdir -p "$mydir/logrotate"
cp -rp /etc/logrotate.d/nagiosxi "$mydir/logrotate"

##############################
# BACKUP APACHE CONFIG FILES
##############################
echo "Backing up Apache config files..."
mkdir -p "$mydir/httpd"
cp -rp "$httpdconfdir/nagios.conf" "$mydir/httpd"
cp -rp "$httpdconfdir/nagiosxi.conf" "$mydir/httpd"
cp -rp "$httpdconfdir/nagvis.conf" "$mydir/httpd"
cp -rp "$httpdconfdir/nrdp.conf" "$mydir/httpd"

if [ -d "/etc/apache2/sites-available" ]; then
    cp -rp /etc/apache2/sites-available/default-ssl.conf "$mydir/httpd"
else
    cp -rp "$httpdconfdir/ssl.conf" "$mydir/httpd"
fi

##############################
# COMPRESS BACKUP
##############################
echo "Compressing backup..."
tar czfp "$name.tar.gz" "$name"
rm -rf "$name"

# Change ownership
chown "$nagiosuser:$nagiosgroup" "$name.tar.gz"

if [ -s "$name.tar.gz" ];then

    echo " "
    echo "==============="
    echo "BACKUP COMPLETE"
    echo "==============="
    echo "Backup stored in $rootdir/$name.tar.gz"

    exit 0;
else
    echo " "
    echo "==============="
    echo "BACKUP FAILED"
    echo "==============="
    echo "File was not created at $rootdir/$name.tar.gz"
    rm -r "$mydir"
    exit 1;
fi

其中

# Restart nagios to forcibly update retention.dat
$BASEDIR/manage_services.sh restart nagios
sleep 10

会重启nagios服务,看下manage_services.sh

nagios@monitored:~$ cat /usr/local/nagiosxi/scripts/manage_services.sh
#!/bin/bash
#
# Manage Services (start/stop/restart)
# Copyright (c) 2015-2020 Nagios Enterprises, LLC. All rights reserved.
#
# =====================
# Built to allow start/stop/restart of services using the proper method based on
# the actual version of operating system.
#
# Examples:
# ./manage_services.sh start httpd
# ./manage_services.sh restart mysqld
# ./manage_services.sh checkconfig nagios
#

BASEDIR=$(dirname $(readlink -f $0))

# Import xi-sys.cfg config vars
. $BASEDIR/../etc/xi-sys.cfg

# Things you can do
first=("start" "stop" "restart" "status" "reload" "checkconfig" "enable" "disable")
second=("postgresql" "httpd" "mysqld" "nagios" "ndo2db" "npcd" "snmptt" "ntpd" "crond" "shellinaboxd" "snmptrapd" "php-fpm")

# Helper functions
# -----------------------

contains () {
    local array="$1[@]"
    local seeking=$2
    local in=1
    for element in "${!array}"; do
        if [[ "$element" == "$seeking" ]]; then
            in=0
            break
        fi
    done
    return $in
}

# Verify to avoid abuse
# -----------------------

# Check to verify the proper usage format
# ($1 = action, $2 = service name)

if ! contains first "$1"; then
    echo "First parameter must be one of: ${first[*]}"
    exit 1
fi

if ! contains second "$2"; then
    echo "Second parameter must be one of: ${second[*]}"
    exit 1
fi

action=$1

# if service name is defined in xi-sys.cfg use that name
# else use name passed
if [ "$2" != "php-fpm" ] && [ ! -z "${!2}" ];then
    service=${!2}
else
    service=$2
fi

# if the action is status, add -n 0 to args to stop journal output
# on CentOS/RHEL 7 systems
args=""
if [ "$action" == "status" ]; then
    args="-n 0"
fi

# Special case for ndo2db since we don't use it anymore
if [ "$service" == "ndo2db" ]; then
    echo "OK - Nagios XI 5.7 uses NDO3 build in and no longer uses the ndo2db service"
    exit 0
fi

# Run the command
# -----------------------

# CentOS / Red Hat

if [ "$distro" == "CentOS" ] || [ "$distro" == "RedHatEnterpriseServer" ] || [ "$distro" == "EnterpriseEnterpriseServer" ] || [ "$distro" == "OracleServer" ]; then
    # Check for enable/disable verb
    if [ "$action" == "enable" ] || [ "$action" == "disable" ]; then
        if [ `command -v systemctl` ]; then
            `which systemctl` --no-pager "$action" "$service"
        elif [ `command -v chkconfig` ]; then
            chkconfig_path=`which chkconfig`
            if [ "$action" == "enable" ]; then
                "$chkconfig_path" --add "$service"
                return_code=$?
            elif [ "$action" == "disable" ]; then
                "$chkconfig_path" --del "$service"
                return_code=$?
            fi
        fi

        exit $return_code
    fi

    if [ `command -v systemctl` ]; then
        `which systemctl` --no-pager "$action" "$service" $args
        return_code=$?
        if [ "$service" == "mysqld" ] && [ $return_code -ne 0 ]; then
            service="mariadb"
            `which systemctl` "$action" "$service" $args
            return_code=$?
        fi
    elif [ ! `command -v service` ]; then
        "/etc/init.d/$service" "$action"
        return_code=$?
    else
        `which service` "$service" "$action"
        return_code=$?
    fi
fi

# OpenSUSE / SUSE Enterprise

if [ "$distro" == "SUSE LINUX" ]; then
    if [ "$dist" == "suse11" ]; then
        `which service` "$service" "$action"
        return_code=$?
    fi
fi


# Ubuntu / Debian

if [ "$distro" == "Debian" ] || [ "$distro" == "Ubuntu" ]; then
    # Adjust the shellinabox service, no trailing 'd' in Debian/Ubuntu
    if [ "$service" == "shellinaboxd" ]; then
        service="shellinabox"
    fi

    if [ `command -v systemctl` ]; then
        `which systemctl` --no-pager "$action" "$service" $args
        return_code=$?
    else
        `which service` "$service" "$action"
        return_code=$?
    fi
fi

# Others?

exit $return_code

能看到会是识别完系统做对应的服务操作,其实等同于是一个systemctl
有趣的是$BASEDIR/manage_services.sh restart nagios会重启nagios服务

systemctl status nagios能看到服务的位置

Process: 8416 ExecStartPre=/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg 

这个是有权限修改的

-rwxrwxrwx 1 nagios nagios 16864 Jan 17 05:09 /usr/local/nagios/bin/nagios

所以重新编译一个丢进去让她启动弹shell回来就行
在这里插入图片描述

文章来源:https://blog.csdn.net/m0_56308852/article/details/135656908
本文来自互联网用户投稿,该文观点仅代表作者本人,不代表本站立场。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。