Essential Bash Scripts for Linux Process Inspection and System Hardening
This article provides a collection of Bash scripts for Linux administrators to filter process details by PID or name, retrieve user account information, and apply various system hardening measures such as password policy enforcement, SSH restrictions, and immutable file protection.
1. Filter Process Information by PID
This script prompts the user for a PID, verifies its existence, and then displays detailed information about the process, including command, owner, CPU and memory usage, start time, runtime, status, virtual and shared memory.
#!/bin/bash
# Function: Filter all information of a given PID
read -p "请输入要查询的PID: " P
n=`ps -aux| awk '$2~/^'$P'$/ {print $11}'|wc -l`
if [ $n -eq 0 ]; then
echo "该PID不存在!!"
exit
fi
echo "--------------------------------"
echo "进程PID: $P"
echo "进程命令:`ps -aux| awk '$2~/^'$P'$/ {print $11}'`"
echo "进程所属用户: `ps -aux| awk '$2~/^'$P'$/ {print $1}'`"
echo "CPU占用率:`ps -aux| awk '$2~/^'$P'$/ {print $3}'`%"
echo "内存占用率:`ps -aux| awk '$2~/^'$P'$/ {print $4}'`%"
echo "进程开始运行的时刻:`ps -aux| awk '$2~/^'$P'$/ {print $9}'`"
echo "进程运行的时间:`ps -aux| awk '$2~/^'$P'$/ {print $10}'`"
echo "进程状态:`ps -aux| awk '$2~/^'$P'$/ {print $8}'`"
echo "进程虚拟内存:`ps -aux| awk '$2~/^'$P'$/ {print $5}'`"
echo "进程共享内存:`ps -aux| awk '$2~/^'$P'$/ {print $6}'`"
echo "--------------------------------"2. Filter Process Information by Name
This script asks for a process name, counts matching processes, and iterates through each, outputting PID, command, owner, CPU and memory usage, start time, runtime, status, virtual and shared memory.
#!/bin/bash
# Function: Filter processes by name and display details
read -p "请输入要查询的进程名:" NAME
N=`ps -aux | grep $NAME | grep -v grep | wc -l` ##统计进程总数
if [ $N -le 0 ]; then
echo "该进程名没有运行!"
fi
i=1
while [ $N -gt 0 ]
do
echo "进程PID: `ps -aux | grep $NAME | grep -v grep | awk 'NR=='$i'{print $0}'| awk '{print $2}'`"
echo "进程命令:`ps -aux | grep $NAME | grep -v grep | awk 'NR=='$i'{print $0}'| awk '{print $11}'`"
echo "进程所属用户: `ps -aux | grep $NAME | grep -v grep | awk 'NR=='$i'{print $0}'| awk '{print $1}'`"
echo "CPU占用率:`ps -aux | grep $NAME | grep -v grep | awk 'NR=='$i'{print $0}'| awk '{print $3}'`%"
echo "内存占用率:`ps -aux | grep $NAME | grep -v grep | awk 'NR=='$i'{print $0}'| awk '{print $4}'`%"
echo "进程开始运行的时刻:`ps -aux | grep $NAME | grep -v grep | awk 'NR=='$i'{print $0}'| awk '{print $9}'`"
echo "进程运行的时间:` ps -aux | grep $NAME | grep -v grep | awk 'NR=='$i'{print $0}'| awk '{print $11}'`"
echo "进程状态:`ps -aux | grep $NAME | grep -v grep | awk 'NR=='$i'{print $0}'| awk '{print $8}'`"
echo "进程虚拟内存:`ps -aux | grep $NAME | grep -v grep | awk 'NR=='$i'{print $0}'| awk '{print $5}'`"
echo "进程共享内存:`ps -aux | grep $NAME | grep -v grep | awk 'NR=='$i'{print $0}'| awk '{print $6}'`"
echo "***************************************************************"
let N-- i++
done3. Query User Information by Username
This script reads a username, checks its existence in /etc/passwd, and prints the username, UID, primary group, GID, home directory, and whether the account has login permission based on its shell.
#!/bin/bash
# Function: Query all information of a user by username
read -p "请输入要查询的用户名:" A
echo "------------------------------"
n=`cat /etc/passwd | awk -F: '$1~/^'$A'$/ {print}' | wc -l`
if [ $n -eq 0 ]; then
echo "该用户不存在"
echo "------------------------------"
else
echo "该用户的用户名:$A"
echo "该用户的UID:`cat /etc/passwd | awk -F: '$1~/^'$A'$/ {print}'|awk -F: '{print $3}'`"
echo "该用户的组为:`id $A | awk {'print $3'}`"
echo "该用户的GID:`cat /etc/passwd | awk -F: '$1~/^'$A'$/ {print}'|awk -F: '{print $4}'`"
echo "该用户的家目录:`cat /etc/passwd | awk -F: '$1~/^'$A'$/ {print}'|awk -F: '{print $6}'`"
Login=`cat /etc/passwd | awk -F: '$1~/^'$A'$/ {print}'|awk -F: '{print $7}'`
if [ $Login == "/bin/bash" ]; then
echo "该用户有登录系统的权限!!"
echo "------------------------------"
elif [ $Login == "/sbin/nologin" ]; then
echo "该用户没有登录系统的权限!!"
echo "------------------------------"
fi
fi4. System Hardening Configurations
This comprehensive script interactively sets password policies, enforces password complexity, configures SSH to disallow root login, limits command history size, sets session timeout, restricts su access to the wheel group, audits users with empty passwords, and optionally makes critical account files immutable.
#!/bin/bash
# Function: Harden system password and account settings
read -p "设置密码最多可多少天不修改:" A
read -p "设置密码修改之间最小的天数:" B
read -p "设置密码最短的长度:" C
read -p "设置密码失效前多少天通知用户:" D
sed -i '/^PASS_MAX_DAYS/c\PASS_MAX_DAYS 'Signed-in readers can open the original source through BestHub's protected redirect.
This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactand we will review it promptly.
Liangxu Linux
Liangxu, a self‑taught IT professional now working as a Linux development engineer at a Fortune 500 multinational, shares extensive Linux knowledge—fundamentals, applications, tools, plus Git, databases, Raspberry Pi, etc. (Reply “Linux” to receive essential resources.)
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.