|
|
本帖最后由 小白 于 2018-1-13 13:35 编辑
萌新来装大佬了,各位真∙大佬请轻喷
最近论坛开源的风气挺不错的,我也来开源一下自用了很久的一键清除后台监控的脚本
附件:
脚本适用于:
阿里云 国际版(国内未测试,因为我没有国内的机子)
腾讯云 国内国际版通用
的 系统选择里可选的最新版 CentOS 7,并在已取消勾选所有可选后台监控的情况下
建议在新装系统中使用,脚本会自动判断是哪个服务商,并执行相应的命令
也可以手动指定:
./um.sh ai 阿里云(aliyun intl)
./um.sh tx 腾讯云(teng xun)
最近在加紧学习使用 Git,之后会传到 Github 上去就不用麻烦的下附件了,直接真正的一键运行
脚本综合了前面各位大佬的作品,并添加了一些被忽视的地方,优化了逻辑顺序和组合关系,改善了可读性,且注明了较为详细的注释
我很认真的去读了云计算服务商的官方文档,并且分析了官方的卸载脚本,安装脚本,所以我想应该能很干净的清除掉了
不过我还是想说一下,这种清理的脚本太被动了,服务商他们一改这边又要重新去研究一遍,这不是长久的解决方法
所以后面我还会去学习 Vicer 大和其他各位大佬的 dd,系统重装脚本,争取能写一个易读的,兼容性好的重装系统的脚本
只有重装一遍干净的系统才能杜绝后台监控这种行为
在这也把代码贴上来,可以先预览一下:
- #!/bin/bash
- # ===================================
- # 用法: ./um.sh [服务商]
- # 如果没有附带参数,将会自动判断服务商
- # 可用的服务商:
- # ai 阿里云 国际版
- # tx 腾讯云 通用
- # jd 京东云 (待完成)
- # ===================================
- # 卸载后台监视程序,并优化系统设置。
- #
- # 仅支持系统选择里可选的最新版 CentOS 7,
- # 并在已取消勾选所有可选后台监控的情况下。
- #
- # 阿里云云盾扫描 ip :
- # 140.205.201.0/28,140.205.201.16/29,140.205.201.32/28,140.205.225.192/29,140.205.225.200/30,140.205.225.184/29,140.205.225.183/32,140.205.225.206/32,140.205.225.205/32,140.205.225.195/32,140.205.225.204/32
- # 请在防火墙中阻止其访问。
- # 云盾参考:
- # 国内版: https://help.aliyun.com/knowledge_detail/37436.html
- # 国际版: https://www.alibabacloud.com/help/zh/faq-detail/37436.htm
- #
- # 脚本参考:
- # 阿里云官方卸载文档: https://help.aliyun.com/document_detail/31777.html
- # 阿里云官方卸载脚本: http://update.aegis.aliyun.com/download/uninstall.sh
- # 腾讯云官方卸载文档: https://www.qcloud.com/document/product/248/2259
- # ===================================
- # um.sh
- # by DuanLian & pbstu
- # https://www.pbstu.com/
- # 2018.01.07
- # ===================================
- # 重置 DNS
- dns () {
- # 判断 高墙
- if [ -z "`timeout 1s ping -c 1 google.com`" ]; then
- # 国内
- # 使用 114 DNS
- cat > /etc/resolv.conf << "EOF"
- nameserver 114.114.114.114
- EOF
- else
- # 国外
- # 使用 Google DNS
- cat > /etc/resolv.conf << "EOF"
- nameserver 8.8.8.8
- nameserver 8.8.4.4
- EOF
- fi
- }
- # 重置源
- repo () {
- # 删除所有自带源及自带公钥
- rpm -e --allmatches gpg-pubkey
- rm -rf /etc/yum.repos.d/*
- rm -rf /etc/pki/rpm-gpg/*
- # 导入 CentOS 源公钥, 为防止在传输中被篡改所以写死在脚本中, 原址为: https://www.centos.org/keys/RPM-GPG-KEY-CentOS-7
- cat > /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 << "EOF"
- -----BEGIN PGP PUBLIC KEY BLOCK-----
- Version: GnuPG v1.4.5 (GNU/Linux)
- mQINBFOn/0sBEADLDyZ+DQHkcTHDQSE0a0B2iYAEXwpPvs67cJ4tmhe/iMOyVMh9
- Yw/vBIF8scm6T/扶墙5fopsKiW9UsAhGKg0epC6y5ed+NAUHTEa6pSOdo7CyFDwtn
- 4HF61Esyb4gzPT6QiSr0zvdTtgYBRZjAEPFVu3Dio0oZ5UQZ7fzdZfeixMQ8VMTQ
- 4y4x5vik9B+cqmGiq9AW71ixlDYVWasgR093fXiD9NLT4DTtK+KLGYNjJ8eMRqfZ
- Ws7g7C+9aEGHfsGZ/SxLOumx/GfiTloal0dnq8TC7XQ/JuNdB9qjoXzRF+faDUsj
- WuvNSQEqUXW1dzJjBvroEvgTdfCJfRpIgOrc256qvDMp1SxchMFltPlo5mbSMKu1
- x1p4UkAzx543meMlRXOgx2/hnBm6H6L0FsSyDS6P224yF+30eeODD4Ju4BCyQ0jO
- IpUxmUnApo/m0eRelI6TRl7jK6aGqSYUNhFBuFxSPKgKYBpFhVzRM63Jsvib82rY
- 438q3sIOUdxZY6pvMOWRkdUVoz7WBExTdx5NtGX4kdW5QtcQHM+2kht6sBnJsvcB
- JYcYIwAUeA5vdRfwLKuZn6SgAUKdgeOtuf+cPR3/E68LZr784SlokiHLtQkfk98j
- NXm6fJjXwJvwiM2IiFyg8aUwEEDX5U+QOCA0wYrgUQ/h8iathvBJKSc9jQARAQAB
- tEJDZW50T1MtNyBLZXkgKENlbnRPUyA3IE9mZmljaWFsIFNpZ25pbmcgS2V5KSA8
- c2VjdXJpdHlAY2VudG9zLm9yZz6JAjUEEwECAB8FAlOn/0sCGwMGCwkIBwMCBBUC
- CAMDFgIBAh4BAheAAAoJECTGqKf0qA61TN0P/2730Th8cM+d1pEON7n0F1YiyxqG
- QzwpC2Fhr2UIsXpi/lWTXIG6AlRvrajjFhw9HktYjlF4oMG032SnI0XPdmrN29lL
- F+ee1ANdyvtkw4mMu2yQweVxU7Ku4oATPBvWRv+6pCQPTOMe5xPG0ZPjPGNiJ0xw
- 4Ns+f5Q6Gqm927oHXpylUQEmuHKsCp3dK/kZaxJOXsmq6syY1gbrLj2Anq0iWWP4
- Tq8WMktUrTcc+zQ2pFR7ovEihK0Rvhmk6/N4+4JwAGijfhejxwNX8T6PCuYs5Jiv
- hQvsI9FdIIlTP4XhFZ4N9ndnEwA4AH7tNBsmB3HEbLqUSmu2Rr8hGiT2Plc4Y9AO
- aliW1kOMsZFYrX39krfRk2n2NXvieQJ/lw318gSGR67uckkz2ZekbCEpj/0mnHWD
- 3R6V7m95R6UYqjcw++Q5CtZ2tzmxomZTf42IGIKBbSVmIS75WY+cBULUx3PcZYHD
- ZqAbB0Dl4MbdEH61kOI8EbN/TLl1i077r+9LXR1mOnlC3GLD03+XfY8eEBQf7137
- YSMiW5r/5xwQk7xEcKlbZdmUJp3ZDTQBXT06vavvp3jlkqqH9QOE8ViZZ6aKQLqv
- pL+4bs52jzuGwTMT7gOR5MzD+vT0fVS7Xm8MjOxvZgbHsAgzyFGlI1ggUQmU7lu3
- uPNL0eRx4S1G4Jn5
- =OGYX
- -----END PGP PUBLIC KEY BLOCK-----
- EOF
- rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
- # 导入 CentOS 源
- cat > /etc/yum.repos.d/CentOS-Base.repo << "EOF"
- # CentOS-Base.repo
- #
- # The mirror system uses the connecting IP address of the client and the
- # update status of each mirror to pick mirrors that are updated to and
- # geographically close to the client. You should use this for CentOS updates
- # unless you are manually picking other mirrors.
- #
- # If the mirrorlist= does not work for you, as a fall back you can try the
- # remarked out baseurl= line instead.
- #
- #
- [base]
- name=CentOS-$releasever - Base
- mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os&infra=$infra
- #baseurl=http://mirror.centos.org/centos/$releasever/os/$basearch/
- gpgcheck=1
- gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
- #released updates
- [updates]
- name=CentOS-$releasever - Updates
- mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=updates&infra=$infra
- #baseurl=http://mirror.centos.org/centos/$releasever/updates/$basearch/
- gpgcheck=1
- gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
- #additional packages that may be useful
- [extras]
- name=CentOS-$releasever - Extras
- mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=extras&infra=$infra
- #baseurl=http://mirror.centos.org/centos/$releasever/extras/$basearch/
- gpgcheck=1
- gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
- #additional packages that extend functionality of existing packages
- [centosplus]
- name=CentOS-$releasever - Plus
- mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=centosplus&infra=$infra
- #baseurl=http://mirror.centos.org/centos/$releasever/centosplus/$basearch/
- gpgcheck=1
- enabled=0
- gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
- EOF
- # 清理缓存
- yum clean all
- rm -rf /var/cache/yum
- # 安装 epel 源
- yum -y install epel-release
- rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
- }
- # 重置 ntpd
- ntpd () {
- systemctl stop ntpd
- yum -y remove ntp
- rm -f /etc/ntp.conf*
- rm -rf /etc/ntp
- yum -y install ntp
- systemctl start ntpd
- }
- # 阿里云国际版
- ai () {
- # 卸载后台监视程序
- killall -9 AliYunDunUpdate
- killall -9 AliYunDun
- killall -9 AliHids
- systemctl stop aliyun
- systemctl stop agentwatch
- systemctl stop aegis
- systemctl disable aliyun
- systemctl disable agentwatch
- systemctl disable aegis
- chkconfig --del agentwatch
- chkconfig --del aegis
- for i in {0..6}; do
- rm -rf /etc/rc.d/rc${i}.d/*aegis
- rm -rf /etc/rc.d/rc${i}.d/*agentwatch
- done
- rm -rf /etc/systemd/system/aliyun.service
- rm -rf /etc/rc.d/init.d/aegis
- rm -rf /etc/rc.d/init.d/agentwatch
- rm -rf /usr/local/aegis
- rm -rf /usr/sbin/aliyun-service
- rm -rf /usr/sbin/gshelld
- rm -rf /usr/sbin/virt-what-cpuid-helper
- systemctl daemon-reload
- dns
- repo
- ntpd
- # 还原 Python 设置
- rm -f /root/.pydistutils.cfg
- rm -rf /root/.pip
- rm -rf /root/.cache
- # 清空 motd 消息
- > /etc/motd
- exit
- }
- # 腾讯云通用
- tx () {
- # 清理后台监视程序
- rm -rf /usr/local/qcloud
- # 清空定时任务
- > /var/spool/cron/root
- sed -i 20,22d /etc/rc.local
- # 关闭 postfix 服务
- systemctl stop postfix
- systemctl disable postfix
- dns
- repo
- ntpd
- exit
- }
- # 判断服务商
- if [ -z $1 ]; then
- if [ -f /etc/systemd/system/aliyun.service ]; then ai
- elif [ -f /usr/local/qcloud ]; then tx
- else echo "No IDC match. 没有服务商匹配。"; exit
- fi
- else
- case $1 in
- ai) ai ;;
- tx) tx ;;
- *) echo "No IDC match. 没有服务商匹配。" ; exit ;;
- esac
- fi
|
本帖子中包含更多资源
您需要 登录 才可以下载或查看,没有账号?立即注册
x
|
发表于 2018-1-7 13:39:00
