1

我想检查进程 'sshd' 是否在用户 'ladmin' 上运行,如果是,则从我的用户 'patrick' 中将其杀死。我也是管理员。

这是我的代码:

tell application "System Events"
    set ProcessList to name of every process
    if "sshd" is in ProcessList then
        set ThePID to unix id of process "sshd"
        do shell script "kill -KILL " & ThePID with administrator privileges
    end if
end tell

我的问题是ProcessList它只包含我用户的进程。此外,它也只包含某些进程,包括我所有的应用程序和系统事件和 Dock。即使进程 sshd 在我的用户上,它也不会显示。

另外,有没有办法可以将其设置为在启动/登录时运行?

4

1 回答 1

0

这是我自己的答案:

而不是使用set ProcessList to name of every process. 改为使用 shell 脚本作为 root。

set kill_pid to do shell script "ps ax | grep sshd | grep -v grep | awk '{ print $1 }'" password "<PASSWORD>" with administrator privileges

但这会引发一个问题,因为当有人使用 SSH 远程访问您的计算机时,三个不同的用户会运行 sshd 进程。

这三个用户是:

根_sshd

此外,用户 _sshd 会在大约十到二十秒后消失。

所以,这意味着在最初的几秒钟内kill_pid包含三、五位数字,但在那之后kill_pid只包含两个五位数字。此外,这些数字由空格分隔。

解决这个问题相当简单:

set kill_pid to do shell script "echo '" & kill_pid & "'| cut -c 7-"
        if length of kill_pid > 5 then
            set kill_pid to do shell script "echo '" & kill_pid & "'| cut -c 7-"
        end if

总体上还有更多的问题。如果我希望脚本继续检查 sshd 而不仅仅是一次我必须将整个程序放入一个循环中。虽然,当进程 sshd 没有运行时,这:

set kill_pid to do shell script "ps ax | grep sshd | grep -v grep | awk '{ print $1 }'" password "<password>" with administrator privileges

返回错误。

这也是一个非常简单的修复,您所要做的就是使用try. 在上下文中,这看起来像这样:

repeat
    try
        set kill_pid to do shell script "ps ax | grep sshd | grep -v grep | awk '{ print $1 }'" password "<password>" with administrator privileges
        set kill_pid to do shell script "echo '" & kill_pid & "'| cut -c 7-"
        if length of kill_pid > 5 then
            set kill_pid to do shell script "echo '" & kill_pid & "'| cut -c 7-"
        end if
    end try
end repeat

最后一个问题是重复此操作会导致脚本占用我 400% 的 CPU 中的 127%。

同样,一个非常简单的修复:

delay 1

这是我的整个代码:

repeat
    try
        set kill_pid to do shell script "ps ax | grep sshd | grep -v grep | awk '{ print $1 }'" password "<PASSWORD>" with administrator privileges
        set kill_pid to do shell script "echo '" & kill_pid & "'| cut -c 7-"
        if length of kill_pid > 5 then
            set kill_pid to do shell script "echo '" & kill_pid & "'| cut -c 7-"
        end if
        if kill_pid is equal to "" then
        end if
        if kill_pid is not equal to "" and length of kill_pid is equal to 5 then
            tell application "System Events"
                set question to display dialog "Do you want SSH to be running right now?" buttons {"No", "Yes"} default button 2
                set answer to button returned of question
                if answer is equal to "No" then
                    do shell script "kill -KILL " & kill_pid password "<PASSWORD>" with administrator privileges
                end if
                if answer is equal to "Yes" then
                    set wait to display dialog "Press OK when you are done running SSH. Or click Stop to stop checking for SSH." buttons {"Stop", "OK"} default button 2
                    set ok to button returned of wait
                    if ok is equal to "OK" then
                    end if
                    if ok is equal to "Stop" then
                        exit repeat
                    end if
                end if
            end tell
        end if
    end try
    delay 1
end repeat

现在,如果您希望它作为应用程序运行并在登录时运行,请执行以下操作:

将脚本复制并粘贴到脚本编辑器中,然后转到文件>导出并将其保存为应用程序。

在此处输入图像描述

然后要让它在登录时运行,您必须转到系统偏好设置>用户和组>登录项并将其设置为在登录时运行。

在此处输入图像描述

最后,如果您想要自定义应用程序图标,只需将图像文件的一部分复制并粘贴到“获取信息”选项卡中的图标中。

复制 (Command+c) 一张图像。

在此处输入图像描述

右键单击应用程序。

在此处输入图像描述

单击小图标(它应该以蓝色突出显示)并粘贴(Command + v)复制的图片。

在此处输入图像描述

现在您有一个应用程序可以检查您计算机上运行的任何 SSH!

在此处输入图像描述

编辑

我添加了一项功能,以便您可以查看通过 SSH 连接到您的计算机的 IP。

这是新代码:

repeat
    try
        set kill_pid to do shell script "ps ax | grep sshd | grep -v grep | awk '{ print $1 }'" password "PASSWORD" with administrator privileges
        set kill_pid to do shell script "echo '" & kill_pid & "'| cut -c 7-"
        if length of kill_pid > 5 then
            set kill_pid to do shell script "echo '" & kill_pid & "'| cut -c 7-"
        end if
        if kill_pid is equal to "" then
        end if
        if kill_pid is not equal to "" and length of kill_pid is equal to 5 then
            tell application "System Events"
                set userset to do shell script ("w")
                set question to display dialog "Do you want SSH to be running right now?" buttons {"Show Users", "No", "Yes"} default button 3
                set answer to button returned of question
                if answer is equal to "Show Users" then
                    set userset to do shell script "echo '" & userset & "'| cut -c 56-"
                    set question2 to display dialog "Current users:
                " & userset buttons {"Stop SSH", "Run SSH"} default button 2
                    set answer2 to button returned of question2
                    if answer2 is equal to "Stop SSH" then
                        set answer to "No"
                    end if
                    if answer2 is equal to "Run SSH" then
                        set answer to "Yes"
                    end if
                end if
                if answer is equal to "No" then
                    do shell script "kill -KILL " & kill_pid password "PASSWORD" with administrator privileges
                end if
                if answer is equal to "Yes" then
                    set wait to display dialog "Press OK when you are done running SSH. Or click Stop to stop checking for SSH." buttons {"Stop", "OK"} default button 2
                    set ok to button returned of wait
                    if ok is equal to "OK" then
                    end if
                    if ok is equal to "Stop" then
                        exit repeat
                    end if
                end if
            end tell
        end if
    end try
    delay 1
end repeat
于 2015-02-27T19:41:04.553 回答