uninstall脚本

prepare.sh

@@ -6,6 +6,7 @@ set -e
 SOURCE_MAIN="../bash_go_service/main"
 SOURCE_CONFIG="../bash_go_service/config/config.yaml"
 SOURCE_INSTALL_SCRIPT="../bash_go_service/install_product_id_generator.sh"
+SOURCE_UNINSTALL_SCRIPT="../bash_go_service/install_product_id_generator.sh"
 SOURCE_INTERCEPT_SO="../execve_hook/build/intercept.so"
 
 DEST_DIST="./dist"
@@ -13,6 +14,7 @@ DEST_LOGS="$DEST_DIST/logs"
 DEST_CONFIG="$DEST_DIST/config"
 DEST_SCRIPT="./script"
 DEST_INSTALL_SCRIPT="$DEST_SCRIPT/install_product_id_generator.sh"
+DEST_UNINSTALL_SCRIPT="$DEST_SCRIPT/uninstall_product_id_generator.sh"
 
 # 检查 main 是否存在且为可执行文件
 if [[ ! -x "$SOURCE_MAIN" ]]; then
@@ -58,6 +60,15 @@ else
     exit 1
 fi
 
+# 拷贝 uninstall_product_id_generator.sh（强制覆盖）
+if [[ -r "$SOURCE_UNINSTALL_SCRIPT" ]]; then
+    cp -f "$SOURCE_UNINSTALL_SCRIPT" "$DEST_UNINSTALL_SCRIPT"
+    echo "已复制 uninstall_product_id_generator.sh 到 $DEST_SCRIPT/"
+else
+    echo "错误：$SOURCE_UNINSTALL_SCRIPT 不可读取或不存在"
+    exit 1
+fi
+
 # 拷贝 intercept.so
 if [[ -r "$SOURCE_INTERCEPT_SO" ]]; then
     cp "$SOURCE_INTERCEPT_SO" "$DEST_DIST/"

script/uninstall_product_id_generator.sh

@@ -0,0 +1,100 @@
+#!/bin/bash
+
+set -e
+
+# 必须以 root 运行
+if [ "$(id -u)" -ne 0 ]; then
+  echo "❌ 请以 root 用户执行此脚本"
+  exit 1
+fi
+
+SERVICE_NAME="bash-product-id.service"
+UUID_DIR="/etc/bash_product" 
+UUID_FILE="$UUID_DIR/BASH_PRODUCT_ID"
+SYSTEMD_SERVICE_FILE="/etc/systemd/system/$SERVICE_NAME"
+
+echo "🔧 配置 BASH_PRODUCT_ID 服务..."
+
+# 创建必要的目录
+mkdir -p "$UUID_DIR"
+
+# 创建 systemd 服务文件
+if [ ! -f "$SYSTEMD_SERVICE_FILE" ]; then
+  cat > "$SYSTEMD_SERVICE_FILE" <<EOL
+[Unit]
+Description=Generate BASH_PRODUCT_ID if not exists
+After=local-fs.target
+
+[Service]
+Type=oneshot
+RemainAfterExit=yes
+ExecStart=/bin/bash -c 'UUID_FILE=/etc/bash_product/BASH_PRODUCT_ID; \
+  if [ ! -f "\$UUID_FILE" ]; then \
+    UUID=\$(cat /proc/sys/kernel/random/uuid); \
+    echo "\$UUID" > "\$UUID_FILE"; \
+    chmod 644 "\$UUID_FILE"; \
+  fi'
+
+[Install]
+WantedBy=multi-user.target
+EOL
+  echo "✅ systemd 服务文件已创建。"
+fi
+
+# 1. 配置PAM环境变量
+echo "配置 PAM 环境变量..."
+if ! grep -q "BASH_PRODUCT_ID" /etc/security/pam_env.conf; then
+    echo 'BASH_PRODUCT_ID DEFAULT="unset" OVERRIDE=`cat /etc/bash_product/BASH_PRODUCT_ID 2>/dev/null || echo "unset"`' >> /etc/security/pam_env.conf
+fi
+
+# 2. 配置全局环境变量
+echo "配置 /etc/environment..."
+grep -v "BASH_PRODUCT_ID" /etc/environment > /etc/environment.tmp || true
+echo 'BASH_PRODUCT_ID=$(cat /etc/bash_product/BASH_PRODUCT_ID 2>/dev/null || echo "unset")' >> /etc/environment.tmp
+mv /etc/environment.tmp /etc/environment
+
+# 3. 配置profile.d脚本
+echo "配置 profile.d 脚本..."
+cat > /etc/profile.d/bash-product-id.sh <<'EOL'
+#!/bin/bash
+if [ -f "/etc/bash_product/BASH_PRODUCT_ID" ]; then
+    export BASH_PRODUCT_ID=$(cat /etc/bash_product/BASH_PRODUCT_ID)
+else
+    export BASH_PRODUCT_ID="unset"
+fi
+EOL
+chmod +x /etc/profile.d/bash-product-id.sh
+
+# 4. 配置bash.bashrc
+echo "配置 /etc/bash.bashrc..."
+BASHRC_CONFIG='
+# BASH_PRODUCT_ID environment variable
+if [ -f "/etc/bash_product/BASH_PRODUCT_ID" ]; then
+    export BASH_PRODUCT_ID=$(cat /etc/bash_product/BASH_PRODUCT_ID)
+else
+    export BASH_PRODUCT_ID="unset"
+fi'
+
+if ! grep -q "BASH_PRODUCT_ID" /etc/bash.bashrc; then
+    echo "$BASHRC_CONFIG" >> /etc/bash.bashrc
+fi
+
+# 重新加载 systemd 配置并启用服务
+systemctl daemon-reload
+systemctl enable "$SERVICE_NAME"
+systemctl start "$SERVICE_NAME"
+
+echo ""
+echo "✅ 配置完成！"
+echo "当前设置:"
+if [ -f "$UUID_FILE" ]; then
+    echo "BASH_PRODUCT_ID=$(cat $UUID_FILE)"
+else 
+    echo "BASH_PRODUCT_ID=unset"
+fi
+echo ""
+echo "重新登录终端后环境变量将自动加载。"
+echo "立即生效请执行以下任一命令:"
+echo "source /etc/bash.bashrc"
+echo "source /etc/profile.d/bash-product-id.sh"
+echo "source /etc/environment"

uninstall.sh

@@ -0,0 +1,55 @@
+#!/bin/bash
+
+set -e
+
+# 检查 root 权限
+if [[ $EUID -ne 0 ]]; then
+    echo "❌ 必须以 root 用户运行"
+    exit 1
+fi
+
+INSTALL_DIR="/etc/exec_hook"
+
+# 删除后端服务和拦截库
+rm -rf "$INSTALL_DIR"
+
+# 删除 profile 启动脚本
+rm -f /etc/profile.d/exec_hook.sh
+
+# 修改所有用户的 .bashrc 文件（跳过无效 home）
+HOOK_CODE=$(cat <<'EOF'
+# ========== exec_hook 注入 ==========
+if [[ -z "$EXEC_HOOK_DONE" && -z "$SSH_ORIGINAL_COMMAND" && "$-" == *i* ]]; then
+    export EXEC_HOOK_DONE=1
+    /etc/exec_hook/backend_service
+    export LD_PRELOAD=/etc/exec_hook/intercept.so
+    exec "$SHELL" --login
+fi
+# ========== exec_hook 结束 ==========
+EOF
+)
+
+for USER_HOME in /root $(awk -F: '$3>=1000{print $6}' /etc/passwd); do
+    BASHRC="$USER_HOME/.bashrc"
+    if [[ -d "$USER_HOME" && -f "$BASHRC" ]]; then
+        if grep -q "$HOOK_CODE" "$BASHRC"; then
+            sed -i "/$HOOK_CODE/d" "$BASHRC"
+            echo "✅ 从 $BASHRC 中移除 exec_hook 注入"
+        else
+            echo "🔁 $BASHRC 中没有 exec_hook 注入，跳过"
+        fi
+    else
+        echo "⚠️ 跳过无效 home 目录：$USER_HOME 或没有 .bashrc 文件"
+    fi
+done
+
+# === 执行卸载 install_product_id_generator.sh ===
+if [[ -x ./script/uninstall_product_id_generator.sh ]]; then
+    echo "🚀 执行 uninstall_product_id_generator.sh..."
+    ./script/uninstall_product_id_generator.sh || { echo "❌ uninstall_product_id_generator.sh 执行失败"; exit 1; }
+    echo "✅ uninstall_product_id_generator.sh 执行完成"
+else
+    echo "❌ 找不到或无法执行 ./script/uninstall_product_id_generator.sh"
+fi
+
+echo "✅ 卸载完成"