Обновить server/motd-info.sh

server/motd-info.sh

@@ -15,7 +15,7 @@ CYAN="\033[0;36m"
 RESET="\033[0m"
 
 MEM_STAT=$(free -m | awk '/^Mem:/{printf "%.1f/%.1f МБ", $3, $2}')
-LOAD_AVG=$(cat /proc/loadavg | awk '{print $1 " " $2 " " $3}')
+LOAD_AVG=$(awk '{print $1 " " $2 " " $3}' /proc/loadavg)
 if command -v sensors &>/dev/null && sensors | grep -iP "Core|temp1" >/dev/null; then
   CPU_TEMP=$(sensors | grep -iP "Core|temp1" | head -n1 | awk '{print $NF}')
 elif [[ -r /sys/class/thermal/thermal_zone0/temp ]]; then
@@ -26,42 +26,50 @@ else
 fi
 DISK_STAT=$(df -h / | awk 'NR==2{printf "%s/%s (свободно/всего)", $4, $2}')
 
-AUTHLOG=""
-if [[ -f /var/log/auth.log ]]; then
-  AUTHLOG="/var/log/auth.log"
-elif [[ -f /var/log/secure ]]; then
-  AUTHLOG="/var/log/secure"
-fi
-
-DATE_24H_AGO=$(date --date="24 hours ago" "+%b %-d")
-CURRENT_DATE=$(date "+%b %-d")
+# Английская локаль для дат
+DATE_24H_AGO=$(LC_TIME=C date --date="24 hours ago" "+%b %-d")
+CURRENT_DATE=$(LC_TIME=C date "+%b %-d")
 HOUR_24H_AGO=$(date --date="24 hours ago" "+%H")
 CURRENT_HOUR=$(date "+%H")
 
-extract_lines_24h() {
-  awk -v d1="$DATE_24H_AGO" -v d2="$CURRENT_DATE" -v h1="$HOUR_24H_AGO" -v h2="$CURRENT_HOUR" '
-  {
-    line_date = $1 " " $2
-    line_hour = substr($3,1,2)
-    if (line_date == d1 && line_date != d2) {
-      if (line_hour >= h1) print $0
+get_recent_logs() {
+  local AUTHLOG=""
+  if [[ -f /var/log/auth.log ]]; then
+    AUTHLOG="/var/log/auth.log"
+  elif [[ -f /var/log/secure ]]; then
+    AUTHLOG="/var/log/secure"
+  fi
+
+  if [[ -n "$AUTHLOG" ]]; then
+    awk -v d1="$DATE_24H_AGO" -v d2="$CURRENT_DATE" -v h1="$HOUR_24H_AGO" -v h2="$CURRENT_HOUR" '
+    {
+      line_date = $1 " " $2
+      line_hour = substr($3,1,2)
+      if (line_date == d1 && line_date != d2) {
+        if (line_hour >= h1) print $0
+      }
+      else if (line_date == d2) {
+        if (line_hour <= h2) print $0
+      }
+      else if (line_date > d1 && line_date < d2) {
+        print $0
+      }
     }
-    else if (line_date == d2) {
-      if (line_hour <= h2) print $0
-    }
-    else if (line_date > d1 && line_date < d2) {
-      print $0
-    }
-  }
-  ' "$AUTHLOG"
+    ' "$AUTHLOG"
+  elif command -v journalctl &>/dev/null; then
+    journalctl -u ssh -u sshd --since "24 hours ago" --no-pager 2>/dev/null
+  fi
 }
 
 FAILED_IPS=""
 SUCCESS_IPS=""
-if [[ -n $AUTHLOG ]]; then
-  RECENT_LOG=$(extract_lines_24h)
-  FAILED_IPS=$(echo "$RECENT_LOG" | grep "Failed password" | awk '/from/ {print $(NF-3)}' | sort | uniq -c | sort -nr | head -n 10 | awk '{printf "%s: %s\n", $2, $1}')
-  SUCCESS_IPS=$(echo "$RECENT_LOG" | grep "Accepted password" | awk '/from/ {print $(NF-3)}' | sort | uniq -c | sort -nr | head -n 10 | awk '{printf "%s: %s\n", $2, $1}')
+
+RECENT_LOG=$(get_recent_logs)
+
+if [[ -n "$RECENT_LOG" ]]; then
+  # Ищем любые попытки ("Failed" и "Accepted") и корректно достаем IP (после слова "from")
+  FAILED_IPS=$(echo "$RECENT_LOG" | grep "Failed " | awk '{for(i=1;i<=NF;i++) if($i=="from") print $(i+1)}' | sort | uniq -c | sort -nr | head -n 10 | awk '{printf "%s: %s\n", $2, $1}')
+  SUCCESS_IPS=$(echo "$RECENT_LOG" | grep "Accepted " | awk '{for(i=1;i<=NF;i++) if($i=="from") print $(i+1)}' | sort | uniq -c | sort -nr | head -n 10 | awk '{printf "%s: %s\n", $2, $1}')
 fi
 
 echo -e "\n\n\n${BLUE}============ Состояние сервера ============${RESET}"
@@ -84,8 +92,14 @@ else
   echo "Нет успешных входов за 24 часа."
 fi
 
-echo -e "\n${GREEN}Вы успешно вошли как ${USER} с IP: $(echo $SSH_CONNECTION | awk '{print $1}')${RESET}"
+if [[ -n "$SSH_CONNECTION" ]]; then
+  CURRENT_IP=$(echo $SSH_CONNECTION | awk '{print $1}')
+  echo -e "\n${GREEN}Вы успешно вошли как ${USER} с IP: ${CURRENT_IP}${RESET}"
+else
+  echo -e "\n${GREEN}Вы успешно вошли как ${USER} (Локальный вход)${RESET}"
+fi
 echo -e "${BLUE}=============================================${RESET}"
+
 EOF
 
 chmod +x "$TARGET_PATH"