Shulou(Shulou.com)06/03 Report--

This article introduces the relevant knowledge of "common commands and common sense of Linux system operation and maintenance". In the operation of actual cases, many people will encounter such a dilemma, so let the editor lead you to learn how to deal with these situations. I hope you can read it carefully and be able to achieve something!

1 file management 2 software management 3 system management

4 Service Management 5 Network Management 6 disk Management

7 user management 8 scripts related 9 service configuration

= =

-

1 document management

-

Create a blank file

Touch

Do not prompt to delete a non-empty directory

Rm-rf directory name

(- r: recursively delete-f force)

# #

Restore rm deleted files (ext3)

View disk partition format

Df-T

Unmount

Umount / data/

Ext3grep / dev/sdb1-ls-inode 2

Record information continue to find inode information of files in the directory

Ext3grep / dev/sdb1-- ls-- inode 131081 # this is inode

Record the inode information and start the recovery directory

Ext3grep / dev/sdb1-restore-inode 49153

# #

Windows text to linux text

Dos2unix

Linux text to windows text

Unix2dos

Transcoding

Iconv-f gbk-t utf8 original .txt > new .txt

View md5 valu

Md5sum

Hard link

Ln

Symbolic connection

Ln-s

View the page up and down and display the line number

Cat? | nl | less

Q exit

End statu

Ctrl+z

View the beginning of the file

Head

View the end of the file

Tail-f # monitoring log files

Check the file type

File

Rename

Rename

Rename source_pattern target_pattern source_files

Change default permissions

Umask

Sort by number

Sort-n

Flashback by number

Sort-nr

Filter duplicate rows

Sort-u

Delete duplicate lines

Uniq

Number of repeated row occurrences

Uniq-c

Show only lines that do not repeat

Uniq-u

Merge two files and separate them with tab key

Paste a b

Merge two files and separate the specified'+ 'symbol.

Paste-dudes'a b

Merge multiple rows of data into one row and separate them with the tab key

Paste-s a

Set hidden properties

Chattr [+-=] [ASacdistu] file or directory

Downward splitter

More

Search

Locate string

View number of rows

Wc-l

View the newly changed files in a directory in real time

Watch-d-n 1 'df; ls-FlAt / path'

Quickly back up a file

Cp filename {, .bak}

# #

Configuration Editor

Gconf-editor

Vi profile

Vi / etc/vimrc

Edit a file

Vim

Open the line number

: set nu

Cancel the line number

: set nonu

Jump to 200

200G

Unhighlight

: nohl

Set automatic indentation

: set autoindent

View text formatting

Set ff

Change to unix format

Set binary

Turn the page forward

Ctrl+ U

Turn the page backwards

Ctrl+ D

Replace all

G / character 1/s// character 2Universe g

% s / character 1 / character 2Unig

# ordinary users cannot save documents when they open them

# tee is a gadget that saves stdin to a file, and%, which is the name of a read-only register in vim, is always saved when

Edit the file path of the file before

W! sudo tee%

# #

Find by file name

Find / etc-name http

Find a certain type of file

Find. -type f

Find by file permissions

Find /-perm

Search according to the file owner

Find /-user

Find the file by the group to which the file belongs

Find /-group

The use time of the file is within N days

Find /-atime-n

The file usage time is N days ago.

Find /-atime + n

The change time of the file content is less than N days.

Find /-mtime-n

The file content was changed N days ago.

Find /-mtime + n

The file status was changed N days ago.

Find /-ctime + n

File status change time within N days

Find /-ctime-n

# linux file has no creation time

# Access usage time

# Modify content modification time

# Change status change time (permission, owner)

Find files with a file length greater than 1m bytes

Find /-size + 1000000c-print

Find the file by name and pass the command to-exec

Find / etc-name "passwd*"-exec grep "xuesong" {}\

Find the file name, not the path

Find. -name'tasking'- exec basename {}\

# #

=

-

2 Software management

-

Unpack tar

Tar xvf 1.tar-C directory

Package tar

Tar-cvf 1.tar *

View tar

Tar tvf 1.tar

Append files to tar

Tar-rvf 1.tar file name

Unpack gz

Tar zxvpf gz.tar.gz

Package gz

Tar zcvpf gz.tar.gz

View gz

Tar ztvpf gz.tar.gz

Decompress bzip2

Bzip2-dv 1.tar.bz2

Extract gzip to tar

Gzip-dv 1.tar.gz

Compress tar to gz

Gzip-v 1.tar

Bzip2 compression

Bzip2-v 1.tar

View bzip2

Bzcat

Rpm installation

Rpm-ivh

Unloading

Rpm-e lynx

Forced unloading

Rpm-e lynx-- nodeps

test

Rpm-test lynx

View all installed rpm packages

Rpm-qa

Find out if the package is installed

Rpm-qa | grep http

Decompress zip

Unzip zip.zip

Compressed zip

Zip zip.zip *

Rar3.6 download address

Https://cache.yisu.com/upload/information/20210312/310/132911.jpg

Extract the rar package

Unrar x rar.rar

7z compression

7z a 7z.7z *

7z decompression

7z e 7z.7z

View character lines

Zgrep character 1.gz

Package / home, / etc, but exclude / home/dmtsai

Tar-- exclude / home/dmtsai-zcvf myfile.tar.gz / home/* / etc

In / home, files that are newer than 2005-06-01 are backed up.

Tar-N "2005-06-01"-zcvf home.tar.gz / home

download

Wgetrc

Text on the Internet

Lynx

Make a mirror image

Cp-v / dev/dvd / software/rhel4.6.iso9660

Clear compilation results

Make clean

Source code installation

. / configure-- help | less

. / configure-- prefix=/usr/local/

Make

Make install

Perl program compilation

Perl Makefile.PL

Make

Make test

Make install

Perl program compilation

Python file.py

Compile c program

Gcc-g hello.c-o hello

=

-

3 system management

-

Terminal lock screen Ctrl+S

Unlock screen Ctrl+Q

PS1 environment variable controls prompt display

PS1=' [\ u @\ H\ w\ A\ @ #]\ $'

Boot mode

Vi / etc/inittab

Find the directory of the command

Whereis

View the path of the current command to be executed

Which

Let the department command run in the background

Command &

Put the foreground in the background (pause)

Ctrl+z

View the background running program

Jobs

Start the background pause process

Bg 2

Back to the background process

Fg 2

Background operation is not affected by shell exit

Nohup cmd &

Clear the entire screen

Clear

Reinitialize the screen

Reset

Query used commands default to 1000

History

Record the command clearly

History-c

Cat / root/.bash_history

View the information of logged-in users

Last

Last-n user

Who / var/log/wtmp

List information about users who failed to log in to the system

Lastb-a

/ var/log/btmp

Firewall log

Tail-f / var/log/messages

Ssh log

Tail-f / var/log/secure

Randomly generate passwords

Mkpasswd

-l digits-C size-c lowercase-d digits-s special characters

Mkpasswd-l 8-C 2-c 2-d 4-s 0

Current online users

Who

W

View current user name

Whoami

View login user name

Logname

Show monthly calendar

Cal

View server startup time

Uptime

Set a date

Date-s 20091112

Set the time

Date-s 18:30:50

Synchronization time

/ usr/sbin/ntpdate stdtime.gov.hk

Date 7 days ago

`date-d "7 days ago" +% Y% m% d`

Date format conversion

`date +% Y-%m-%d-d '20110902`

Date and time

Date +% Y-%m-%d_%X

View time

Hwclock

Account shadow file

/ etc/shadow

List all language families

Locale-a

Modify language

LANG=en

Modify the code

Vi / etc/sysconfig/i18n

Utf-8 GBK

Mandatory character set

Export LC_ALL=C

Query static hostname

Vi / etc/hosts

Maximum connection

/ etc/security/limits.conf

Grub Boot Startup item addition

/ etc/grub.conf

Title ms-dos

Rootnoverify (hd0,0)

Chainloader + 1

Alias

Alias

Monitoring command

Watch

View Linux version information

Uname-a

Cat / proc/version

Cat / etc/issue

Lsb_release-a

View cpu information

More / proc/cpuinfo

View cpu models and number of logical cores

Cat / proc/cpuinfo | grep name | cut-f2-d: | uniq-c

Number of digits that cpu is running

Getconf LONG_BIT

Number of physical cpu

Cat / proc/cpuinfo | grep physical | uniq-c

64 bits are supported when the result is greater than 0.

Cat / proc/cpuinfo | grep flags | grep'lm'| wc-l

Check if cpu supports virtualization

Cat / proc/cpuinfo | grep flags

Pae supports paravirtualization Intel VT supports full virtualization

View memory information

More / proc/meminfo

View comprehensive hardware information

Dmidecode

View server model

Dmidecode | grep "Product Name"

View soft raid information

Cat / proc/mdstat

View hard raid information

Cat / proc/scsi/scsi

View hardware information

Lspci

Check if raid is supported

Lspci | grep RAID

Display boot information

Dmesg

Process tree

Pstree

Report virtual memory statistics 9 times every other second

Vmstat 1 9

Increase the priority of process 180 by one.

Renice + 1 180

Terminate a PID process

Kill-9 PID

Designated to execute at 5:00 in the afternoon after three days / bin/ls

At 5pm + 3 days / bin/ls

Edit cycle task

Crontab-e

Minutes, hours, days, months, weeks, commands or scripts.

01 1-3 jump 2 * command or script

Write commands directly to periodic tasks

Echo "40 7 * * 2 / root/sh" > > / var/spool/cron/root

View automatic periodic tasks

Crontab-l

Delete automatic periodic task

Crontab-r

Prohibit or allow users to use periodic tasks

Cron.deny and cron.allow

Start the automatic periodic service

Service crond start | stop | restart | status >

Whether a port is open

Netstat-anlp | grep port number

View monitoring

Netstat-anlp

Sudo command permissions add

Visudo

User alias (available all) = NOPASSWD: command 1, command 2

Wangming linuxfan=NOPASSWD:/sbin/apache start,/sbin/apache restart

UserName ALL= (ALL) ALL

Make patches

Diff suzu.c suzu2.c > sz.patch

Install the patch

Patch suzu.c

< sz.patch 显示打开指定文件的所有进程 lsof 文件 查看端口的进程 lsof -i :32768 显示消耗内存最多的10 个运行中的进程，以内存使用量排序.cpu +3 ps aux |grep -v USER | sort -nk +4 | tail 查看内核模块 lsmod yum 扩展源 http://download.fedoraproject.org/pub/epel wget http://download.fedoraproject.org/pub/epel/5/i386/epel-release-5-4.noarch.rpm rpm -Uvh epel-release-5-4.noarch.rpm 升级所有包版本,依赖关系，系统版本内核都升级 yum -y update 升级指定的软件包 yum -y update 软件包名 不改变软件设置更新软件，系统版本升级，内核不改变 yum -y upgrade yum 搜索相关包 yum search mail 会改变配置文件,改变旧的依赖关系，改变系统版本 dist-upgrade 编辑启动项 /boot/grub/grub.conf 开机启动脚本顺序 /etc/profile /etc/profile.d/*.sb ~/bash_profile ~/.bashrc /etc/bashrc -------------------------------------------------------------------- top 前五行是系统整体的统计信息。 第一行是任务队列信息，同uptime 命令的执行结果。其内容如下： 01:06:48 当前时间 up 1:22 系统运行时间，格式为时:分 1 user 当前登录用户数 load average: 0.06, 0.60, 0.48 系统负载，即任务队列的平均长度。 三个数值分别为1 分钟、5 分钟、15 分钟前到现在的平均值。 第二、三行为进程和CPU 的信息。当有多个CPU 时，这些内容可能会超过两行。内容如下： Tasks: 29 total 进程总数 1 running 正在运行的进程数 28 sleeping 睡眠的进程数 0 stopped 停止的进程数 0 zombie 僵尸进程数 Cpu(s): 0.3% us 用户空间占用CPU 百分比 1.0% sy 内核空间占用CPU 百分比 0.0% ni 用户进程空间内改变过优先级的进程占用CPU 百分比 98.7% id 空闲CPU 百分比 0.0% wa 等待输入输出的CPU 时间百分比 0.0% hi 0.0% si 最后两行为内存信息。内容如下： Mem: 191272k total 物理内存总量 173656k used 使用的物理内存总量 17616k free 空闲内存总量 22052k buffers 用作内核缓存的内存量 Swap: 192772k total 交换区总量 0k used 使用的交换区总量 192772k free 空闲交换区总量 123988k cached 缓冲的交换区总量。 内存中的内容被换出到交换区，而后又被换入到内存，但使用过的交换区尚未被覆盖， 该数值即为这些内容已存在于内存中的交换区的大小。 相应的内存再次被换出时可不必再对交换区写入。 进程信息区 统计信息区域的下方显示了各个进程的详细信息。首先来认识一下各列的含义。 序号列名含义 a PID 进程id b PPID 父进程id c RUSER Real user name d UID 进程所有者的用户id e USER 进程所有者的用户名 f GROUP 进程所有者的组名 g TTY 启动进程的终端名。不是从终端启动的进程则显示为? h PR 优先级 i NI nice 值。负值表示高优先级，正值表示低优先级 j P 最后使用的CPU，仅在多CPU 环境下有意义 k %CPU 上次更新到现在的CPU 时间占用百分比 l TIME 进程使用的CPU 时间总计，单位秒 m TIME+ 进程使用的CPU 时间总计，单位1/100 秒 n %MEM 进程使用的物理内存百分比 o VIRT 进程使用的虚拟内存总量，单位kb。VIRT=SWAP+RES p SWAP 进程使用的虚拟内存中，被换出的大小，单位kb。 q RES 进程使用的、未被换出的物理内存大小，单位kb。RES=CODE+DATA r CODE 可执行代码占用的物理内存大小，单位kb s DATA 可执行代码以外的部分(数据段+栈)占用的物理内存大小，单位kb t SHR 共享内存大小，单位kb u nFLT 页面错误次数 v nDRT 最后一次写入到现在，被修改过的页面数。 w S 进程状态。 D=不可中断的睡眠状态 R=运行 S=睡眠 T=跟踪/停止 Z=僵尸进程 x COMMAND 命令名/命令行 y WCHAN 若该进程在睡眠，则显示睡眠中的系统函数名 z Flags 任务标志，参考sched.h ################################## iptables 内建三个表：nat mangle 和filter filter 预设规则表，有INPUT、FORWARD 和OUTPUT 三个规则链 INPUT 进入 FORWARD 转发 OUTPUT 出去 ACCEPT 将封包放行 REJECT 拦阻该封包 DROP 丢弃封包不予处理 -A 在所选择的链(INPUT 等)末添加一条或更多规则 -D 删除一条 -E 修改 -p tcp、udp、icmp 0 相当于所有all !取反 -P 设置缺省策略(与所有链都不匹配强制使用此策略) -s IP/掩码(IP/24) 主机名、网络名和清楚的IP 地址!取反 -j 目标跳转，立即决定包的命运的专用内建目标 -i 进入的（网络）接口[名称] eth0 -o 输出接口[名称] -m 模块 --sport 源端口 --dport 目标端口 #配置文件 vi /etc/sysconfig/iptables #将防火墙中的规则条目清除掉 iptables -F #注意:iptables -P INPUT ACCEPT #导入防火墙规则 iptables-restore /proc/sys/net/ipv4/ip_forward ################################## #允许本地回环 iptables -A INPUT -s 127.0.0.1 -p tcp -j ACCEPT #允许已建立的或相关连的通行 iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT #开放对外访问 iptables -P OUTPUT ACCEPT #指定某端口针对IP 开放 iptables -A INPUT -s 192.168.10.37 -p tcp --dport 22 -j ACCEPT #允许的IP 或IP 段访问 iptables -A INPUT -s 192.168.10.37 -p tcp -j ACCEPT #开放对外开放端口 iptables -A INPUT -p tcp --dport 80 -j ACCEPT #关闭入口 iptables -P INPUT DROP #关闭转发 iptables -P FORWARD DROP ################################## iptables 规则文件 # Generated by iptables-save v1.2.11 on Fri Feb 9 12:10:37 2007 *filter :INPUT DROP [637:58967] :FORWARD DROP [0:0] :OUTPUT ACCEPT [5091:1301533] #允许的IP 或IP 段访问 -A INPUT -s 127.0.0.1 -p tcp -j ACCEPT -A INPUT -s 192.168.0.0/255.255.0.0 -p tcp -j ACCEPT #开放对外开放端口 -A INPUT -p tcp --dport 80 -j ACCEPT #指定某端口针对IP 开放 -A INPUT -s 192.168.10.37 -p tcp --dport 22 -j ACCEPT #拒绝所有协议(INPUT 允许的情况) #-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,URG RST -j DROP # 允许已建立的或相关连的通行 iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT #拒绝ping -A INPUT -p tcp -m tcp -j REJECT --reject-with icmp-port-unreachable COMMIT # Completed on Fri Feb 9 12:10:37 2007 ################################## 常用实例 #允许在IP 访问指定端口 iptables -A INPUT -s 192.168.62.1 -p tcp --dport 22 -j ACCEPT #禁止使用某端口 iptables -A INPUT -p tcp --dport 22 -j DROP iptables -A INPUT -p tcp --dport 31 -j REJECT #禁止QQ 端口 iptables -D FORWARD -p udp --dport 8000 -j REJECT #禁止icmp 端口 #除192.168.62.1 外，禁止其它人ping 我的主机 iptables -A INPUT -i eth0 -s 192.168.62.1/32 -p icmp -m icmp --icmp-type 8 -j ACCEPT iptables -A INPUT -i eth0 -p icmp -m icmp --icmp-type 8 -j DROP #其它情况不允许 iptables -A INPUT -i eth0 -j DROP #禁止指定IP 访问 iptables -A INPUT -p tcp -s IP -j DROP #禁止指定IP 访问端口 iptables -A INPUT -p tcp -s IP --dport port -j DROP #阻止所有没有经过你系统授权的TCP 连接 iptables -t filter -A INPUT -i eth0 -p tcp --syn -j DROP #添加网段转发 iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -j MASQUERADE #IP 包流量限制 iptables -A INPUT -f -m limit --limit 100/s --limit-burst 100 -j ACCEPT iptables -A INPUT -i eth0 -p icmp -j DROP #端口映射 iptables -t nat -A PREROUTING -i eth0 -p tcp -s 192.168.62.0/24 --dport 80 -j REDIRECT --to-ports 3128 #列出某规则链中的所有规则 iptables -L INPUT #删除某个规则链,不加规则链，清除所有非内建的 iptables -X allowed #将封包计数器归零 iptables -Z INPUT #定义新的规则链 iptables -N allowed #定义过滤政策 iptables -P INPUT DROP #修改某自订规则链的名称 iptables -E allowed disallowed #比对通讯协议类型是否相符 #-p ! tcp 排除tcp 以外的udp、icmp。-p all 所有类型 iptables -A INPUT -p tcp #比对封包的来源IP #192.168.0.0/24 ! 反向对比 iptables -A INPUT -s 192.168.1.1 #比对封包的目的地IP iptables -A INPUT -d 192.168.1.1 #比对封包是从哪片网卡进入 #eth+表示所有的网卡 iptables -A INPUT -i eth0 #比对封包要从哪片网卡送出 iptables -A FORWARD -o eth0 #比对某段时间内封包的平均流量 #例子是用来比对：每小时平均流量是否超过一次3 个封包。除了每小时平均次外，也可以每 秒钟、每分钟或每天平均一次，默认值为每小时平均一次，参数如后： /second、/minute、/day。 除了进行封数量的比对外，设定这个参数也会在条件达成时，暂停封包的比对动作，以避免因 骇客使用洪水攻击法，导致服务被阻断。 iptables -A INPUT -m limit --limit 3/hour #比对瞬间大量封包的数量 #例子是用来比对一次同时涌入的封包是否超过5 个(这是默认值)，超过此上限的封包将被直 接丢弃。使用效果同上。 iptables -A INPUT -m limit --limit-burst 5 #比对来自本机的封包 #是否为某特定使用者所产生的，这样可以避免服务器使用root 或其它身分将敏感数据传送出， 可以降低系统被骇的损失。可惜这个功能无法比对出来自其它主机的封包。 iptables -A OUTPUT -m owner --uid-owner 500 #比对来自本机的封包 iptables -A OUTPUT -m owner --gid-owner 0 iptables -A OUTPUT -m owner --pid-owner 78 iptables -A OUTPUT -m owner --sid-owner 100 #用来比对联机状态 iptables -A INPUT -m state --state RELATED,ESTABLISHED 联机状态共有四种：INVALID、ESTABLISHED、NEW 和RELATED。 #-j 参数指定进行的处理动作，处理动作包括： ACCEPT、REJECT、DROP、REDIRECT、 MASQUERADE、LOG、DNAT、SNAT、MIRROR、QUEUE、RETURN、MARK,说明： iptables -A FORWARD -p TCP --dport 22 -j REJECT --reject-with tcp-reset #可以传送的封包有几个选择：ICMP port-unreachable、ICMP echo-reply 或是tcp-reset REDIRECT 将封包重新导向到另一个端口(PNAT) iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-ports 8080 MASQUERADE 改写封包来源IP 为防火墙NIC IP iptables -t nat -A POSTROUTING -p TCP -j MASQUERADE --to-ports 1024-31000 LOG 将封包相关讯息纪录在/var/log 中 iptables -A INPUT -p tcp -j LOG --log-prefix "INPUT packets" SNAT 改写封包来源IP 为某特定IP 或IP 范围 iptables -t nat -A POSTROUTING -p tcp-o eth0 -j SNAT --to-source 194.236.50.155-194.236.50.160:1024-32000 DNAT 改写封包目的地IP 为某特定IP 或IP 范围 iptables -t nat -A PREROUTING -p tcp -d 15.45.23.67 --dport 80 -j DNAT --to-destination 192.168.1.1-192.168.1.10:80-100 MIRROR 镜射封包 QUEUE 中断过滤程序 RETURN 结束在目前规则炼中的过滤程序 MARK 将封包标上某个代号 ################################## iptables 配置实例 允许某段IP 访问任何端口 iptables -A INPUT -s 192.168.0.3/24 -p tcp -j ACCEPT 设定预设规则(拒绝所有的数据包，再允许需要的,如只做WEB 服务器.还是推荐三个链都是 DROP) iptables -P INPUT DROP iptables -P FORWARD DROP iptables -P OUTPUT ACCEPT (注:意直接设置这三条完已经掉线了) 开启22 端口 iptables -A INPUT -p tcp --dport 22 -j ACCEPT 如果OUTPUT 设置成DROP 的，要写上下面一条 iptables -A OUTPUT -p tcp --sport 22 -j ACCEPT (注:,不写导致无法SSH.其他的端口一样,OUTPUT 设置成DROP 的话,也要添加一条链) 如果开启了web 服务器,OUTPUT 设置成DROP 的话,同样也要添加一条链 iptables -A OUTPUT -p tcp --sport 80 -j ACCEPT 做WEB 服务器,开启80 端口,其他同理 iptables -A INPUT -p tcp --dport 80 -j ACCEPT 做邮件服务器,开启25,110 端口 iptables -A INPUT -p tcp --dport 110 -j ACCEPT iptables -A INPUT -p tcp --dport 25 -j ACCEPT 允许icmp 包通过,允许ping iptables -A OUTPUT -p icmp -j ACCEPT (OUTPUT 设置成DROP 的话) iptables -A INPUT -p icmp -j ACCEPT (INPUT 设置成DROP 的话) 允许loopback!(不然会导致DNS 无法正常关闭等问题) IPTABLES -A INPUT -i lo -p all -j ACCEPT (如果是INPUT DROP) IPTABLES -A OUTPUT -o lo -p all -j ACCEPT(如果是OUTPUT DROP) ==================================================================== ---------------------------------- 4 服务管理 ---------------------------------- 启动sendmail 服务 ./sendmail start /etc/init.d/sendmail start 关闭sendmail 服务 ./sendmail stop 查看sendmail 服务当前状态 ./sendmail status 发送邮件 echo 内容| /bin/mail -s "标题" 收件箱 打开服务列表需要打* ntsysv 让某个服务不自动启动35 指的是运行级别 httpd：chkconfig --level 35 httpd off 让某个服务自动启动 httpd：chkconfig --level 35 httpd on 查看所有服务的启动状态 chkconfig --list 查看某个服务的启动状态 chkconfig --list |grep httpd 查看服务的状态 chkconfig --list [服务名称] 设置非独立服务启状态 chkconfig 服务名on|off|set 开启mysql 后台运行 /usr/local/mysql/bin/mysqld_safe --user=mysql & 开机启动执行 vi /etc/rc.d/rc.local 开机启动和关机关闭服务连接 /etc/rc.d/rc3.d/S55sshd # S 开机start K 关机stop 55 级别后跟服务名 ln -s -f /usr/local/httpd/bin/apachectl /etc/rc.d/rc3.d/S15httpd ==================================================================== ---------------------------------- 5 网络管理 ---------------------------------- ################################## 本机网络配置文件 vi /etc/sysconfig/network-scripts/ifcfg-eth0 DEVICE=eth0 BOOTPROTO=none BROADCAST=192.168.1.255 HWADDR=00:0C:29:3F:E1:EA IPADDR=192.168.1.55 NETMASK=255.255.255.0 NETWORK=192.168.1.0 ONBOOT=yes TYPE=Ethernet GATEWAY=192.168.1.1 ################################## 增加逻辑IP 地址 ifconfig eth0:0 192.168.1.221 netmask 255.255.255.0 查看路由表 route 添加路由表 route add default gw 192.168.1.1 dev eth0 设置DNS vi /etc/resolv.conf 禁用网卡 ifconfig eth0 down 启用网卡 ifconfig eth0 up ifup eth0:0 up 测试跳数 traceroute www.baidu.com (linux) tracert www.baidu.com (windows) 根据IP 和主机最大数计算掩码 ipcalc -m "$ip" -p "$num" 用wget 的递归方式下载整个网站 wget --random-wait -r -p -e robots=off -U Mozilla www.example.com 通过DNS 来读取Wikipedia 的hacker 词条 dig +short txt hacker.wp.dg.cx host -t txt hacker.wp.dg.cx rz ssh 小文件上传 sz ssh 小文件下载 从linux ssh 登录另一台linux ssh -p 22 wang@192.168.1.209 利用ssh 操作远程主机 ssh -p 22 root@192.168.1.209 环境变量中脚本 把本地文件拷贝到远程主机 scp -P 22 文件root@ip:/目录 ssh 连接不提示yes ssh -o StrictHostKeyChecking=no 192.168.70.130 把远程指定文件拷贝到本地 scp root@192.168.1.209:远程目录本地目录 通过SSH 挂载远程主机上的文件夹 sshfs name@server:/path/to/folder /path/to/mount/point 卸载的话使用fusermount 命令 fusermount -u /path/to/mount/point 用DIFF 对比远程文件跟本地文件 ssh user@host cat /path/to/remotefile | diff /path/to/localfile - 用SSH 创建端口转发通道 ssh -N -L2001:remotehost:80 user@somemachine 嵌套使用SSH ssh -t host_A ssh host_B 密钥信任 ssh-keygen -t rsa vi 用户/.ssh/authorized_keys 远程关掉一台WINDOWS 机器 net rpc shutdown -I IP_ADDRESS -U username%password 禁ping echo 1 >

/ proc/sys/net/ipv4/icmp_echo_ignore_all

# #

First ping is scanning the host to open the port.

Nmap-PT 192.168.1.1-111l

Scan the kernel version of the system

Nmap-O 192.168.1.1

Scan the software version of the port

Nmap-sV 192.168.1.1-111l

Half-open scan (usually not logged)

Nmap-sS 192.168.1.1-111l

Windows scanning is not supported (determine whether it is windows)

Nmap-sF 192.168.1.1-111l

Nmap-sX 192.168.1.1-111l

Nmap-sN 192.168.1.1-111l

No ping scanning directly

Nmap-P0 192.168.1.1-111l

detailed information

Nmap-d 192.168.1.1-111l

Unable to find the real scanning host (hidden IP)

Nmap-D 192.168.1.1-111l

Port ran

Nmap-p 20-30, 139pm, 60000-

Indicates: scan ports 20 to 30, port 139 and all ports greater than 60000

Combined scan (no ping, software version, kernel version, details)

Nmap-P0-sV-O-v 192.168.30.251

# #

=

-

6 disk management

-

View hard disk capacity

Df-h

View disk partition format

Df-T

Modify a read-only file system to read and write

Mount-o remount,rw /

View volume label

E2label / dev/sda5

Create a volume label

E2label / dev/sda5 new-label

NTFS add volume label

Ntfslabel-v / dev/sda8 new-label

Transfer from ext2 partition to ext3 partition

Tune2fs-j / dev/sda

Format Partition

Mkfs-t ext3 / dev/hda3

Specify index block size

Mke2fs-b 2048 / dev/sda5

Repair the file system

Fsck-y / dev/sda6

View the information of the super block

Dumpe2fs-h / dev/sda5

View the current system support file system

Cat / proc/filesystems

Detect the status of hard disk

Smartctl-H / dev/sda

Detect hard disk information

Smartctl-I / dev/sda

Detect all information

Smartctl-a / dev/sda

Check the size of all files in the directory

Du-h directory

Displays the size of the subdirectories of the current directory

Du-h-max-depth=1

Mount the CD-ROM drive

Mount-t iso9660 / dev/dvd / mnt

Mount the image file

Mount-o loop / software/rhel4.6.iso / mnt/

# #

Disk grub boot entry addition

/ etc/grub.conf

Title ms-dos

Rootnoverify (hd0,0)

Chainloader + 1

# #

Establish a soft RAID1

The two hard disk partitions are the same, and the file type of the new partition is software RAID.

To create two, click raid to merge them into RAID1. The mount point here is the normal linux directory.

View raid working status

Cat / proc/mdstat

Both disks are booted with grub.

View

Cat / boot/grub/grub.conf

Grub

Root (hd0,0)

Setup (hd0)

Root (hd1,0)

Setup (hd1)

Modify grub startup item configuration file

Vi / boot/grub/grub.conf

Copy title CentOS to the last four lines

Paste it below and change it to the new hd1,0 you just added.

View partition

Sfdisk-d / dev/hda

Export the list of A disk partitions

Sfdisk-d / dev/hda > fq.hda

Import the partition list to the newly added hard drive

Sfdisk / dev/hdb

< fq.hda 恢复新挂载的硬盘分区 mdadm /dev/md1 -a /dev/hdb5 # raid5 可利用lvm 扩容 ################################## 新硬盘挂载 fdisk /dev/sdc p # 打印分区 d # 删除分区 n # 创建分区，（一块硬盘最多4 个主分区，扩展占一个主分区位置。p 主分区e 扩展） w # 保存退出 mkfs -t ext3 -L 卷标/dev/sdc1 # 格式化相应分区 mount /dev/sdc1 /mnt # 挂载 添加开机挂载分区 vi /etc/fstab 用卷标挂载 LABEL=/data /data ext3 defaults 1 2 用真实分区挂载 /dev/sdb1 /data4 ext3 defaults 1 2 第一个数字"1"该选项被"dump"命令使用来检查一个文件系统应该以多快频率进行转储，若不需 要转储就设置该字段为0 第二个数字"2"该字段被fsck 命令用来决定在启动时需要被扫描的文件系统的顺序，根文件系统 "/"对应该字段的值应该为1，其他文件系统应该为2。若该文件系统无需在启动时扫描则设置该 字段为0 ################################## ==================================================================== ---------------------------------- 7 用户管理 ---------------------------------- 建立用户 useradd xuesong 修改密码 passwd 用户 echo "xuesong" | passwd xuesong --stdin 查找用户显示信息 finger 添加组 groupadd 修改文件拥有者(R 递归) chown -R 修改所有者用户中包含点"." chown y\.li:mysql 修改用户组 chgrp 修改用户名 usermod -l 新用户名老用户名 修改用户所属组 usermod -g user group 修改用户家目录 usermod -d 目录-m 用户 将用户添加到附加组 usermod -G user group 删除帐号及家目录 userdel -r 指定组并不允许登录的用户 useradd -g www -M -s /sbin/nologin www 切换用户执行 su - user -c " #命令1 " ==================================================================== ---------------------------------- 8 脚本相关 ---------------------------------- ################################## 正则表达式 ^ 行首定位 $ 行为定位 . 匹配除换行符以外的任意字符 * 匹配0 或多个重复字符 + 重复一次或更多次 ? 重复零次或一次 [] 匹配一组中任意一个字符 [^] 匹配不在指定组内的字符 \ 用来转义元字符 \< 词首定位符(支持vi 和grep) \ 词尾定位符(支持vi 和grep) love\>

X\ {m\} repeat m times

X\ {m,\} repeat at least m times

X\ {mdirection n\} repeat at least m times no more than n times

X? Matches the capital letter X that appears zero or once.

X+ matches one or more letters X

(abc | def) + match A series of (at least one) abc or def;abc and def will match

\ d match any digit

\ d matches any single non-numeric character

\ w matches any single alphanumeric character. The synonym is [: alnum:]

\ s matches any blank character

\ b match the beginning or end of a word

[: alpha:] stands for all letters regardless of case

[: lower:] indicates lowercase letters

[: upper:] indicates uppercase letters

[: digit:] represents numeric characters

() the characters in parentheses are a group

# #

Basic process structure

If [$a = = $b]

Then

Echo "equals"

Else

Echo "not equal"

Fi

# #

Case $xs in

0) echo "0"

1) echo "1"

*) echo "other"

Esac

# #

Num=1

# while true is equivalent to while:

While [$num-lt 10]

Do

Echo $num

((num=$num+2))

Done

# #

Grep an a.txt | while read a

Do

Echo $a

Done

# #

W = `awk-F ":"'{print $1}'c`

For d in $w

Do

$d

Done

# #

For ((iSuppli fiel #) redirects standard output to the file file

Cmd > file 2 > & 1 # redirect standard output and standard error to the file file together

Cmd 2 > file # redirect standard errors to file files

Cmd 2 > > file # redirect standard error to file file (append)

Cmd > > file 2 > & 1 # redirect standard output and standard error together to the file file (append)

Cmd

< file >

The file2 # cmd command takes file file as stdin (standard input) and file2 file as standard

Quasi-output

Cat file # Open file in read-write mode

Cmd

< file cmd # 命令以file 文件作为stdin cmd &n # 使用系统调用dup (2) 复制文件描述符n 并把结果用作标准输出 UNIX tr "\r" "\n" unixfile UNIX ->

Mac

Tr "\ n"\ r" macfile

DOS-> UNIX

Microsoft DOS/Windows convention that each line of text ends with a carriage return character (\ r) followed by a newline character (\ n)

Tr-d "\ r" unixfile

UNIX-> DOS: in this case, you need to use awk because tr cannot insert two characters to replace one character

Awk'{print $0 "\ r"} 'dosfile

# #

Awk usage

\ b backspace

\ f Page change

\ nWrap

\ r enter

\ t Tab Tab

\ c stands for any other character

-F change FS value (delimiter)

~ match

= assignment

= = match

+ = overlay

[: alnum:] alphanumeric characters

[: alpha:] alphabetic character

[: cntrl:] control character

[: digit:] numeric character

[: graph:] non-white space characters (non-spaces, control characters, etc.)

[: lower:] lowercase letters

[: print:] is similar to [: graph:] but contains space characters

[: punct:] punctuation character

[: space:] all white space characters (newline, space, tab)

[: upper:] capital letters

[: xdigit:] hexadecimal number (0-9a-fA-F)

Built-in variable

The nth field of the current record, separated by FS

$0 complete input record

Number of ARGC command line arguments

The location of the current file on the ARGIND command line (starting at 0)

ARGV contains an array of command line arguments

CONVFMT digital conversion format (default is% .6g)

Associative array of ENVIRON environment variables

Description of the last system error in ERRNO

List of FIELDWIDTHS field widths (separated by spacebar)

FILENAME current file name

FNR is the same as NR, but relative to the current file

FS field delimiter (default is any space)

If IGNORECASE is true (that is, a non-zero value), a match that ignores case is performed.

Number of fields in the current record of NF (columns)

Current rows of NR

Output format of OFMT numbers (default is% .6g)

OFS output field delimiter (default is a space)

ORS output record delimiter (default is a newline character)

RLENGTH the length of the string matched by the match function

RS record delimiter (default is a newline character)

RSTART the first position of the string matched by the match function

The SUBSEP array subscript delimiter (default is / 034).

BEGIN is processed first (but without file parameters)

Processing at the end of END

[[: digit:] [: lower:]] numbers and lowercase letters (one character)

-F "[] + | [%] +" has more than one space or multiple% delimiters

[amurz] + multiple lowercase letters

[Amurz] stands for all uppercase and lowercase letters (aAbB...zZ)

[amurz] stands for all uppercase and lowercase letters (ab...z)

Print the matching to the line

Awk'/ Tom/' file

Print only if the third field value is less than 4000.

Awk'$3 $2)? $1: $2; print max} 'file

Awk'{print ($1 > $2)? "first row" $1: "second row" $2} 'e.txt

(parentheses represent if statement judgment "?" For then ":" for else)

Arithmetic operation (displayed if the product of the third field and the fourth field is greater than 500)

Awk'$3 * $4 > 500' file

Print lines between tom and suz

Awk'/ tom/,/suz/' file

Remove the first three lines

Awk'{$1 = "; $2 ="; $3 ="; print} 'a.sh

Assign the date value to d, set d to the array mon, and print the second element in the mon array

Awk 'BEGIN {"date" | getline d; split (dmemmon); print mon [2]}' file

Use spaces,:, and tabs Tab as delimiters

Awk-F'[:\ t]'{print $1 recording 2}'

Take the line below the keyword

Awk'/ keyword / {a=NR+2} a==NR {print}'

Reference variables in awk

A=22aa & & echo 88:99:44 | awk-F ":"'{print $1, "'" $a "'", $2meme 3}'

Specify type (% d digits,% s characters)

/ sbin/ifconfig | awk'{printf ("line% djin% s\ n", NR,$0)}'

Awk-v RS=#'NF {for (item1teri 50) print $1 "Too high";\

Else print "Range is OK"} 'file

Awk'{if ($6 > 50) {count++;print $3}\

Else {xylene 5; print $2}} 'file

Awk plus cycle

Awk'{I = 1; while (I = 0) {print $0J I}}'

Sub matches the string that matches the pattern for the first time, which is equivalent to sed's Unix.

Awk'{sub (/ Mac/, "Macintosh"); print} 'urfile

# replace Mac with Macintosh

Gsub matches all strings that match the pattern, which is equivalent to sed's Universe G'.

Awk'{sub (/ Mac/, "MacIntosh", $1); print} 'file

# replace Mac with Macintosh in the first domain

Processing sql statements

Cat 1.txt | awk-F "#"'{print "insert into user

(user,password,email) values ("1", "2", "3")\; "}" > > insert_1.txt

Reference external variables

Awk'{print "'" $a "", "" $b "}"

Write the array contents to a file in the END block

Awk-F:'{name [x +] = $1}; END {for (ionometer) fi} END {print a}'

# set a variable to start with 0, and if you encounter a value greater than that number, assign it to the variable until the end

Find the minimum value

Cat txt | awk 'BEGIN {aq11111} {if ($1)

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.