极光城

Linux服务器管理常用工具一览

系统管理:

  1. shell命令优先查找顺序:
    1. ./
    2. /usr/local/bin
    3. /usr/bin
    4. /bin
    5. /sbin
  2. 恢复模式:开机时按cms+R
  3. ps / kill: (ps快速参考)
    1. ps -e show all process by PID TTY name/command
    2. ps -ax : list all processes with a tty(x) 查看哪些tty在运行
    3. ps -au list user information
    4. ps -eLF 显示所有线程(上述方法不显示有些线程)
    5. kill [signal, -9/-SIGKILL by default] pid kill by pid
    6. pkill [-g pgrep ] name kill process by name
    7. killall name kill processed by name
    8. killall -u username
  4. renice:
    1. 调整优先级PRI,renice将一个offset加到PRI上,
    2. PRI越小则优先级越高。
  5. who: 查看活跃用户名|tty名|登录ip
  6. sshd:
    1. xos中,须修改 etc/ssh/sshd_config, 声明好密钥、协议、安全、连接数等。再将公钥添加到.ssh/known_hosts 否则每次都要新生成所有key,然后添加已知hosts
    2. 必须全名调用
  7. sudo -u root ‘cp xxx yyy’ 以root身份执行字符串命令
  8. mount: 查看磁盘挂载到哪里
  9. top:进程占用资源监控
  10. htop:top高级版
  11. iotop:带磁盘读写监控的top
  12. iostat:专门监控磁盘读写
  13. vmstat:虚拟内存用量存量
  14. isof:is_opened_file 列出所有被打开的文件资源
  15. tcpdump:监控TCP/IP包
  16. netstat:监控TCP/IP连接
    1. netstat -tlunp grep port 端口被谁占用
    2. tulnp:(tcp udp listen numeric program)
  17. iftop/nethogs:监控程序的网络吞吐,带宽占用用户与进程
  18. nstat 网络流量统计
  19. vnstat 高级版nstat
  20. psacct/acct:监控其他用户
  21. suricata:网络安全软件,OISF开源网络安全基金会开发
  22. ext3grep: rm * 恢复命令 mysql binlog
  23. write username tty 发送给user消息 crtl+D 或 ctrl+C 结束
  24. wall : write to all users on server
  25. rwall : write to all users on network [danger!]
  26. talk [user]: live chat with [user]
  27. lsb_release 查看发行版名称
  28. lspci
  29. lscpu
  30. Ctrl+Shift+C=复制,Ctrl+Shift+V=粘贴
  31. 编辑当前行的命令:
      • ctrl-w删除当前命令的一个单词,
      • ctrl-u删除到行首,ctrl-k删除行尾,
      • ctrl-a移动到行首,ctrl-e移动到行尾
      • ctrl-x ctrl-e 可以调用自己定义的编辑器来编辑当前命令行
  32. 控制任务前后台
    1. jobs 查看后台任务编号
    2. ctrl z 将任务暂停,回到bash
    3. fg $no 将no号任务放到前台
    4. bg $no 放到后台
    5. disown $no 将任务与session脱钩,关闭term后不会结束任务
    6. nohup 后台执行,不与term挂钩.
  33. 系统CPU 网络 硬盘监控:blog
  34. 进程功耗监控,笔记本功率监控:powertop
  35. file 命令判断so文件x64/32位数
  36. free -m 查看内存 MB单位 或者直接看文件: /proc/meminfo
  37. 文件夹合并:rsync remote synchronizer rsync -av src dst
  38. 根据文件编码类型恢复删除文件:foremost
  39. firewall-cmd : blog
  40. centos epel: 按格式将 epel.repo里面的baseurl换成镜像,然后解注释。
  41. gitlab 同版本才能迁移,升级方法 要逐个大版本升级。
  42. chattr: 更改文件夹、文件的细致读写删增改访问权限
    1. chattr +a 允许增加,不许删除
    2. chattr +i 不许任何修改,不许建立链接
    3. lsattr 查看这些细节属性
  43. xrandr: vnc改分辨率

shell语法:http://www.cnblogs.com/image-eye/archive/2011/08/20/2147015.html

  1. $1
  2. $@ param list Self_name Excluded
  3. $* param string Self_name Excluded
  4. $# param number Self_name Excluded
  5. $? last return value
  6. -a file exists.
  7. -b file exists and is a block special file.
  8. -c file exists and is a character special file.
  9. -d file exists and is a directory.
  10. -e file exists (just the same as -a).
  11. -f file exists and is a regular file.
  12. -g file exists and has its setgid(2) bit set.
  13. -G file exists and has the same group ID as this process.
  14. -k file exists and has its sticky bit set.
  15. -L file exists and is a symbolic link.
  16. -n string length is not zero.
  17. -o Named option is set on.
  18. -O file exists and is owned by the user ID of this process.
  19. -p file exists and is a first in, first out (FIFO) special file or named pipe.
  20. -r file exists and is readable by the current process.
  21. -s file exists and has a size greater than zero.
  22. -S file exists and is a socket.
  23. -t file descriptor number fildes is open and associated with a
  24. terminal device.
  25. -u file exists and has its setuid(2) bit set.
  26. -w file exists and is writable by the current process.
  27. -x file exists and is executable by the current process.
  28. -z string length is zero.
  29. bad interpreter 错误:由于windows文件上传到linux上导致的,在vim中: set ff=unix 然后保存即可解决。
  30. 重定向:0 input 1 output 2 err . echo ’sdf’>&1
  31. #> . script.sh 相当于 source script.sh
  32. 逻辑表达式
    1. and: -a if [xxx -a yyy]
    2. or: -o
    3. “str1”==”str2”
  33. 字符串:
  34. 字符串A包含B: if [[ $strA =~ $strB ]]
  35. init run-level: 0. halt
    1. single user
    2. multi user
    3. multi user with networking
    4. -
    5. level 3 with GUI
    6. reboot
  36. 数学运算:
    1. expr 5 * 6
    2. $[1+2]
    3. a=((a+1))
  37. 按行读取,防止行内空格分隔: cat xxx while read line ; do xxx ; done;

shell 判断条件:https://linuxacademy.com/blog/linux/conditions-in-bash-scripting-if-statements/ http://www.comptechdoc.org/os/linux/programming/script/linux_pgscripttest.html

shell快捷键:

    • Ctrl+A or Home: Go to the beginning of the line.
    • Ctrl+E or End: Go to the end of the line.
    • Alt+B: Go left (back) one word.
    • Ctrl+B: Go left (back) one character.
    • Alt+F: Go right (forward) one word.
    • Ctrl+F: Go right (forward) one character.
    • Ctrl+XX: Move between the beginning of the line and the current position of the cursor. This allows you to press Ctrl+XX to return to the start of the line, change something, and then press Ctrl+XX to go back to your original cursor position. To use this shortcut, hold the Ctrl key and tap the X key twice.
  8. 更多

vim:

  1. 多行复制:9,15 copy 16 或 :9,15 co 16
  2. 执行shell命令: :!command :!bash
  3. undo: u
  4. redo : Ctrl+r
  5. ?向上查找
  6. /字符串 全文查找,再输入/向下查找
  7. :colorschem darkblue/delek/elflord /usr/share/vim/vim72/colors/有各类配色方案名
  8. 配置放在.vimrc里
  9. set hlsearch (high light search results)
  10. :noh 清除上次搜索的highlight
  11. 选择:v,选整行:V,Ctrl+v 矩形选取
  12. Cut(del):d Copy:y Paste:P/p 光标前/后插入
  13. Ctrl+N 自动E补全

make:

  1. make all VAR=value 可以直接向Makefile中定义变量,$(VAR)使用
  2. makefile 中,命令前加@符号,可不打印此命令本身,精简输出。
    • 符号可以抑制错误打印

编译与链接:

ar rcs fname *.o

ranlib 更新Lib符号表

编译选项 amd64 fPIC

strings 从二进制程序中查找字符串

nm 列出二进制文件的符号表(一般用于c语言库)

c++filt: c++和java编译时会给符号加Namespace和其他修饰,并二进制化符号名。该程序可将其解码,使其可读。

汇编语言编译器: nasm 和 as 或 gas。

nasm -f elf hello.asm

ld -m elf_i386 -s -o hello hello.o 链接器会按文件列出的顺序排列代码. -arch i386

普通的ld选项生成代码会从大致7kb位置编码非常讨厌,可以用 -r (merge objs only)让从0开始编码。如下

ld -static -r a.o b.o -o c.o

ld 的strip(精简header)功能被各种不支持了,sb么?

mac 反汇编 otool -tVj (j:print opcode)

gcc -m32(32bit) -o(out name) -c(obj,Don;t link)

MACOS下,若不指明目标平台,则全编译成Mac-O object格式,必须如下指定 target参数

  1. cc -m32 add.c -c -O0 -target i386 生成elf格式
  2. cc -m32 add.c -c -O0 -arch i386 不好使,生成mac-o格式

GNU-binutils有各种看二进制文件的工具比如:

MacOS上支持ELF的linux交叉编译器: [项目网址]

远程操纵:

rz 上传 escape binary y(overwrite)

sz 下载

ssh: -qNfD local_port remote_addr

  1. -D bind ssh with local socket port
  2. -q quiet mode
  3. -n direct stdin to /dev/null
  4. -N not exe any command
  5. -f background

UNIX BASICS :

https://www.cs.jhu.edu/~joanne/unix.html 常用命令,快捷键。

  1. find 命令:http://bbs.linuxtone.org/thread-1696-1-1.html在目录中查找文件内容:
  2. find ./ -xtype f -exec grep -in ‘passwd’ {} \;
  3. 让grep显示文件名:find ./ -xtype f -exec grep -Hin ‘passwd’ {} \;
  4. grep ‘patternRE’ files grep 'abc.*def'

判断系统类型 http://unix.stackexchange.com/questions/35183/how-do-i-identify-which-linux-distro-is-running 判断是否在screen里: $TERM 变量 判断是否在ssh里:查找 SSH_CLIENT or SSH_TTY is defined

本地程序:

python:

  1. py2 py3 区别:commands->subprocess
  2. osx linux 区别:osx-> bytes=str linux->bytes=bytes(str,encoding)
  3. get_attr() 可根据名字获得包内对象
  4. import(pkg ,fromlist=[‘xxx’])
    1. 该方法是为实现import语句而开发的。
    2. 当 fromlist 非空,模拟 from pkg import fromlist 返回pkg的最右包,因为import 语法要从最右包中逐个提取fromlist,在上下文中生成fromlist变量。
    3. 当 fromlist 为空,模拟 import pkg,直接返回pkg最左包 因为若你 import a.b.c ,调用时仍需全称a.b.c,所以仅将最左包添加进来即可。
  5. 用pydoc.locate() 能很好地达到(4)的效果,locate依赖safeimport()
  6. @classmethod 静态函数,访问静态成员变量
  7. @staticmethod 固态函数,仅借用类路径,不能访问类内成员
  8. request库很好用:www.python-requests.org
  9. 找包的安装位置: python -c “import numpy; print numpy.file

python目录相关:遍历、判断

  1. (当前目录名,当前目录下文件夹列表,当前目录文件列表)=os.walk()
  2. glob.glob( path + os.sep + ‘*’ ) 通配符
  3. 判断是否目录 os.path.isdir()
  4. 查看当前变量:dir() locals() globals()

bug相关:

git

  1. 远端仓库如果用git init建造,则会因为working tree有东西,而拒绝push
  2. 强制更新他需要修改.git/config. 加入:
  3. [receive]
  4. denyCurrentBranch = ignore
  5. 用git init - - bare 建造,则不会有此问题,因为bare库没有working dir,只有一个.git隐藏库
  6. 查看修改的message时间线: git log
    1. 文件修改历史 git log fname
    2. 文件修改diff历史 git log -p fname
  7. 查看文件差异 git diff:
    1. add暂存之前:git diff [fname]
    2. add之后:git diff –cached [fname]
    3. commit之间:git diff ffd09:fname ffd10:fname
  8. get some files from other branch:
    • git checkout other_branch file1 file2 file3
  9. show tree like branches: git log —graph —decorate —oneline
  10. fetch handful files from remote:
    1. git fetch
    2. git checkout origin/master - - file1 file2 file3
  11. git add -u : update tracked index according to working tree files not tracked will be ignored.
  12. merge:
  13. strategy:
    • when X Y have unique ancestor, do three way merge.
    • Otherwise, merge the ancestors A1 A2 Ax.. first, or recursively so.
  14. git submodule update –init –recursive 补救下载子模块
  15. git clone –recursive 顺便下载子模块
  16. git clone –depth 1 不下载历史纪录

MAC:

osx取消root保护模式:

  1. Reboot your Mac into Recovery Mode by restarting your computer and holding down Command+R until the Apple logo appears on your screen.
  2. Click Utilities > Terminal.
  3. In the Terminal window, type in csrutil disable and press Enter.
  4. Restart your Mac.

开机模式组合键:Apple

模式:Apple

单用户模式下挂载磁盘:需要加载签名白名单 stackoverflow 或者使用开发者模式:sudo nvram boot-args=”kext-dev-mode=1”

使用poweriso 写usb镜像 StackOverflow 用户名:nihao 序列号:SSS78-UDQST-4BG6I-4EGL6-3I89E

用Transmac写usb镜像 StackOverflow

共享终端:url

邀请方:kibitz -tty pts/3 root

asking root to type: kibitz -3723

接收方:kibitz -3723

该终端实际上运行在邀请方的进程中

路由:

服务机修改/etc/sysctl.conf 开启ip转发:http://www.ducea.com/2006/08/01/how-to-enable-ip-forwarding-in-linux/ 客户机 ifconfig eno1 10…. netmask 255… 使得两者同网段 https://www.howtogeek.com/118337/stupid-geek-tricks-change-your-ip-address-from-the-command-line-in-linux/ 客户机 route add default gw 服务机ip http://www.cnblogs.com/dongzhiquan/archive/2012/12/26/2834904.html

修改dns: https://stackoverflow.com/questions/19432026/linux-how-do-i-edit-resolv-conf #

生成crt 或pem [https://www.akadia.com/services/ssh_test_certificate.html] 指定 -outform pem 可将crt转化为pem

CENTOS:

locale 语言设置错误, bash登录报错 cannot change locale no such file: 编辑 /etc/locale.conf 加入两行

LC_CTYPE=“zh_CN.UTF-8”
LC_ALL=“en_US.UTF-8"