【声明】声明本文部分材料来源网络,如有疑问请联系。
linux常用网址收集
Linux Documentation Project Guides
https://www.sourceware.org/autobook/
https://www.dotdeb.org/instructions/
系统配置
查看ubuntu的版本号
cat /etc/issue
linux下修改时间为上海时间[东8区]
mv /etc/localtime /etc/localtime.bak
cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
Ubuntu中用命令校正系统时间
sudo ntpdate 210.72.145.44
Linux socket接收缓冲区大小的配置:
/proc/sys/net/core/rmem_default
/proc/sys/net/core/rmem_max
/proc/net/udp, which is reporting used rcv buffer sizes, though.
/proc/net/dev 维护网卡数据接收情况
sysctl 设置linux系统参数
sysctl –a; 查询系统所有参数的配置
sysctl –w net.ipv4.tcp_max_syn_backlog=32000;设置同时可以连接的tcp套接字数
sysctl fs.file-max;查看系统范围内能打开的文件描述符数
如果在系统启动的时候,希望设置,需要在文件:/etc/sysctl.conf中配置。
Linux /etc/fstab文件的说明
这个文件是一个系统配置文件,主要记录了一些挂在文件的信息。当linux系统启动的时候,会读取这个文件,自动挂载。
如果在linux终端下面执行 cat /etc/fstab ,会显示这个文件的格式,如下:
<file system> <mount point> <type> <options> <dump> <pass>
一共有6个配置项,我们分别进行说明:
我们以挂载命令:mount -t nfs 192.168.40.211:/test/drbd/conf /test/etc_tms 进行说明。
<file system> : 需要挂在的设备文件,或者普通文件。比如 /dev/hda1 或者上面的192.168.40.211:/test/drbd/conf
<mount point>: 要选择的挂载点。
<type>:文件系统的类型,linux支持的文件系统类型有:adfs、befs、cifs、ext3、 ext2、ext、iso9660、kafs、minix、msdos、vfat、umsdos、proc、reiserfs、swap、 squashfs、nfs、hpfs、ncpfs、ntfs、affs、ufs。
<options>:设置选项,各个选项用逗号隔开。如下:
auto: 系统自动挂载,fstab默认就是这个选项
defaults: rw, suid, dev, exec, auto, nouser, and async.
noauto 开机不自动挂载
nouser 只有超级用户可以挂载
ro 按只读权限挂载
rw 按可读可写权限挂载
user 任何用户都可以挂载
请注意光驱和软驱只有在装有介质时才可以进行挂载,因此它是noauto
<dump>:一般填0
<pass>:一般填0
###在linux平台下,设置core dump文件生成的方法
1) 在终端中输入ulimit -c 如果结果为0,说明当程序崩溃时,系统并不能生成core dump。
2) 使用ulimit -c unlimited命令,开启core dump功能,并且不限制生成core dump文件的大小。
如果需要限制,加数字限制即可。ulimit - c 1024
3) 默认情况下,core dump生成的文件名为core,而且就在程序当前目录下。新的core会覆盖已存在的core。
通过修改/proc/sys/kernel /core_uses_pid文件,可以将进程的pid作为作为扩展名,
生成的core文件格式为core.xxx,其中xxx即为pid
4) 通过修改/proc/sys/kernel/core_pattern可以控制core文件保存位置和文件格式。例如:
将所有的core文件生成到/corefile目录下,文件名的格式为core-命令名-pid-时间戳
echo "/corefile/core-%e-%p-%t" > /proc/sys/kernel/core_pattern
修改Linux下最大open files 数
issue:
How do I set the maximum number of files allowed to be open on a system
Resolution:
The current setting for maximum number of open files can be viewed with the command:
ulimit -n
This number indicates the maximum number of files normal users (i.e. non-root) can have open in a single session.
Note that for the root user, ulimit -n will sometimes output 1024 even after following the procedure to increase the maximum number of open files.
This won’t effect root’s ability to open large numbers of files, as only normal users are bound by this value.
To increase the maximum number of open files beyond the default of 1024, two changes to the system may be necessary.
In these examples, we will increase the maximum number of open files to the arbitrary value of 2048.
All changes need to be made by the root user and users will need to log out and log back in before the changes will take effect.
-
Configure the system to accept the desired value for maximum number of open files Check the value in /proc/sys/fs/file-max to see if it is larger than the value needed for the maximum number of open files:
# cat /proc/sys/fs/file-max
If the value isn’t large enough, echo an appropriate number into the variable and add the change to /etc/sysctl.conf to make it persistent across reboots. If the number is already larger than the value you wish to use, skip to step 2.
# echo 2048 > /proc/sys/fs/file-max
and edit /etc/sysctl.conf to include the line:
fs.file-max = 2048
-
Set the value for maximum number of open files In the file /etc/security/limits.conf, below the commented line that reads
#
TCP 参数设置
Maximum number of connections are impacted by certain limits on both client & server sides,
albeit a little differently.
On the client side: Increase the ephermal port range,
and decrease the fin_timeout To find out the default values:
sysctl net.ipv4.ip_local_port_range
sysctl net.ipv4.tcp_fin_timeout
The ephermal port range defines the maximum number of outbound sockets a host can create from a particular I.P. address. The fin_timeout defines the minimum time these sockets will stay in TIME_WAIT state (unusable after being used once). Usual system defaults are:
net.ipv4.ip_local_port_range = 32768 61000
net.ipv4.tcp_fin_timeout = 60
This basically means your system cannot guarantee more than (61000 - 32768) / 60 = 470 sockets at any given time.
If you are not happy with that, you could begin with increasing the port_range.
Setting the range to 15000 61000 is pretty common these days.
You could further increase the availability by decreasing the fin_timeout.
Suppose you do both, you should see over 1500 outbound connections, more readily.
Added this in my edit:
The above should not be interpreted as the factors impacting system capability for making outbound connections / second. But rather these factors affect system’s ability to handle concurrent connections in a sustainable manner for large periods of activity.
Default Sysctl values on a typical linux box for tcp_tw_recycle & tcp_tw_reuse would be:
net.ipv4.tcp_tw_recycle = 0
net.ipv4.tcp_tw_reuse = 0
These do not allow a connection in wait state after use, and force them to last the complete time_wait cycle.
I recommend setting them to:
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_tw_reuse = 1
This allows fast cycling of sockets in time_wait state and re-using them. But before you do this change make sure that this does not conflict with the protocols that you would use for the application that needs these sockets.
On the Server Side: The net.core.somaxconn value has an important role.
It limits the maximum number of requests queued to a listen socket.
If you are sure of your server application’s capability, bump it up from default 128 to something like 128 to 1024.
Now you can take advantage of this increase by modifying the listen backlog variable in your application’s listen call, to an equal or higher integer.
txqueuelen parameter of your ethernet cards also have a role to play.
Default values are 1000, so bump them up to 5000 or even more if your system can handle it.
Similarly bump up the values for net.core.netdev_max_backlog and net.ipv4.tcp_max_syn_backlog.
Their default values are 1000 and 1024 respectively.
Now remember to start both your client and server side applications by increasing the FD ulimts, in the shell.
设置select 函数FD_SETSIZE
问:I want to increase FD_SETSIZE macro value for my system. Is there any way to increase FD_SETSIZE so select will not fail
答:Per the standards, there is no way to increase FD_SETSIZE.
Some programs and libraries (libevent comes to mind) try to work around this by allocating additional space for the fd_set object and passing values larger than FD_SETSIZE to the FD_* macros, but this is a very bad idea since robust implementations may perform bounds-checking on the argument and abort if it’s out of range.
I have an alternate solution that should always work (even though it’s not required to by the standards).
Instead of a single fd_set object, allocate an array of them large enough to hold the max fd you’ll need,
then use FD_SET(fd%FD_SETSIZE, &fds_array[fd/FD_SETSIZE]) etc. to access the set.
linux-shell-||,&&{},(),reg-命令执行顺序
&&
格式:命令1 && 命令2
作用:& &左边的命令(命令1)返回真(即返回0,成功被执行)后,& &右边的命令(命令2)才能够被执行。
例:
$ mv /apps/bin /apps/dev/bin && rm -r /apps/bin
说明:/apps/bin目录将会被移到/apps/dev/bin目录下,如果它没有被成功执行,就不会删除/apps/bin目录。
||
格式:命令1 || 命令2
作用:如果| |左边的命令(命令1)未执行成功,那么就执行| |右边的命令(命令2)
例:如果该脚本未执行成功,该s h e l l将结束。
$ comet month_end.txt || exit
用()和{ }将命令结合在一起
多个命令一起执行方法:
1)当前shell中执行一组命令,可以用命令分隔符隔开每一个命令,并把所有的命令用圆括号()括起来。
格式:
(命令1;命令2;. . .)
2)子Shell执行,把()换为{}
格式:{命令1;命令2;. . . }
注意:只有在{ }中所有命令的输出作为一个整体被重定向时,其中的命令才被放到子shell中执行,否则在当前s h e l l执行
综合
这些命令都是综合来用的。
例:
$comet month_end || (echo "Hello ,Comet did not work " | mail myself; exit)
如果该脚本执行失败了,先给自己发个邮件,然后再退出.
ubuntu进入单用户模式
(1) 开机重启,压键,进入下面界面
(2) 通过键盘上下光标键,选择第二项(recovery mode),然后按键,记住不是回车。
(3) 通过键盘上下光标键,选择第二项(kernel /boot/vmlinuz-2.6.24-24-server),然后按键,记住不是回车。
(4) 修改 ro single 为 rw single init=/bin/bash ,然后按’回车键’ , 按 ‘b’ 键,重新引导。
获取cpu cache line size
(1) /sys/devices/system/cpu/cpu0/cache/
This directory has a subdirectory for each level of cache. Each of those directories contains the following files:
coherency_line_size
level
number_of_sets
physical_line_partition
shared_cpu_list
shared_cpu_map
size
type
ways_of_associativity
coherency_line_size记录的就是cpu cache line size。
(2) sysconf (_SC_LEVEL1_DCACHE_LINESIZE)
(3) You can also get it from the command line using getconf:
$ getconf LEVEL1_DCACHE_LINESIZE
(4) intel cpu ,用cpuid指令,可以参考nginx源码。
基本工具的使用
2.1 利用鼠标,在linux终端进行文本选择,拷贝的技巧
If you highlight some text by holding down the left mouse button and
dragging the mouse over it (or double-clicking a word), it is copied into a buffer
maintained by X. Pressing the middle mouse button will cause the text to be
pasted at the cursor location
2.2 Shell操作,cd命令的技巧
Shortcut Result
cd Changes the working directory to your home directory.
cd - Changes the working directory to the previous working directory.
cd ~username Changes the working directory to the home directory of username.
For example, cd ~bob changes the directory
to the home directory of user bob.
2.3 awk
2.3.1 printf,格式化输出,类似c语言的printf的使用
2.3.2 strtonum 将字符串转换为数字
将16进制字符串,打印成十进制字符串转换为10进制整数:
str16 = “aabb0022”;
strtonum(“0x”str16);
2.3.3 split切分字符串
2.4 grep多个过滤条件
grep '<pattern_1>|<pattern_2>|...<pattern_N>'
2.5 tar 命令的使用
打包到test.tar文件:tar cvf test.tar ./test
解包test.tar到当前目录: tar xvf test.tar
打包到标准输出: tar cvf - ./test
将标准输入的包解包: tar xvf –
2.6 qemu-kvm shell虚拟机管理工具
virsh;提供了好多命令,virsh –help 可以查看具体的使用方法
虚拟机的镜像文件路径:/var/lib/libvirt/images
虚拟机的配置文件路径:/etc/libvirt/qemu
2.7 shell 函数
readlink:读一个符号链接的实体文件。
lsof : 列出所有打开的文件信息列表。
2.8 apt 管理软件包
apt-get install xxx 安装xxx
-d 仅下载
-f 强制安装
apt-get remove xxx 卸载xxx
apt-get update 更新软件信息数据库
apt-get upgrade 进行系统升级
apt-cache search 搜索软件包
apt-get source package 下载源码包,在source.list中必须有deb-src配置
2.9 dpkg包管理
dpkg -i | --install xxx.deb 安装deb软件包
dpkg -r | --remove xxx.deb 卸载已经安装的软件包
dpkg -r -P | --purge xxx.deb 连同配置文件一起删除
dpkg -I | -info xxx.deb 查看已经安装软件包信息
dpkg -L xxx.deb 查看已经安装deb包的详情
dpkg -l 查看系统中已安装软件包信息
dpkg-reconfigure xxx 重新配置软件包
dpkg-deb –x xxx.deb <dir> 抽取未安装软件包安装信息
dpkg-deb –X xxx.deb <dir> 抽取未安装软件包安装信息,并且显示
dpkg-deb –e xxx.deb 抽取包控制信息
dpkg-source -x filename.dsc 解压源码包,在source.list中必须有deb-src配置
dpkg-buildpackage -us -uc –rfakeroot 构建一个deb包
dpkg --get-selections > package_list 获取所有已经按照deb包列表,保存在package_list中
dpkg --set-selections < package_list 将package_list中deb列表,导入
apt-get dselect-upgrade 升级package_list中指定的软件包
dh_make -i -s -createorig 创建debian目录和,debian打包相关文件
2.10 lsof
查看打开的文件描述符个数。
lsof -p ``14724'';查看进程id为14724的进程打开的文件描述符
2.11 pidof
根据进程名称,查看进程id
root@VM-Ubuntu203001:/home/dts-pc2.0-rudp/src# pidof tang_dts
19224
root@VM-Ubuntu203001:/home/dts-pc2.0-rudp/src# ps aux |grep tang_dts
root 19224 0.5 3.8 951820 39936 ? Ssl Nov06 45:42 /tang/sbin/tang_dts start -c/var/run/tang/dts.conf
root 22028 0.0 0.0 1808 540 pts/4 R+ 17:12 0:00 grep tang_dts
root@VM-Ubuntu203001:/home/dts-pc2.0-rudp/src# pidof -x tang_dts
19224
root@VM-Ubuntu203001:/home/dts-pc2.0-rudp/src# pidof -s tang_dts
19224
2.12 dd
convert and copy a file
2.13 stat
查询文件信息。例如,
root@VM-Ubuntu203001:~/source/nginx-1.2.0# stat configure
2.14 mkfifo
创建一个fifo文件描述符
2.15 查看文件的inode号
root@VM-Ubuntu203001:~# ls –i
2.16 mount
root@VM-Ubuntu203001:/home# mount //查询系统的挂在文件系统
2.17 fdisk –l 查看系统的分区数
例如,
root@VM-Ubuntu203001:~/source/nginx-1.2.0# fdisk -l
2.18 ulimit
ulimit –a;查看系统所有限制信息
root@VM-Ubuntu203001:/var/log# ulimit -a
core file size (blocks, -c) 0
data seg size (kbytes, -d) unlimited
scheduling priority (-e) 0
file size (blocks, -f) unlimited
pending signals (-i) 8191
max locked memory (kbytes, -l) 32
max memory size (kbytes, -m) unlimited
open files (-n) 1024
pipe size (512 bytes, -p) 8
POSIX message queues (bytes, -q) 819200
real-time priority (-r) 0
stack size (kbytes, -s) 8192
cpu time (seconds, -t) unlimited
max user processes (-u) 8191
virtual memory (kbytes, -v) unlimited
file locks (-x) unlimited
可以根据后面括号中的选项,进行设置。如要设置open files
ulimit –n 4096
2.19 代码行统计工具sloccount
root@VM-Ubuntu203001:/home/rudp# sloccount src lib
2.20 linux进程间通信机制查询
Linux进程间通信由以下几部分发展而来:
早期UNIX进程间通信:包括管道、FIFO、信号。
基于System V的进程间通信:包括System V消息队列、System V信号灯(Semaphore)、System V共享内存。
基于Socket进程间通信。
基于POSIX进程间通信:包括POSIX消息队列、POSIX信号灯、POSIX共享内存。
Linux中,与IPC相关的命令包括:ipcs、ipcrm(释放IPC)、
IPCS命令是Linux下显示进程间通信设施状态的工具。
我们知道,系统进行进程间通信(IPC)的时候,
可用的方式包括信号量、共享内存、消息队列、管道、信号(signal)、套接字等形式[2]。
使用IPCS可以查看共享内存、信号量、消息队列的状态。
ipcs
ipcrm
2.21 netstat
usage: netstat [-veenNcCF] [<Af>] -r netstat {-V|--version|-h|--help}
netstat [-vnNcaeol] [<Socket> ...]
netstat { [-veenNac] -i | [-cnNe] -M | -s }
-r, --route display routing table
-i, --interfaces display interface table
-g, --groups display multicast group memberships
-s, --statistics display networking statistics (like SNMP)
-M, --masquerade display masqueraded connections
-v, --verbose be verbose
-n, --numeric don't resolve names
--numeric-hosts don't resolve host names
--numeric-ports don't resolve port names
--numeric-users don't resolve user names
-N, --symbolic resolve hardware names
-e, --extend display other/more information
-p, --programs display PID/Program name for sockets
-c, --continuous continuous listing
-l, --listening display listening server sockets
-a, --all, --listening display all sockets (default: connected)
-o, --timers display timers
-F, --fib display Forwarding Information Base (default)
-C, --cache display routing cache instead of FIB
2.21.1 The Art of Interpreting Netstat
Reading Netstat’s five-column output is something of an art. First, look at the Local Address column.
The results that appear there will typically be 0.0.0.0 or 127.0.0.1, or will show the IP address of one of your physical network-interface connections (e.g., NIC, modem).
If the application is bound to 0.0.0.0, the program is willing to accept connections coming from any interface.
If the application is bound for a specific IP address, the program will accept connections to that port only from that local interface.
The 127.0.0.1 address is the local loopback address,
which means that the applications will accept connections originating from only the local computer.
The 127.0.0.1 address is common for interprocess remote procedure call (RPC) communications and PDA connections.
You can typically count on the safety of any 127.0.0.1 connections because malicious software (malware) would never open just a local connection to itself.
Therefore, concentrate on the remaining connections.
Next, most people look at the state.
Any session in Listening mode shouldn’t have a remote IP address attached with it;
however, any session in Established mode (or other active state) should. Typically, the remote IP address will 127.0.0.1 or the address of some external computer.
Again, you can ignore the 127.0.0.1 connections, but you should analyze active sessions to remote IP addresses.
Are there any you didn’t expect? If so, tie the session to its process identifier (PID) and research the program.
Take note of the remote destination port number to see if you can tie it to a well-known protocol (e.g., HTTP).
When you look for malware, the ports to concentrate on are unexplained Established connections to remote Internet addresses, unexplained TCP ports in Listening mode, and unexplained UDP ports.
Many UDP ports have a twin entry in the TCP Listening mode because the application opening the port can use UDP or TCP, depending on the situation.
If a UDP port doesn’t have a matching TCP entry, research it.
If a UDP port does have a matching TCP entry, you can concentrate on the TCP port for your research.
2.21.2 netstat –s查看网络统计
netstat –su ; 查看udp网络统计信息
netstat –st; 查看tcp网络统计信息
2.21.3 netstat –rn 查看路由表
2.21.4 netstat –an 查看连接情况
2.21.5 netstat –i 查看网络接口信息
2.21.6 netstat –g 查看IGMP组信息
cat /proc/net/igmp
2.22 svn
2.22.1 svn log
查看提交记录
2.22.2 svn diff
比较工作拷贝和版本库
2.22.3 svn diff -r 3 rules.txt
比较工作拷贝和revision 3版本
2.22.4 svn diff -r 2:3 rules.txt
比较revision 2和revision 3版本
2.22.5 svn diff -c 3 rules.txt
与前一个修订版本比较更方便的办法是使用–change (-c)
2.22.6 svn cat -r 2 rules.txt
如果你只是希望检查一个过去的版本而不希望察看它们的区别,使用svn cat
2.22.7 svn checkout -r 1729
Checks out a new working copy at r1729…
2.22.8 svn update -r 1729
Updates an existing working copy to r1729
2.22.9 svn export
最后,如果你构建了一个版本,并且希望从Subversion打包文件,但是你不希望有讨厌的.svn目录,这时你可以导出版本
库的一部分文件而没有.svn目录。就像svn update和svn checkout,你也可以传递–revision选项给svn export:
$ svn export http://svn.example.com/svn/repos1 # Exports latest revision…
$ svn export http://svn.example.com/svn/repos1 -r 1729
# Exports revision r1729。部分SVN子命令相关内容讲解完毕。
2.22.10 svn mkdir urlpath/<dir name> -m “comments”
在svn库里创建一个目录
2.22.11 svn import urlpath/<dir name> -m “comments”
导入当前目录的文件到svn库
2.23 nload
查看网卡流量
2.24 sar
查看网卡数据统计,如:
sar –n dEV <统计时间间隔> <统计次数>
2.25 vmstat
查看进程执行情况
2.26 dstat
mpstat , vmstat,iostat ,sar等工具的工具集
2.27 sytemtap
2.28 autoconf工程设置gcov/lcov
1) ./configure CPPFLAGS="--coverage" LIBS="--coverage"
2) 编译工程,测试工程
3) 执行工程
4) lcov -d ../src -c -o bstest.info
5) genhtml -o test bstest.info
6) w3m index.html
2.29 zcat, zless, zmore, zgrep, zcmp, zdiff
查看gzip压缩的文件
2.30 gnuplot
gnuplot是一个画图工具,可以画一些曲线图。具有linux、windows版本。
配置文件示例:
# Gnuplot script file for plotting data in file "force.dat"
set terminal gif
set terminal gif size 16000,800
set autoscale # scale axes automatically
unset log # remove any log-scaling
unset label # remove any previous labels
unset key
set xtic 1000 # set xtics automatically
set ytic 3 # set ytics automatically
set title "RTT"
#set key 1,1
set xr [3678970:3698970]
set yr [0:200]
set grid "layerdefault"
plot 'dts_09261600.txt' using 7:3 title "Winsize" with linespoints lc rgb "green", \
'dts_09261600.txt' using 7:4 title "RTTMEAN" with linespoints lc rgb "red", \
'dts_09261600.txt' using 7:5 title "rtt" with linespoints lc rgb "blue"
2.31 ifconfig
2.31.1 to assign Multiple IP addresses to eth0
#!/usr/bin/env bash
# Assign the initial 'physical' address of the NIC
ifconfig eth1 192.168.1.1 netmask 255.255.255.0 &
ifconfig eth1 up
# assign 192.168.1.11 to eth1:1
ifconfig eth1:1 192.168.1.11 netmask 255.255.255.0 &
ifconfig eth1:1 up
# assign 192.168.1.12 to eth1:2
ifconfig eth1:2 192.168.1.12 netmask 255.255.255.0 &
ifconfig eth1:2 up
# assign 192.168.1.13 to eth1:3
ifconfig eth1:3 192.168.1.13 netmask 255.255.255.0 &
ifconfig eth1:3 up
2.32 ubuntu 域名配置解析服务器
1 /etc/resolv.conf
nameserver 192.168.1.2
nameserver 192.168.1.3
2 /etc/nsswitch.conf
hosts: files dns
2.33 linux memory buffer/cache
http://*.com/questions/6345020/linux-memory-buffer-vs-cache
2.34 ubuntu adduser
https://blog.csdn.net/longgeaisisi/article/details/78879119
http://tangmingjie2009.iteye.com/blog/2195452
https://askubuntu.com/questions/7477/how-can-i-add-a-new-user-as-sudoer-using-the-command-line
-
Add a normal user
$ sudo adduser
-
Add the new normal user as sudoer
$ sudo adduser sudo
2.35 unlink vs remove
https://*.com/questions/2192415/unlink-vs-remove-in-c
https://serverfault.com/questions/38816/what-is-the-difference-between-unlink-and-rm