When using the UNIX operating system, we often use a wide variety of issues, such as System suddenly slow speed, the system easy to panic or host with Terminal often panic, we often guess, is the hard disk space is too small, or memory I/O bottlenecks?, or a system of core parameters? then we should consider using system provides sar command to make an understanding of the system, the command is an important tool for system maintenance, primarily to help us learn the use of system resources, especially memory and CPU usage, is a UNIX system users should have one of the tools . .
The sar command line: a commonly used format.
sar [options] [-A] [-o file] t [n]. .
On the command line, n and t two parameters together define the sampling interval and the number of times, t is the sampling interval, you must have a parameter, where n is the number of sampling, is optional and the default value is 1,-o file indicates that the command result in a binary format stored in a file, the file is not a keyword here is the file name. Options for the command line options, the sar command options are many, the following common options: only list.
-A: the sum of all the reports. .
-U:CPU utilization.
-V: process, I node, files, and lock table state. .
-D: hard disk usage reports.
-R: do not use the memory pages and disk blocks. .
-G: serial i/o.
-B: buffer usage. .
-A: file read/write status.
-C: system calls the situation. .
-R: information on the activities of the process.
-Y: terminal equipment activities. .
-W: System exchange activities.
The following will illustrate. .
Example 1: using the command line to sar-u t n..
For example, sampling once every 60 seconds, 5 consecutive samples to observe the CPU usage, and sampling results in binary form into the current directory files zhou, the need to type the following command:. .
# sar -u -o zhou 60 5 。.
Screen:. .
SCO_SV scosysv 3。.2v5。.0。.5 i80386 10/01/2001。.
14:43:50% usr% sys% wio% idle (-u). .
14: 44: 50 0 1 4 94.
14:45:50 02493. .
14: 46: 50 0 2 2 96.
14:47:50 02593. .
14: 48: 50 0 2 2 96.
Average 0 2 4 94. .
In the show include:.
% Usr: CPU in user mode, the percentage of time. .
% Sys: CPU in the system mode, the percentage of time.
% Wio: CPU waiting for input and output completion percentage. .
% Idle: CPU idle time percentage.
In all of the shows, we should mainly pay attention to% wio and% idle,% wio value is too high, that there is the hard disk I / O bottlenecks,% idle value is high, that more idle CPU, if the% idle value is high but the system response slow There may be waiting for allocation of CPU memory, and you should increase the memory capacity. % Idle value of less than 10, if sustained, the system's CPU processing power is relatively low, indicating that the system resources need to be resolved is the most CPU. .
If you want to see the binary contents of zhou, you need to type the following command: sar.
# Sar-u-f zhou. .
Visible, the SAR command that can be real-time sampling, the sampling results of previous queries.
Example Two: Using the life-line sar-vtn. .
For example, a sample every 30 seconds at a time, continuous sampling 5 times, observe the State of the core table, type the following command:.
# Sar-v 30 5. .
Screen display:.
SCO_SV scosysv 3. .2 V5. .0. .5 I80386 10/01/2001. .
10:33:23 proc-sz ov inod-sz ov file-sz ov lock-sz (-v)。.
10:33:53 305 / 3210 1337/2764 0 1561/1706 0 40 / 128. .
10: 34: 23 308/321 1340/2764 0 0 0 37 1587/1706/128.
10:34:53 305 / 3210 1332/2764 0 1565/1706 036 / 128. .
10: 35: 23 308/321 1338/2764 0 0 0 37 1592/1706/128.
10:35:53 308 / 3210 1335/2764 0 1591/1706 037 / 128. .
Display includes:.
proc-sz: currently in use or distribution of the core in the process table entry number, from the core parameters MAX-PROC control. .
Inod-sz: current core that is in use or distribution of the inode table entries, from the core parameters.
MAX-INODE control. .
File-sz: current core that is in use or distribution of items in the file table, consists of core parameters MAX-FILE control.
ov: overflow the number of occurrences. .
Lock-sz: current core that is in use or distribution of record locking table entries, from the core parameter MAX-FLCKREC control.
Display format. .
Actual use of the table/table entries can be used.
Display that the core use of completely normal, three tables no overflow, no need to adjust the core parameters, if there is overflow, we must adjust the corresponding core parameters, the corresponding entry number will increase. .
Example 3: using the command line sar-d n t.
For example, sampling once every 30 seconds, 5 consecutive sampling, reporting equipment usage, need to type the following command:. .
# sar -d 30 5。.
Screen:. .
SCO_SV scosysv 3。.2v5。.0。.5 i80386 10/01/2001。.
11:06:43 device% busy avque r + w / s blks / s avwait avserv (-d). .
11:07:13 wd-0 1。.47 2。.75 4。.67 14。.73 5。.50 3。.14。.
11:07:43 wd-0 0. .43 18. .77 3. .07 8. .66 25. .11 1. .41. .
11:08:13 wd-0 0。.77 2。.78 2。.77 7。.26 4。.94 2。.77。.
11:08:43 wd-0 1. .10 11. .18 4. .10 11. .26 27. .32 2. .68. .
11:09:13 wd-0 1。.97 21。.78 5。.86 34。.06 69。.66 3。.35。.
Average wd-0 1. .15 12. .11 4. .09 15. .19 31. .12 2. .80. .
Display includes:.
device: sar command was monitoring the block device name. .
% Busy: the device is busy, the transfer request the percentage of the time.
avque: queue station is full, the average number of outstanding requests. .
R + s: w/per second delivered to the device or from a unit volume of outgoing data.
blks / s: the number of blocks transmitted per second, each 512 bytes. .
Avwait: queue filling up time transfer request wait queue idle average time.
avserv: The average time to complete the transfer request (ms). .
In the display of content, is the name of your hard disk wd-0,% busy value is smaller and instructions for handling the transfer request is valid too little time, file system, generally, the higher the value% busy, avque value lower, file system efficiency is high, if% busy and avque relatively high value, the hard disk transfer rate is too slow, you will need to adjust.
Example Four: Using the command line sar-btn. .
For example, a sample every 30 seconds at a time, continuous sampling 5 times, reports on the use of the buffer, type the following command:.
# Sar-b 30 5. .
Screen display:.
SCO_SV scosysv 3. .2 V5. .0. .5 I80386 10/01/2001. .
14:54:59 bread/s lread/s %rcache bwrit/s lwrit/s %wcache pread/s pwrit/s (-b)。.
14:55:29 01471005217800. .
14: 55: 59 5 186 0 100 0 0 25 79.
14:56:29 4232988588600. .
14: 56: 59 0 125 100 0 0 5 23 76.
14:57:29 0891004126600. .
Average 1 156 99 5 28 80 0 0 。.
Show covers:. .
Bread/s per second from the hard disk is read into the system buffer buffer of physical blocks.
lread / s: the average per second from the system buffer to read out the logic blocks. .
% Rcache: buffer cache in the logical read percentage.
bwrit / s: the average per second from the system buffer written to the physical disk blocks. .
Lwrit/s: average seconds to write to the system buffer logic blocks.
% Wcache: in the buffer cache in the percentage of logical read. .
Pread/s: average requests per second the number of physical reads.
pwrit / s: the average number of times per second written request for the physical. .
In the displayed content, and most importantly% cache and% wcache two columns, their values reflect the efficiency of a buffer,% rcache value is less than 90 or% wcache values less than 65, should be appropriately increase the number of system buffer, buffer number consists of core parameters NBUF, around 90% rcache,% wcache reaches 80%. But how many of the buffer parameter values affect the efficiency and increase the I/O buffer should be large memory, system efficiency has improved . .
Example 5: using the command line sar-n g t..
For example, sampling once every 30 seconds, 5 consecutive samples, the report serial I / O operation conditions, please type the following command:. .
# sar -g 30 5。.
Screen:. .
SCO_SV scosysv 3。.2v5。.0。.5 i80386 11/22/2001。.
17:07:03 ovsiohw / s ovsiodma / s ovclist / s (-g). .
17: 07: 33.0.0.0.00.00.00.
17:08:03 0. .00 0. .00 0. .00. .
17: 08: 33.0.0.0.00.00.00.
17:09:03 0. .00 0. .00 0. .00. .
17: 09: 33.0.0.0.00.00.00.
Average 0. .00 0. .00 0. .00. .
Display includes:.
ovsiohw / s: per second in the serial I / O hardware overflow occurs. .
Ovsiodma/s: serial I/O per second in the direct input and output channel cache overflow occurs.
ovclist / s: characters per second queue overflow occurs. .
In the displayed content, and each column's values are zero, indicating that sampling time, the system has not been serial I/O overflow behavior.
sar command, use a lot, and sometimes judge a problem and needs to combine several sar command to use, for example, suspect CPU bottlenecks can use sar-u and sar-q run, suspected of I / O bottlenecks, available sar-b, sar-u and sar-d view of the five cases cited above is only one part of interested friends try. .
IIS RedirectIn internet services manager, right click on the file or folder you wish to redirect Select the radio titled "a redirection to a URL"。. Enter the redirection page Check "The exact url entered above" and the "A permanent redirection for this resource" Click on 'Apply' Redirect in ColdFusion <. .cfheader statuscode="301" statustext="Moved permanently">。.
<.cfheader name="Location" value="http://www.new-url.com">
Redirect in PHP. .
Header( "HTTP/1.1 301 Moved Permanently" );
Header( "Location: http://www.new-url.com" );
?>Redirect in ASP。.
<%@ Language=VBScript %>
<%
Response.Status="301 Moved Permanently" Response.AddHeader "Location", " http://www.new-url.com"
>
Redirect in ASP .NETprivate void Page_Load (object sender, System.. EventArgs e). .
{。.
Response. . Status = "301 Moved Permanently";. .
Response。.AddHeader("Location","http://www。.new-url。.com");。.
). .
Redirect Old domain to New domain (htaccess redirect)。.
Create a. . Htaccess file with the below code, it will ensure that all your directories and pages of your old domain will get correctly redirected to your new domain. .
The 。.htaccess file needs to be placed in the root directory of your old website (i。.e the same directory where your index file is placed) 。.
Options + FollowSymLinks. .
RewriteEngine on。.
RewriteRule (。.*) http://www. . Newdomain. . Com / $ 1 [R = 301, L]. .
Please REPLACE www。.newdomain。.com in the above code with your actual domain name。.
In addition to the redirect I would suggest that you contact every backlinking site to modify their backlink to point to your new website. .
Note* This 。.htaccess method of redirection works ONLY on Linux servers having the Apache Mod-Rewrite moduled enabled。.
Redirect to www (htaccess redirect). .
Create a 。.htaccess file with the below code, it will ensure that all requests coming in to domain。.com will get redirected to www。.domain。.com 。.
The. . Htaccess file needs to be placed in the root directory of your old website (i.. E the same directory where your index file is placed). .
Options +FollowSymlinks。.
RewriteEngine on. .
rewritecond %{http_host} ^domain。.com [nc]。.
rewriterule ^(。.*)$ http://www. . Domain. . Com / $ 1 [r = 301, nc]. .
Please REPLACE domain。.com and www。.newdomain。.com with your actual domain name。.
Note * This. . Htaccess method of redirection works ONLY on Linux servers having the Apache Mod-Rewrite moduled enabled. .
How to Redirect HTML。.
Please refer to section titled 'How to Redirect with htaccess', if your site is hosted on a Linux Server and 'IIS Redirect', if your site is hosted on a Windows Server. .
Create the destination folder (C:\cygwin or D:\cygwin as appropriate)。. Default permissions will be for administrators and SYSTEM only。. Add SERVER\Users with modify control to the list。. These permissions will be inherited to the rest of the folder as it is populated. . Create a directory to locally store the cygwin packages e. . G. . C: \ temp \ cygwinarchive. .Open a browser window to the following URL http://www。.cygwin。.com/setup。.exe and save the installation file setup。. exe to the archive directory just created (C: \ temp \ cygwinarchive in this example) Double click on the downloaded cygwin setup program. . The current version is 2. .510. .2. .2 (February 3rd, 2006). .Click 'Next' and answer the prompts : Leave default "install from internet" Install to root directory c:\cygwin leave default "install for all users" leave default text file type "unix / binary" Set local package directory to c:\temp\cygwinarchive (the directory created in step 2 above) . . This should be the default. . Leave the default "direct connection" Select a mirror (any of the ones with starting with http://mirror in the name). . The package list will be downloaded. .The 'Select Packages' window can be stretched。. Click on the plus sign to expand the categories。. Install at least the following list of packages。. From Admin, select all packages。. From Archive, select unzip and zip packages. . From Base, leave the default, select all packages. . From Doc, leave the default, man and 'cygwin doc' packages. . From Editors, select vim package. .From Net, select openssh (openssl will get checked automatically), rsync and tcp_wrappers packages。. When you've selected these packages, click 'Next'。. The installation tells you which packages it is installing as it progresses. . Uncheck 'Create desktop icon'. . Leave default 'Add to start menu'. . Click 'Finish'. .A post install script runs a few final commands。. Then you should see a message saying 'Installation complete'。. Click 'OK'。.
Edit C: \ cygwin \ cygwin. . Bat. . Make sure it contains these lines - you will need to add the line setting the CYGWIN environment variable. . @ Echo off. .
set CYGWIN=binmode tty ntsec。.
C:. .
chdir \cygwin\bin。.
bash - login-i. .
Test cygwin to make sure it works。. Start, Programs, Cygnus Solutions, Cygwin Bash Shell - should get a command window with a prompt saying 'Administrator@servername'。. This is a bash shell and you can use unix or DOS / NT type commands e. . G. .'ls /bin' to see the cygwin bin directory 'dir c:' to see the contents of the C: directory Type "control d" or "logout" to exit the shell。.
If you get a message saying 'cannot create / home / userid', run this command from the cygwin window "mkpasswd-l> / etc / passwd". .
While you're in the cygwin shell window, run this command to change the mount prefix from "/cygdrive" to "/"。. mount -s --change-cygdrive-prefix /。.
Also, create a home directory where you can place user startup files. . The default location is the "Documents and Settings" folder. .Creating a /home directory and using the -p switch to assign the home directory when adding a new user keeps all the cygwin files under the c:\cygwin directory。. mkdir -p /home。.
Installing the SSH daemon serviceFrom a cygwin prompt (Start, All Programs, Cygwin?), Run ssh-host-config to create the service, set up the ssh host keys and create the sshd_config file in / etc /. .Note that 2 local users are created, one called sshd to handle privilege separation and one that is required on Windows 2003 called sshd_server that runs the service in order to use public key authentication . . You should see output like this: $ ssh-host-config. .
Generating /etc/ssh_host_key。.
Generating / etc / ssh_host_rsa_key. .
Generating /etc/ssh_host_dsa_key。.
Overwrite existing / etc / ssh_config file? (Yes / no) yes. .
Generating /etc/ssh_config file。.
Overwrite existing / etc / sshd_config file? (Yes / no) yes. .
Privilege separation is set to yes by default since OpenSSH 3。.3。.
However, this requires a non-privileged account called 'sshd'. .
For more info on privilege separation read。.
/ Usr / share / doc / openssh / README. . Privsep. .
Should privilege separation be used? (yes/no) yes。.
Warning: The following function requires administrator privileges!. .
Should this script create a local user 'sshd' on this machine? (yes/no) yes。.
Generating / etc / sshd_config file. .
Added ssh to C:\WINDOWS\system32\drivers\etc\services。.
Warning: The following functions require administrator privileges!. .
Do you want to install sshd as service?。.
(Say "no" if it's already installed as service) (yes / no) yes. .
You appear to be running Windows 2003 Server or later。. On 2003 and。.
later systems, it's not possible to use the LocalSystem account. .
if sshd should allow passwordless logon (e。. g。. public key authentication)。.
If you want to enable that functionality, it's required to create a new. .
account 'sshd_server' with special privileges, which is then used to run。.
the sshd service under. .
Should this script create a new local account 'sshd_server' which has。.
the required privileges? (yes / no) yes. .
Please enter a password for new user 'sshd_server'。. Please be sure that。.
this password matches the password rules given on your system. .
Entering no password will exit the configuration。. PASSWORD=xxxxxxx。.
User 'sshd_server' has been created with password 'xxxxxxxx'. .
If you change the password, please keep in mind to change the password。.
for the sshd service, too. .
Also keep in mind that the user sshd_server needs read permissions on all。.
users'. .ssh / authorized_keys file to allow public key authentication for. .
these users!。. (Re-)running ssh-user-config for each user will set the。.
required permissions correctly. .
Which value should the environment variable CYGWIN have when。.
sshd starts? It's recommended to set at least "ntsec" to be. .
able to change user context without password。.
Default is "ntsec". . CYGWIN = binmode ntsec tty. .
The service has been installed under sshd_server account。.
To start the service, call net start sshd 'or cygrunsrv-S sshd'. .
Host configuration finished。. Have fun!。.
You can start the service from the services MMC panel, or using either of the commands listed above ("net start sshd" or "cygrunsrv-S sshd"). .Generating public/private SSH keys for a userIf you need to generate ssh public and private keys for a user on this machine who will be uploading data or logging in to a remote machine, you will need to carry out this step . . Sign on as the user who needs the keys created. . They will automatically be in their home directory. . Run ssh-user-config to setup the ssh keys. .Create only an SSH2 RSA identity (use a null passphrase - just press return)。. Output should be similar to this : cygwinadmin@HICKORY ~。.
$ Ssh-user-config. .
Shall I create an SSH1 RSA identity file for you? (yes/no) no。.
Shall I create an SSH2 RSA identity file for you? (Yes / no) (yes / no) yes. .
Generating /home/pswander/。.ssh/id_rsa。.
Enter passphrase (empty for no passphrase): Press ENTER. .
Enter same passphrase again:Press ENTER。.
Do you want to use this identity to login to this machine? (Yes / no) yes. .
Shall I create an SSH2 DSA identity file for you? (yes/no) (yes/no) no。.
Configuration finished. . Have fun!. .
Update the file /home/userid/。.ssh/authorized_keys with any public keys from other users who you wish to be able to connect to this user's account。. Refer to this document for more information。. Make sure each entry you add is all on one line. . Make sure the service is running (state 4 = running) $ sc query sshd. .
SERVICE_NAME: sshd 。.
TYPE: 10 WIN32_OWN_PROCESS. .
STATE : 4 RUNNING 。.
(STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)). .
WIN32_EXIT_CODE : 0 (0x0)。.
SERVICE_EXIT_CODE: 0 (0x0). .
CHECKPOINT : 0x0。.
WAIT_HINT: 0x0. .
Test the service from the cygwin prompt using "ssh -v localhost"。. You will get challenged with the new host key and will have to enter your password as you connect。. You should see output like this: The authenticity of host 'localhost (127. .0. .0. .1)' Can't be established. .
RSA key fingerprint is 75:8a:67:20:0d:75:dd:06:64:04:d0:ac:23:c7:74:ba。.
Are you sure you want to continue connecting (yes / no)? Yes. .
Warning: Permanently added 'localhost' (RSA) to the list of known hosts。.
The last line is:. .
You are successfully logged in to this server!!!。.
Test the service from a remote host. . You can now update the authorized_keys file with the public key file from the user and host you want to connect from. .Then test your connection from that host by issuing the command "ssh userid@servername dir c:\" Adding and removing users from the passwd fileYou can add domain or local users using the mkpasswd command . . Test what would be added for a domain user with this command: mkpasswd-d domain_name-u joeuser. .
You can add an ads domain user to the passwd file and give him a home directory in /home with this command: mkpasswd -d ads -p /home -u kscully >>/etc/passwd。.
You can add local users using the-l switch instead of the-d switch. .Be careful not to use the -d domain_name switch without specifying a user or you will get entries for ALL doamin users in the passwd file。. Users can be removed and both users and groups can be updated by starting a cygwin shell and using vi to edit the / etc / passwd and / etc / group files. .Restricting SSH access to specific serversWorking on a netsh script to restrict access to specific servers。. cygrunsrv - install sshd - path '/ usr / sbin / sshd' - env 'PATH = / bin; / sbin' - env 'CYGWIN = ntsec tty'-a-D Switching the user who runs the serviceIn a normal installation, the ssh-host-config script creates a local user called sshd_server under whose credentials the ssh daemon runs。. This is fine for local shell access to the server and secure file transfers to and from the server, but it is not possible to access any network resources while the service is running under the local user account。. The solution is to run the service under a domain user account - one that has access to the shares or servers remote from the server running sshd。. In order to switch the service to run under a different user, these steps must be carried out: Open "Computer Management", open the Services tab, right click on the "Cygwin sshd" service and stop the service。. Right click on the "Cygwin sshd" service again and select properties。. Under the 'Log On' tab, switch the name of the account the service is running from "。. \ Sshd_server "to domain \ userid, where domain and userid correspond to a userid with access to the resources you require in the domain.. You will be prompted for this user's password..Open Control Panel -> Administratice Tools -> Local Security Settings -> Local Policies。. Then click on 'User Rights Assignment'。. Make sure the domain user you specified in step one is in the list for these 4 rights: Adjust memory quotas for a process Create a token object Log on as a service (already granted if you completed step 1) Replace a process level token Add the domain user to the local password file mkpasswd-d domain-u userid>> / etc / passwd。.
Change to ownership of the files required by the sshd service owner. . Open a cygwin bash session and run these commands for your userid $ chown userid / var / log / sshd. . Log. .
$ chown -R userid /var/empty。.
$ Chown userid / etc / ssh *. .
In the services tab again, right click on the 'Cygwin sshd' service and select 'start'。. Check the event log for a successful start, or for errors in case the service does not start successfully。.
In linux, we can own the NTP (Network Time Protocol) protocol through the network to its own system to keep accurate time. List of public time servers available from the following address to obtain:. .
http://ntp。.isc。.org/bin/view/Servers/NTPPoolServers。.
What is NTP. .
NTP is used to make the system and an accurate time source for time synchronization protocol. Recommended everyone to establish the network of at least one time server to synchronize the local time, so you can make in different systems and collect logs and administration easier.
Similarly, there are many free to use NTP client for Windows, you can use them to synchronize your system time windows. .
Download and install.
This article describes how to install a time server in AS4 (This also applies to redhat and fedora core of other versions), if you want to get the latest version of NTP, you can download the tar package to compile, just to introduce RPM install the NTP service software . .
AS4 with NTP version 4.2. .0, you can use the following command to see if you have already installed this package.
# Rpm-qa | grep ntp. .
ntp-4。.2。.0。.a。.20040617-4。.2。.
If you find that is not installed, please install the software from the CD. Execute the following command to install the RPM package NTP:. .
# rpm -ivh ntp-4。.2。.0。.a。.20040617-4。.2。.i386。.rpm。.
/ Etc / ntp. . Conf This is the NTP's main configuration file, which is used to synchronize the time you set the time server name or IP address, the following is the most basic to the Internet time synchronization configuration:. .
First define our favorite time server:.
server pool. . Ntp. . Org. .
Next, we set the above two servers, in this case we do not allow them to modify or check out our profile in the NTP server on Linux.
restrict default nomodify notrap noquery (the default in the configuration file existed). .
Next, set the allow access to our time server's client address, often these servers should be located within our own LAN. Note that the configuration has been removed in noquery:.
restrict 192. .168. .0. .0 Mask 255. .255. .255. .0 Notrust nomodify notrap. .
In the example above, the mask for the address extension is 255, so from .168.192.. .0 .1-.168.192. .0. .254 servers you can use our NTP server to synchronize the time.
Finally, and most important limitation is the default configuration to remove from your configuration file, otherwise it will cover all your configuration options, you will find if you do not delete the configuration, your time and your server will only communication. If ntp. . Conf has the following line, set it Notes (AS4 with the ntp default no):. .
# restrict default ignore。.
Save your configuration file, and then for each in your ntp. . Conf configured time servers in the implementation of two series query command:. .
# ntpdate pool。.ntp。.org。.
27 Jun 10:12:01 ntpdate [25475]: adjust time server pool. . Ntp. . Org offset -0. .127154 Sec. .
# ntpdate ntp。.research。.gov。.
27 Jun 10:12:06 ntpdate [25478]: adjust time server pool. . Ntp. . Org offset 0. .010008 Sec. .
Enable NTP process from the start.
In order to NTP services can start automatically when system boot, run:. .
# chkconfig ntpd on。.
Start / turn off / restart NTP command is:. .
# /etc/init。.d/ntpd start。.
# / Etc / init. .d / ntpd stop. .
# /etc/init。.d/ntpd restart。.
By default, we configure the NTP time source server does not go where the synchronization time, it must modify the / etc / ntp / step-tickers file, into our time source, so that each time through the / etc / init. .d / ntpd to start when the service will automatically update time. .
Keep in mind that each time you modify the configuration file will need to restart the service to allow configuration to take effect. You can use the following command to check the NTP service is started, you should be able to get a process ID number:.
# Pgrep ntpd. .
Check the time server to synchronize correctly.
Use the following command to check the time server synchronization status:. .
# ntpq -p。.
Output:. .
remote refid st t when poll reach delay offset jitter。.
================================================== ============================。 .
-jj。.cs。.umb。.edu gandalf。.sigmaso 3 u 95 1024 377 31。.681 -18。.549 1。.572。.
milo. . Mcs. . Anl. . Go ntp0. . Mcs. . Anl. . Go 2 u 818 1024 125 41. .993 -15. H.264 1. .392. .
-mailer1。.psc。.edu ntp1。.usno。.navy。. 2 u 972 1024 377 38。.206 19。.589 28。.028。.
-Dr-zaius. . Cs. . Wis ben. . Cs. . Wisc. . Edu 2 u 502 1024 357 55. .098 3. .979 0. .333. .
+taylor。.cs。.wisc。. ben。.cs。.wisc。.edu 2 u 454 1024 347 54。.127 3。.379 0。.047。.
-Ntp0. . Cis. . Strath harris. . Cc. . Strat 3 u 507 1024 377 115. .274 -5. .025 1. .642. .
*clock。.via。.net 。.GPS。. 1 u 426 1024 377 107。.424 -3。.018 2。.534。.
ntp1. . Conectiv. . C 0. .0. .0. .0 16 u - 1024 0 0. .000 0. .000 4000. .00. .
One can prove that the evidence is the synchronization of all the remote server's jitter value is 4000 and delay and reach value is 0.
remote refid st t when poll reach delay offset jitter. .
==============================================================================。.
LOCAL (0) LOCAL (0) 10 l - 64 7 0. .000 0. .000 0. .008. .
ntp-cup。.externa 0。.0。.0。.0 16 u - 64 0 0。.000 0。.000 4000。.00。.
snvl-smtp1. . Trim 0. .0. .0. .0 16 u - 64 0 0. .000 0. .000 4000. .00. .
nist1。.aol-ca。.tr 0。.0。.0。.0 16 u - 64 0 0。.000 0。.000 4000。.00。.
Possible reasons:. .
In the configuration file was not restrict default ignore. comment.
And the server has a firewall blocking the communication between. .
In addition, each time you restart the NTP server after about 3-5 minutes for the client to server connection to a normal distribution, otherwise you perform ntpdate ip will return:.
27 Jun 10:20:17 ntpdate [21920]: no server suitable for synchronization found. .
Configure the Linux client.
In the linux client can perform ntpdate ntp_server_ip unified LAN according to the time server time, the above command into cron 3:00 in the morning regularly, crontab-e and then enter. .
0 3 * * * /usr/sbin/ntpdate ntp_server_ip。.
Mysqldump to the MySQL database with data backup and recovery. .
The database backup is very important. If you regularly make a backup, in case of system crash data recovery to the last known state, reduce the losses to a minimum. MySQLl provides a mysqldump command, we can use it to make data backup, the following assumes that you want to back up the database: tm.
# Mysqldump-u root-p tm> tm_050519. . Sql. .
Follow the prompts to enter your password, this is all the tm database table structure and data to tm_050519. .sql, because you want to always make a backup of the work, if the data of the General Assembly occupies a large space, then you can use gzip compressed data, the commands are as follows:.
# Mysqldump-u root-p tm | gzip> tm_050519. . Sql. . Gz. .
System crashes, the reconstruction of the system, you can recover data like this:.
# Mysql-u root-p tm
Recovery from compressed files directly:.
# Gzip
In the Linux operating system, the root permissions is the highest, also called the owner of the Super privilege. Regular user cannot perform the operation, the root user will be able to complete, so called Super-Admin user.
In the system, each file, directory and processes, both under a single user, no user licenses of other normal users can not operate, but other than root. privileges of root user can also in the root than to any users and user groups to read the file or directory, modify, or delete (in the system within the limits of normal); of the executable program execution to terminate; on hardware devices Add, create, and removal; also can file and directory owners and permissions are modified to fit the needs of system management (because root is the highest authority the system privileged user);. .
First, the root user and a normal user understanding;.
1 What is the super-user;. .
All Linux systems, the system is through the UID to distinguish user permission level, and the UID of 0 users was agreed to have the Super privilege. Power users have in the system agreed by the highest authority in action, so full that power users can complete the system of management of all tools; we can be found by/etc/passwd UID to 0 if the user is root, and only root corresponds to the UID is 0, which from that point of view, the root user in the system are irreplaceable supremacy and unrestricted permissions. root user is super user in the system;. .
2. understand the UID and correspond to the user.
When the system is installed by default, the system user and UID of the relationship is one to one, meaning that a UID for each user.We know that the user identity is confirmed by UID to, the user (user) and groups (group) profile details "in the interpretation of the UID has to" UID is to confirm the identity of the user's permissions, a user logged on to the system's role is to achieve through the UID instead of the username; several users share one UID is dangerous, for example, we put the normal user UID to 0, and share a UID root, which in fact created a system to manage permissions to the confusion. If we want to use root privileges, you can su or sudo to achieve; must not allow a user and root freely sharing the same UID; "..
In the system, you can let the UID and user-to-many relationship is you can, for instance, we can put a UID of 0, this value is assigned to several users, this is the UID and user-to-many relationship. But this is indeed a bit dangerous; the same UID user have the same status and rights. For example we have in the system to beinan the ordinary user's UID to 0, the fact that ordinary users have a super-authority, his ability and competence, and as root user; user beinan all operations will be identified as the root of operation, because beinan the UID is 0, UID 0 user is root, is not it a little disturbing mouth? Can also be interpreted as the user UID 0 is root, root user's UID is 0;. .
The user's UID and one-to-one correspondence, only requests the administrator to conduct system administration, to adhere to the guidelines, because the system security or first. So let's put the Super privilege reserved for the root of this unique user is the best choice.
If we do not share the values of UID of 0 to other users, only the root user is the only UID = 0, then, root user is the only super-user privileges;. .
3. normal users and fake users.
And the super user is relatively common user and virtual (also known as masquerading users), general and camouflage users are limited user; However, to accomplish specific tasks, general users and camouflage the user is also necessary; Linux is a multi-user , multi-tasking operating system, multi-user is mainly reflected the diversity of the user's role, different users have different permissions assigned; it is Linux is more secure system than Windows essence, even now the latest version of Windows 2003, can not erase the stigma of its single-user system;. .
II. Super user (permissions) on the system management.
Super user privileges (UID 0 users) in the end play in the system management do? Mainly in the following two points;. .
1. on any file, directory, or process;.
It is noteworthy that this operation is the maximum permitted in the system within the scope of operation; some action is super root privileges can not be completed;. .
For example,/proc/proc directory is for response system running real-time status information, so even the root can do; it's permissions are as follows.
[Root @ localhost ~] # pwd. .
/root。.
[Root @ localhost ~] # cd /. .
[root@localhost /]# ls -ld /proc/。.
dr-xr-xr-x 134 root root 0 2005-10-27 / proc /. .
It is this directory, you can only read and execute permissions, but absolutely no write permissions; it means we have write permissions for the directory/proc open to root, root user also not able to write;.
[Root @ localhost ~] # chmod 755 / proc. .
[root@localhost /]# ls -ld /proc/。.
drwxr-xr-x 134 root root 0 2005-10-27 / proc /. .
[root@localhost /]# cd /proc/。.
[Root @ localhost proc] # mkdir testdir. .
Mkdir: unable to create directory ' testdir ': not the file or directory.
2, as far as overall system management systems;. .
Hardware management, file system understanding, user management, as well as the system global configuration, etc.. If you execute a command or tool, prompted no permissions are required to complete the Super privilege;.
For example use adduser to add users, this can only be used by super user privileges to complete;. .
3, Super permission of;.
As the super-rights in the system Guan Li Zhong important and indispensable role, the completion of system management Ren Wu Wei Liao, we have to use super-Quan Xian; in Yibanqingkuang Xia, for the system Anquan, Duiyu generally conventional level of Ying Yong, 不需要 来 Caozuo complete root user , root user is used to manage and maintain systems used; such as system log view, clean up, add and delete users. .
System management is not involved in the work environment, a normal user can complete, such as writing a file to listen to the music; a photo with gimp processing, etc.. Based on the normal application of the most common is called, the user can be completed;.
When we log general user rights, some system configuration and system management must be completed by super-user privileges, such as the management of the system log, add and delete users. But how can we not direct root login, but it can switch from normal user to root user can be operating under the management needs of the work, which involves the super-rights management issues;. .
Get the Super privilege is switch as a normal user to root; this process mainly through the su and sudo;.
Third, use the su command to switch user temporary;. .
1. applicable conditions of su and power.
su command to switch users is a tool, how to understand it? For instance, we beinan a regular user login, but add a user task, the implementation of useradd, beinan user does not have the authority and this authority precisely owned by the root. Solution can not have two, one out of beinan user and re-root user login, but this approach is not the best; Second, we do not need to quit beinan user, you can use su to switch to root to add users under work and other tasks to complete before exit root.We can see the course through su switch is a good way;.
By su in the user switch between the authority if the super-user root or a virtual user to switch to normal without a password, what is power? This is! Ordinary users to switch to any other user needs password authentication;. .
2. usage: su.
su [OPTION option argument] [user]. .
-,-L,--login to log in and change to the switch user environment;.
-C, - commmand = COMMAND execute a command, and then exit the switch to the user environment;. .
For more details, please refer to the su; man.
3, su example:. .
Su without any parameters, the default is to switch to root user, but does not go to the root user's home directory, that is to say at this point though is to switch to root user, but does not change the root login environment; a user's default login environment, can be found in the/etc/passwd, including the home directory, the SHELL definition, etc.;.
[Beinan @ localhost ~] $ su. .
Password:。.
[Root @ localhost beinan] # pwd. .
/home/beinan。.
su additional parameters - that the default switch to root user, and change to the root user's environment;. .
[beinan@localhost ~]?$ pwd。.
/ Home / beinan. .
[beinan@localhost ~]?$ su -。.
Password:. .
[root@localhost ~]# pwd。.
/ Root. .
Su parameter-name.
[Beinan @ localhost ~] $ su - root Note: This and su - is the same function;. .
Password:。.
[Root @ localhost ~] # pwd. .
/root。.
[Beinan @ localhost ~] $ su - linuxsir Note: This is the switch to the linuxsir user. .
Password: Note: enter the password here;.
[Linuxsir @ localhost ~] $ pwd Note: See user's current location;. .
/home/linuxsir。.
[Linuxsir @ localhost ~] $ id Note: See user's UID and GID information, mainly to see if switching back all;. .
uid=505(linuxsir) gid=502(linuxsir) groups=0(root),500(beinan),502(linuxsir)。.
[Linuxsir @ localhost ~] $. .
[Beinan @ localhost ~] $ su-c ls Note: this is a combination of parameters, su indicates that the switch to root user, root and change to the environment, and then lists the root home directory for the file, and then exit the root user;.
Password: Note: Enter root password;. .
anaconda-ks。.cfg Desktop install。.log install。.log。.syslog testgroup testgroupbeinan testgrouproot。.
[Beinan @ localhost ~] $ pwd Note: View the current user location;. .
/home/beinan。.
[Beinan @ localhost ~] $ id Note: View the current user information;. .
uid=500(beinan) gid=500(beinan) groups=500(beinan)。.
4, su advantages and disadvantages;. .
Su has been identified as the management convenience, by switching to root, be able to complete all of the systems management tool, as long as the root password to any one of the ordinary user, he will be able to switch to root to complete all of the system administration;.
However, switching to root by su post, but also insecurity; such system has 10 users, and all involved in the management. If 10 users are related to the use of super-competence, as the administrator If you want other users to su to switch to the super-authority root, root user password must be told that up to 10 users; if these 10 users have root privileges, through the root privileges can do anything, which to some extent on the security of the system caused Wei Association; think of Windows it was actually a nightmare;. .
"There are no security systems, only the person who" is not secure, we cannot guarantee that these 10 users can press the normal operating procedures to manage the system, any system operation of significant errors, this can cause a system crash or data loss.
So many people involved in su tool system management, not the best choice, su only applies to one or two people involved in the management of the system, after all, does not allow ordinary users su limited use;. .
The superuser root password should be in the hands of a small number of users, this is the truth! so centralization of existence or have a certain sense;.
4, sudo license to use su, also a restricted su. .
1. The applicable conditions; sudo.
As the su of the switch to the super-user root privileges, the privileges of unlimited sex, it can not serve more than su managed by the system administrator. If you use su to switch to super user to manage the system, which is also not clear what the administrator from the operation. Especially for server management with people involved in the management, the best technical expertise for each administrator and management of scope, and targeted delegated authority, and agree that the use of what tools to complete the associated work Then we have the need to use sudo. .
By sudo, we can put some super permission targeted decentralization, and does not require regular user to know the root password, so no relative to permissions sudo restrictive su, is relatively safe, sudo can also be called restricted sudo su; in addition is the need to license, so it is also called the licensing; su.
sudo the command of the process is the current user to switch to root (or other designated switch to the user), then root (or other designated switch to the user) as the command, executed, directly back to the current user; these The premise is through sudo configuration file / etc / sudoers to authorize;. .
2, from writing sudo configuration file/etc/sudoers;.
sudo configuration file is / etc / sudoers, we can use his special editing tools visodu, the benefits of this tool is to add the rules very accurate, save the exit will be prompted to give us an error message; configured, you can use the switch to your authorized users, through sudo-l to see what the command is executed or banned;. .
/Etc/sudoers file each line counts as a rule, preceded by a # sign can be deemed to be a description of the contents, and do not do; if a rule is very long, a column, you can use \ to continued row, so a rule can also have multiple rows.
/ Etc / sudoers rule can be divided into two categories; one is an alias definition, the other is authorized to rule; alias definitions are not required, but authorization rules is necessary;. .
3,/etc/sudoers profile alias rules.
Alias rules defined the following format:. .
Alias_Type NAME = item1, item2, 。.
Or. .
Alias_Type NAME = item1, item2, item3 : NAME = item4, item5。.
Alias type (Alias_Type): Alias types include the following four. .
Host_Alias define host alias.
User_Alias user alias, alias member can be a user, user group (the previous number to increase%). .
Runas_Alias used to define the runas alias, the alias specified purpose is "user", i.e. the sudo allows the switch to the user;.
Cmnd_Alias custom command aliases;. .
NAME is the alias, the naming is a NMAE uppercase letters, underscores and figures, but must begin with an uppercase letter, such as SYNADM, SYN_ADM or SYNAD0 is legitimate, sYNAMDA or 1SYNAD is not legal;.
item according to the Chinese translation of the project, where we can to members of an alias if there are multiple members, members and members, through the half-width, number separated; members must be valid and the facts exist.What is a valid? host name, for example, you can view the user through the w the hostname (or ip address), if you are a local machine operation, only through the hostname command; the user will be able to view the system exists in/etc/paswd must exist in order for a defined alias, members must also exist in the system that the file name (need an absolute path).
members by the alias item type Host_Alias, User_Alias, Runas_Alias, Cmnd_Alias constraints define what type of alias, there should be a member of what type of match.We define a host alias Host_Alias, members must be associated with a host of related, for example, is the host name (including the host name of the remote login), the ip address (an individual or entire paragraphs), the mask, and so on; when a user logs on, you can use the w command to view the logged-on user host information; use User_Alias, Runas_Alias defined and must be enclosed in the system user as defined by the members; Cmnd_Alias execute a command alias, you must be a system file, you can use the wildcard character indicates that the command when configuring Cmnd_Alias need an absolute path; . .
Which is somewhat similar to Runas_Alias and User_Alias, but definitely not with User_Alias, Runas_Alias with defined is one of the system the user can switch identities to sudo Runas_Alias of members; our authorization rules to explain; an instance.
Alias rule is a rule per line operator, if his party can not tolerate an alias rules, you can through the \ to continue trip; the same type alias definition, one can also define several aliases, among them using: No. separated. .
Host_Alias HT01 = localhost, st05, st04, 10, 0, 0, 4,255. .255. .255. .0, .1 .168.192.. .0/24 Note: define host alias HT01, =, list members.
Host_Alias HT02 = st09, st10 Note: The host alias HT02, has two members;. .
Host_Alias HT01 = localhost, st05, st04, 10, 0, 0, 4,255. .255. .255. .0, .1 .168.192.. .0/24: HT02 = st09, st10 Note: the above two definitions of the host, you can pass a, alias, segmentation between available:;.
Note: We define by Host_Alias host alias, the item can be host names, can be a single ip (ip address of the whole can), can also be a network mask; if the host name, must be multi-machine network, and these machines may communicate with each other through the host name to access it effectively. What exactly that communicate with each other through the host name or the visit? Such as ping host name, or by remote access host name to access. In our LAN, if the host name to access the computer through the communication must be set to / etc / hosts, / etc / resolv., But in .conf DNS resolve to do, or to communicate with the host name could not be adopted; in setting host aliases, if the item is an item in the words of the host name, you can use the hostname command to view the local hostname, search through the w command to log in to the host is the source, through the source to confirm other client's host name or ip address; the definition of the alias for the host, it looks a bit complicated, but actually is very simple.
If you do not understand Host_Alias how the matter can not set the host alias, the authorization rules defined by ALL to match all possible host situation. If you get to host more knowledge to understand, really need to learn. .
User_Alias SYSAD = beinan, linuxsir, bnnnb, lanhaitun Note: defining user aliases, there are four members; to actually exist in the system;.
User_Alias NETAD = beinan, bnnb Note: define the user alias NETAD, I want the alias of the user to manage the network, so take a NETAD alias;. .
User_Alias WEBMASTER = linuxsir Note: defining user alias WEBMASTER, I would like to use the alias of the user to manage the site;.
User_Alias SYSAD = beinan, linuxsir, bnnnb, lanhaitun: NETAD = beinan, bnnb: WEBMASTER = linuxsir Note: The above three lines of an alias definition can be achieved through this line, see the previous note, is not consistent? . .
Cmnd_Alias USERMAG=/usr/sbin/adduser,/usr/sbin/userdel,/usr/bin/passwd [A-Za-z]*,/bin/chown,/bin/chmod 。.
Note: members must be under the command alias is the absolute path of file or directory;. .
Cmnd_Alias DISKMAG=/sbin/fdisk,/sbin/parted。.
Cmnd_Alias NETMAG = / sbin / ifconfig, / etc / init. .d / network. .
Cmnd_Alias KILL = /usr/bin/kill。.
Cmnd_Alias PWMAG = / usr / sbin / reboot, / usr / sbin / halt. .
Cmnd_Alias SHELLS = /usr/bin/sh, /usr/bin/csh, /usr/bin/ksh, \。.
/ Usr / local / bin / tcsh, / usr / bin / rsh, \. .
/usr/local/bin/zsh。.
Note: This line defines the command alias a bit long, can \ No. off-line;. .
Cmnd_Alias SU = /usr/bin/su,/bin,/sbin,/usr/sbin,/usr/bin。.
In the example above, there KILL and PWMAG command alias definition, we can write into his party, which is equivalent to line;. .
Cmnd_Alias KILL =/usr/bin/kill: PWMAG =/usr/sbin/reboot,/usr/sbin/halt Note: this line represents a command alias KILL and PWMAG, KILL and alias definition PWMAG merge row write is also acceptable;.
Runas_Alias OP = root, operator. .
DBADM = Runas_Alias OP = root mysql:, operator Note: this line is above two lines of equivalence; as to how to understand, we must have Runas_Alias through an instance of the authorization rules; to understand.
4, / etc / sudoers in the authorization rules:. .
Authorization rules are assigned permissions to perform the rules, we talked about earlier defined aliases are primarily for the sake of easier licensing reference alias; if system few users actually delegated permissions more limited, can not defined alias, but the system directly authorized users directly, so the authorization rule alias and is not required;.
Authorization rules is not no chapter be found, we just say a little basic, simple wording, if you want to learn more about licensing rules written in, see man sudoers. .
Authorized user host = command actions.
These three elements are essential, but can also be specified in the action before the switch to a specific user, the switch where the user specified to use () of enclosed, if no password is required to run the command directly, and should add NOPASSWD: parameters However, these can be omitted; example;. .
Example 1:.
beinan ALL = / bin / chown, / bin / chmod. .
If we add this line/etc/sudoers, represents the beinan can any possible hostname of the system, you can switch to the root user to perform/bin/chown and/bin/chmod command, through sudo-l to see the beinan in this host allowed and an order prohibiting the operation.
It is worth noting here omitted under the specified user to switch to which the implementation of / bin / shown, and / bin / chmod command; in the case of omitted default is to switch to the root user executed; also omitted not need beinan User input validation code, if omitted, the default is a need to verify the password. .
For a more detailed description of these, we can construct a more complicated formulas;.
Authorized user host = [(switch to which users or user groups)] [the need for password authentication] command 1, [(switch to which users or user groups)] [the need for password authentication] [command 2], [(switch to which users or user groups)] [the need for password authentication] [command 3]. .
Note:.
All [] content, it can be omitted; command and command between the use, number separated; by this example, according to see what can be omitted, where the need for space;. .
In [(switch to which users or user groups)], if omitted, it defaults to the root user; if it is representative of ALL, you can switch to all users; notice to switch to the end user must be enclosed in (), such as the (ALL), (beinan).
Second instance:. .
beinan ALL=(root) /bin/chown, /bin/chmod。.
If we take the first instance of the line removed and replaced by this line; that is beinan may occur in any host name of the host, you can switch to the root under the implementation of / bin / chown, you can switch to any user move the implementation of / bin / chmod command through sudo-l to see beinan in this host is allowed to run the command and prohibition;. .
Example 3:.
beinan ALL = (root) NOPASSWD: / bin / chown, / bin / chmod. .
If you swap the examples? represents beinan can any possible host names for the host, you can switch to the root of implementation, no need to enter/bin/chown beinan user password; and you can switch to any of the user executing under implemented/bin/chmod chmod command, but you need to enter your own password beinan; via sudo-l to see the beinan in this host allowed and an order prohibiting the operation.
Action is not on a command requires a password, we can find the system in case of default user password is required, unless the Ortega that does not require the user to enter their password, so the implementation of the action before NOPASSWD: parameters;. .
Likely to have friends on system management commands do not really understand, I do not know its usage, which affected his understanding of the definition of the sudoers, below we cite one of the most simple, most compelling example.
Four examples:. .
For example, we want to use a normal user by more beinan/etc/shadow the contents of the file, you may receive the following situation.
[Beinan @ localhost ~] $ more / etc / shadow. .
/Etc/shadow: permission isn't enough.
Then we can use sudo more / etc / shadow to read the contents of the file; would need in the / etc / soduers in to beinan authorization;. .
So we can first su to the root user to be adopted under the visudo/etc/sudoers; (for example, we are taking the beinan user login system).
[Beinan @ localhost ~] $ su. .
Password: Note: enter the root password here.
The following run visodu;. .
[Root @ localhost beinan] # visudo Note: run visudo by/etc/sudoers.
Add the following line, out of preservation; out save, where to be to use vi, visudo is used vi editor; As much said the use of vi;. .
Beinan ALL =/bin/more represents the beinan can switch to root to perform more to view the file.
Back to beinan users, using the exit command;. .
[root@localhost beinan]# exit。.
exit. .
[beinan@localhost ~]?$。.
View beinan of which can run through the sudo command? . .
[beinan@localhost ~]?$ sudo -l。.
Password: Note: Enter beinan user's password. .
User may run the beinan following commands on this host: Note: clear instructions here in our hosts, the beinan users can run with root permissions in the root permissions more; under any more, you can view the contents of a text file;.
(Root) / bin / more. .
Finally, we look at is not the user has the ability to see the beinan/etc/shadow; the contents of the file.
[Beinan @ localhost ~] $ sudo more / etc / shadow. .
Not only can see the beinan/etc/shadow file contents, you can see that only the root privileges to see the contents of other files, such as;.
[Beinan @ localhost ~] $ sudo more / etc / gshadow. .
For beinan users to view and read all the system files, I just want to put the content allows/etc/shadow his view; you can join the following row;.
beinan ALL = / bin / more / etc / shadow. .
Digression: the brothers would say, I passed the su switch to root user will be able to see all want to see content, HA HA, yeah. But we are not talking about the usage of sudo? if the host has more than one user and do not know the password for the root user, but also want to see some of them do not see the file, then you will need administrator authorization; this is the benefit of; sudo.
Five examples: Practice User Group in / etc / sudoers in the wording;. .
If user groups appear in/etc/sudoers, precede% number, such as% intermediate beinan, there must be no space;.
% Beinan ALL = / usr / sbin / *, / sbin / *. .
If we add the/etc/sudoers line above indicates the beinan user group members, all in all the possible emergence of a host name, will be able to switch to the root user and run/usr/sbin/sbin directory; all command.
Six examples: abolition of certain types of exercise program implementation;. .
Cancel the program class of program execution, you want to precede the command action! number; in this case is the use of the wildcard character *;.
beinan ALL = / usr / sbin / *, / sbin /*,!/ usr / sbin / fdisk Note: The rules of this line to / etc / sudoers in; but you have to have beinan this user group, and also the group beinan in it;. .
These rules represent all users in the beinan may exist in the host name of the host running/sbin/usr/sbin and all of the program, but the fdisk program;.
[Beinan @ localhost ~] $ sudo-l. .
Password: Note: enter here the password for the user; beinan.
User beinan may run the following commands on this host:. .
(root) /usr/sbin/*。.
(Root) / sbin / *. .
(root) !/sbin/fdisk。.
[Beinan @ localhost ~] $ sudo / sbin / fdisk-l. .
Sorry, user beinan is not allowed to execute '/sbin/fdisk -l' as root on localhost。.
Note: You can not switch to the root user run the fdisk program;. .
Example 7: the practice of using an alias;.
If we have a host localhost, pass the hostname to see, we are here not defined host alias, and use ALL to match all possible host names; and there beinan, linuxsir, lanhaitun users; mainly through small examples to better understanding; sudo is simple easy to use, but can say indeed it difficult to understand; the best way is to look at examples and man soduers;. .
User_Alias SYSADER=beinan,linuxsir,%beinan。.
User_Alias DISKADER = lanhaitun. .
Runas_Alias OP=root。.
Cmnd_Alias SYDCMD = / bin / chown, / bin / chmod, / usr / sbin / adduser, / usr / bin / passwd [A-Za-z ]*,!/ usr / bin / passwd root. .
Cmnd_Alias DSKCMD =/sbin/parted,/sbin/fdisk Note: define command alias DSKCMD, there are members of the parted and fdisk;.
SYSADER ALL = SYDCMD, DSKCMD. .
DISKADER ALL=(OP) DSKCMD。.
Notes:. .
First row: defining user alias SYSADER beinan, under Member beinan linuxsir and user groups of members, users group must be% number;.
Second line: define the user alias DISKADER, members lanhaitun. .
Third row: Runas user defined, that is the target user's alias as the OP, there are members of the root.
Fourth row: Define SYSCMD command aliases, members use separate numbers, the final! / Usr / bin / passwd root that can not be passwd to change root password;. .
Fifth: define command alias DSKCMD, there are members of the parted and fdisk;.
Sixth row: that all members under the authorization SYSADER in all possible host host name to run or prohibit SYDCMD and DSKCMD defined command. Yao said more clearly, beinan, linuxsir and beinan user group members under the root can run chown, chmod, adduser, passwd, but you can not change the root password; also can be run as root parted and fdisk, and so this rule price rule;. .
beinan,linuxsir,%beinan ALL=/bin/chown,/bin/chmod,/usr/sbin/adduser,/usr/bin/passwd [A-Za-z]*,!/usr/bin/passwd root,/sbin/parted,/sbin/fdisk。.
Seventh row: that all members under the authorization DISKADER able to OP's identity to run DSKCMD, no password is required; more specifically, lanhaitun able to run as root parted and fdisk command; the equivalent rule is:. .
lanhaitun ALL=(root) /sbin/parted,/sbin/fdisk。.
Some brothers may say I can not enter the user's password will be able to switch to root and run under the command SYDCMD and DSKCMD, it should be the NOPASSWD: Canada, where better? Understand the following example, can understand;. .
SYSADER ALL= NOPASSWD: SYDCMD, NOPASSWD: DSKCMD。.
5, / etc / sudoers Matters not covered in the other;. .
The authorization rules, as well as NOEXEC: and EXEC usage, check the man himself; there are also sudoers rule the use of wildcard characters, but also need to know. The content is not to say, after all, just an introductory document. Soduers profile to more simple is simple, the more difficult it is, it depends on your application.
6, sudo usage;. .
We are in front of the rules of orthography,/etc/sudoers final purpose is to allow users to read through the sudo configuration file rules to match and replace the authorisation to conduct command operations, thus completing their rights not available under tasks completed;.
We only say that the simplest usage; more details see man sudo. .
Sudo [parameter options] command.
-L list available to the user on the host and prohibited the order; generally configured / etc / sudoers, the use of this command to view and test is not configured correctly;. .
-V verify the user's time stamp; if the user running sudo, enter the user's password, and within a short period of time can not enter the password for sudo actions directly; use the-v can track the latest timestamp;.
-U specify for a user to perform specific operations;. .
-K to remove the timestamp, next to use sudo command request; to provide a password.
First, we visudo to change through the / etc / sudoers file, add the following line;. .
Lift columns:.
beinan, linuxsir,% beinan ALL = / bin / chown, / bin / chmod, / usr / sbin / adduser, / usr / bin / passwd [A-Za-z ]*,!/ usr / bin / passwd root, / sbin / parted, / sbin / fdisk. .
And then list the beinan users on the host computer via sudo can switch the user can use the command or commands being prohibited;.
[Beinan @ localhost ~] $ sudo-l Note: List the user to switch the user through the host's available or prohibition order;. .
Password: Note: enter your user password;.
User beinan may run the following commands on this host:. .
(Root)/bin/chown Note: you can switch to using chown root;..
(Root) / bin / chmod Note: You can switch to root with chmod command under;. .
(Root)/usr/sbin/adduser Note: you can switch to use the adduser command under root;..
(Root) / usr / bin / passwd [A-Za-z] * Note: you can switch to root with the passwd command under;. .
(Root)!/usr/bin/passwd root note: you can switch to the root, but cannot perform passwd root to change the root password;.
(Root) / sbin / parted Note: You can switch to the root under the implementation of the parted;. .
(Root)/sbin/fdisk Note: you can switch to execute fdisk; under the root.
Through the above sudo-l lists the available commands, I want to chown command to change the / opt directory is Lord beinan;. .
[Beinan @ localhost ~] $ ls-ld/opt/opt Note: view; the owner of.
drwxr-xr-x 26 root root 4096 10 月 27 10:09 / opt Note: the answer is attributable to root user and root user group;. .
[Beinan @ localhost ~] $ sudo chown beinan: beinan/opt Note: chown to change the owner to beinan users and user groups; beinan.
[Beinan @ localhost ~] $ ls-ld / opt Note: See / opt is not the owner has changed;. .
Drwxr-xr-x 26 beinan beinan 4096 Oct 27 10: 09/opt.
We found that by the example above, the user can switch to the root beinan after the implementation of the passwd command to change the user password; but above sudo-l output also explicitly written can not change the root password; that in addition to root password, beinan user can not change , other users can change the password. Let's test;. .
For a normal user, in addition to changing their password, he cannot change other user passwords. However, if you wrap to execute commands as root, you can change the password of other users;.
For example, in the system have linuxsir the user, we want to try to change the user's password,. .
[Beinan @ localhost ~] $ passwd linuxsir Note: does not run directly through sudo passwd to change the password for the user; linuxsir.
passwd: Only root can specify a user name. . Note: failure, prompted only by root to change;. .
[Beinan @ localhost ~] $ sudo passwd linuxsir Note: we define let/etc/sudoers beinan switch to perform root passwd command to change the password; linuxsir.
Changing password for user linuxsir. .
New UNIX password: Note: enter the new password;.
Retype new UNIX password: Note: enter it again;. .
passwd: all authentication tokens updated successfully。. Note: the change is successful;.
MySQL version: 4. .1. .
Environment: the main library .168.192. .205 .0.192. from library .0 .206 .168... ".
1, the main library to create / etc / my. . Cnf, modify the [mysqld] to increase inside the key. .
server-id=1 。.
log-bin = binlog_name. .
2. main library to increase the user, for reads the main library from Library Journal.
grant replication slave, reload, super on *. .* To 'slave' @ '192. .168. .0. .206 'Identified by '123456'. .
3, connect the main gallery from the Gallery to be tested.
/ Opt / mysql / bin / mysql-u slave-p-h 192. .168. .0. .205. .
4. stop from the library, change from the library to increase/etc/my. .cnf option:.
[Mysqld]. .
server-id=2 。.
master-host = 192. .168. .0. .205. .
master-user=slave 。.
master-password = 123456. .
5, starting from the library, a library for master-slave synchronization of data.
/ Opt / mysql / share / mysql / mysql start. .
/opt/mysql/bin/mysql -u root -p 。.
mysql> load data from master;. .
Note: this step can also be poured into a database or directly into directory..
6, test:. .
Main library, create the table.
mysql> create database sampdb;. .
mysql>create table new (name char(20),phone char(20)); 。.
mysql> insert into new ('abc, '0532555555');. .
Open: from the Gallery to see.
/ Opt / mysql / bin / mysql-u root-p. .
mysql>show database; 。.
mysql. .
sampdb 。.
test. .
mysql>use sampdb; 。.
mysql> show tables;. .
new 。.
Help create successful master-slave database. .
7, master database-related commands:.
slave stop; slave start; stopped from the database. .
Show slave status\G; displays from the library which is being read from the binary log of the primary database.
purge master logs to 'binlog. .000004 '; This command is very careful to delete the primary database useless binary log file. If the deletions, then there is no way from the library automatically updated. .
Change master; from the server to modify the parameters to use.
http://www. . Dwww. .cn/new/20063201849301317. . Html. .
---------------------------------- 。.
The first part of the install JDK + Tomcat + mySQL. .
---------------------------------- 。.
This step of the installation requirements in support of JSP, html, htm page, so use JDK1. .5. .0 + Tomcat5. .5. .4 + MySQL4. .1. .7, These are the current latest stable version of the software (non-beta), which is now popular, classic configuration. Temporary support is not installed Apache and PHP, mainly taking into account the users with basic desktop version of Linux is a personal website, primarily for learning, testing and use JSP, use the configuration is already more than enough, What more traveling light. .
If you want to install Apache and PHP, please refer to the second part of the content.
Note the following installation, start with the representatives of the # root user terminal in the system operation, the actual operations do not enter the # sign. .
First, download the necessary software, related to a unified directory (such as/tmp/myDown):.
1, download JDK1. .5. .0 Installation package (ie JAVA5. .0), The file name: jdk-1_5_0-linux-i586-rpm. . Bin. .
Download link: http://java. .sun. .com/j2se/1.5. .0/.jsp. download.
2, download Tomcat installation package (supports JSP), File Name: jakarta-tomcat-5. .5. .4. . Tar. . Gz. .
Download link: http://apache. .freelamp. .com/jakarta/tomcat-5/.4 .5 v5../bin/.4 .5 jakarta-tomcat-5... .tar .gz. ".
3, download mySQL installation package (database software), file name: mysql-standard-4. .1. .7-Pc-linux-i686. . Tar. . Gz. .
Download link: http://dev. .mysql. .com/get/Downloads/MySQL-4. .1 .1/mysql-standard-4.. .tar .gz .7-pc-linux-i686..//pick from.
4, download mySQL the JDBC driver file name: mysql-connector-java-3. .0. .16-Ga. . Tar. . Gz. .
Download link: .mysql .com http://dev..//downloads/connector/j 3. .0. .html.
Second, install the software. .
1. install the JDK (because the JDK contains the JRE installed, if the original installing JRE LumaQQ, please uninstall the JRE RPM packages, you can save 85M space).
(1) Installation:. .
#cd /tmp/myDown 。.
#. ./jdk-1_5_0-linux-i586-rpm. . Bin. .
This will install the JDK/usr/java/jdk1. .5. .0 directory.
(2) edit the file / etc / profile, adding at the end:. .
export JAVA_HOME=/usr/java/jdk1。.5。.0 。.
export CLASSPATH = $ CLASSPATH: $ JAVA_HOME / lib / tools. . Jar: $ JAVA_HOME / lib / dt. . Jar:. .
export PATH=$PATH:$JAVA_HOME/bin 。.
(3) To enable the new configuration to take effect, run # source / etc / profile. .
(4) testing, with a text editor to write a java program to verify that stored in the directory, file name:/tmp/myDown HelloWorld. .java, enter the following:.
public class HelloWorld (. .
public static void main(String args[]){ 。.
System. . Out. . Println ("Hello, Wrold");. .
} 。.
). .
Then, in a terminal perform:.
# Cd / tmp / myDwon. .
#javac HelloWorld。.java 。.
# Java HelloWorld. .
At this point if there is a "Hello, World", explains your JAVA compile, run environment set up.
2, installation of Tomcat. .
(1) in a graphical environment, right-click .4 .5 jakarta-tomcat-5... .tar .gz file icon,., choose Extract to/usr/local directory.
To facilitate the use, in terminal run:. .
#cd /usr/local 。.
# Ln-s jakarta-tomcat-5. .5. .4 Tomcat. .
(2) edit file/etc/profile, during the final accession: export CATALINA_HOME =/usr/local/tomcat.
(3) If required the system at startup tomcat (no friend of this requirement would not have to do this step), modify the / usr / local / tomcat / bin / startup. . Sh is:. .
export JAVA_HOME=/usr/java/jdk1。.5。.0 。.
export CLASSPATH = $ CLASSPATH: $ JAVA_HOME / lib / tools. . Jar: $ JAVA_HOME / lib / dt. . Jar:. .
export PATH=$PATH:$JAVA_HOME/bin 。.
export CATALINA_HOME = / usr / local / tomcat. .
/usr/local/tomcat/bin/catalina。.sh start 。.
In / etc / rc. .d / rc. . Local add: / usr / local / tomcat / bin / startup. . Sh. .
(4) # source/etc/profile allow configuration to take effect, run .sh startup tomcat/usr/local/tomcat/bin/startup...
(5) test, in the browser, type: http://localhost:8080, if the Tomcat welcome page will appear to install successfully. .
3, install mySQL (I installed is not a RPM package, it is recommended that you download the mysql RPM package, Server, Client and development kits.
<库文件和头文件>This relatively simple installation, without any additional description). .
(1) in a graphical environment, right-click mysql-standard-4. .1. .tar .gz .7-pc-linux-i686.. file icon, select Extract to/usr/local directory.
To facilitate the use, in terminal run:. .
#cd /usr/local 。.
# Ln-s mysql-standard-4. .1. .7-Pc-linux-i686 mysql. .
Then do:.
# Cd mysql. .
#scripts/mysql_install_db --user=mysql 。.
# Chown-R root. .
#chown -R mysql data 。.
# Chgrp-R mysql. .
#bin/mysqld_safe --user=mysql & 。.
(2) test. .
#cd /usr/local/mysql/bin 。.
#. . / Mysql. .
If you can see mysql > symbols, then the installation is successful.
If required the system at startup mysql, at the / etc / rc. .d / rc. . Local add: / usr / local / mysql / support-files / mysql. . Server start. .
4. install the mySQL JDBC driver.
(1) in the graphical environment, right-click mysql-connector-java-3. .0. .16-Ga. . Tar. . Gz file icon to extract the current directory (/ tmp / myDown). .
(2) extract from mysql-connector-java-3. .0. .16-ga-bin. .jar into/usr/local/tomcat/common/lib.
(3) increasing the mysql user from the machine access to the database (running JSP required), pay attention to the contents of brackets do not enter:. .
#cd /usr/local/mysql/bin 。.
#. . / Mysql. .
Mysql > GRANT ALL PRIVILEGES ON *. * TO mysql (username) @ localhost. .localdomain (native host name) IDENTIFIED BY '; ' (a password).
mysql> quit. .
Third, the Tomcat + JDK + mySQL: the complete test.
1, in the / usr / local / tomcat / webapps directory under the established test. .
2. copy the directory (note that the entire directory) usr/local/tomcat/webapps/ROOT/WEB-INF into new test directory.
3, in the test directory under the new index. . Jsp file:. .
<%@ page contentType="text/html;charset=gb2312"%>
<%@ page import="java.sql.*"%>
<%Class.forName("org.gjt.mm.mysql.Driver").newInstance();
String url ="jdbc:mysql://localhost:3306/mysql?user=root&password=&useUnicode=true&characterEncoding=GB2312";
Connection conn= DriverManager.getConnection(url);
Statement stmt=conn.createStatement(ResultSet.TYPE_SCROLL_SENSITIVE,ResultSet.CONCUR_UPDATABLE);
String sql="select * from user";
ResultSet rs=stmt.executeQuery(sql); %> 您的第一个字段内容为: 您的第二个字段内容为:
<%while(rs.next()) {%>
<%=rs.getString(1)%>
<%=rs.getString(2)%>
<%}%>
<%out.print("Tomcat+JDK+mySQL完整测试,恭喜你,数据库操作成功!");%>
<%rs.close();
stmt.close();
conn.close();
%>
<%Class.forName("org.gjt.mm.mysql.Driver").newInstance();
String url ="jdbc:mysql://localhost:3306/mysql?user=root&password=&useUnicode=true&characterEncoding=GB2312";
Connection conn= DriverManager.getConnection(url);
Statement stmt=conn.createStatement(ResultSet.TYPE_SCROLL_SENSITIVE,ResultSet.CONCUR_UPDATABLE);
String sql="select * from user";
ResultSet rs=stmt.executeQuery(sql); %> 您的第一个字段内容为: 您的第二个字段内容为:
<%while(rs.next()) {%>
<%=rs.getString(1)%>
<%=rs.getString(2)%>
<%}%>
<%out.print("Tomcat+JDK+mySQL完整测试,恭喜你,数据库操作成功!");%>
<%rs.close();
stmt.close();
conn.close();
%>
<%Class.forName("org.gjt.mm.mysql.Driver").newInstance();
String url ="jdbc:mysql://localhost:3306/mysql?user=root&password=&useUnicode=true&characterEncoding=GB2312";
Connection conn= DriverManager.getConnection(url);
Statement stmt=conn.createStatement(ResultSet.TYPE_SCROLL_SENSITIVE,ResultSet.CONCUR_UPDATABLE);
String sql="select * from user";
ResultSet rs=stmt.executeQuery(sql); %> 您的第一个字段内容为: 您的第二个字段内容为:
<%while(rs.next()) {%>
<%=rs.getString(1)%>
<%=rs.getString(2)%>
<%}%> 您的第一个字段内容为: 您的第二个字段内容为: 您的第一个字段内容为: Your first field says:. .
您的第二个字段内容为: Your second field contents as:.
<%while(rs.next()) {%>
<%=rs.getString(1)%>
<%=rs.getString(2)%>
<%=rs.getString(1)%>
<%=rs.getString(1)%>
<%=rs.getString(2)%>
<%=rs.getString(2)%>
<%}%>
<%out.print("Tomcat+JDK+mySQL完整测试,恭喜你,数据库操作成功!");%>
<%rs.close();
stmt.close();
conn.close();
%>4, testing, browser type: http://localhost:8080/test, if there "Tomcat + JDK + mySQL complete test, Congratulations, database operation is successful!", Then state your Tomcat + JDK + mySQL as a whole Configuration successful. .
4. If you are using ADSL dial-up Internet, dynamic IP is probably not fixed. At this point if you want to let other people from the Internet, ask your Web site, you need to apply for dynamic IP domain name services at www. .3322. .org has free, is the Chinese would say.
Note: JSP Server installation and configuration on this end, in fact, the configuration of Tomcat there is much to do, this is only the basic installation of entry can only use it more, please see the relevant articles and books. .
--------------------------------- 。.
The second part of the installation of Apache and PHP. .
--------------------------------- 。.
Apache is a very professional, excellent stability of the WEB server, but can only resolve its own simple static Web pages and JavaScript, but the combination of Tomcat and PHP can handle JSP and PHP dynamic pages. Note that, following the installation of the above already installed JDK + Tomcat + mySQL on the basis of. .
First, download the software onto a fixed directory (such as/tmp/myDown).
1, Apache2: Download link: http://apache. . Freelamp. .com/httpd/httpd-2. .0. .52. . Tar. . Gz. .
2, PHP5: filename: php-5. .0. .tar .gz .2.., download link: http://cn. .php. .net/get/php-5. .0. .tar .gz .2..//a/mirror from.
3, jk2 (for the integration of Apache and Tomcat), download link: http://apache. . Freelamp. .com/jakarta/tomcat-connectors/jk2/jakarta-tomcat-connectors-jk2-src-current. . Tar. . Gz. .
2. start the installation.
1, install Apache:. .
(1) extract and compile and install.
# Cd / tmp / myDown. .
#tar xvfz httpd-2。.0。.52。.tar。.gz 。.
# Cd httpd-2. .0. .52. .
#。./configure --prefix=/usr/local/apache --enable-so --enable-vhost_alias 。.
# Make. .
#make install 。.
(2) Edit / usr / local / apache / conf / httpd. . Conf:. .
In the add index DirectoryIndex. index .jsp .php...
Add a line AddType application / x-httpd-php. . Php. . Phtml. . Php3. . Inc. .
AddDefaultCharset for GB2312.
(3) test, the implementation of # / usr / local / apache / bin / apachectl start Start Apache, in your browser and enter http://localhost should appear Apache welcome page. .
To turn on auto-start Apache in rc .d//etc/rc.. Add .local:/usr/local/apache/bin/apachectl start.
2, install PHP:. .
(1) extract and compile and install.
# Cd / tmp / myDown. .
#tar xvfz php-5。.0。.2。.tar。.gz 。.
# Cd php-5. .0. .2. .
#。./configure --with-apxs2=/usr/local/apache/bin/apxs --enable-track-vars --with-mysql=/usr/local/mysql 。.
# Make. .
#make install 。.
# Cp php. . Ini-dist / usr / local / lib / php. . Ini. .
(2) tests, execute # restart restart Apache/usr/local/apache/bin/apachectl.
In / usr / local / apache / htdocs in the new test. . Php file content:. .
In your browser enter http://localhost/test. .php server information should appear.
3, integration of Apache and Tomcat (this step more trouble, please carefully points):. .
(1) extract and compile and install jk2.
# Cd / tmp / myDown. .
#tar -xzvf jakarta-tomcat-connectors-jk2-src-current。.tar。.gz 。.
# Cd jakarta-tomcat-connectors-jk2-2. .0. .4-src/jk/native2. .
#。./configure --with-apxs2=/usr/local/apache/bin/apxs --enable-EAPI 。.
# Make. .
#make install 。.
# Note: If the make install failed to manually release mod_jk2. . So. .
#cd /tmp/myDown/jakarta-tomcat-connectors-jk2-2。.0。.4-src/jk/build/jk2/apache2 。.
# Cp *. . So / usr / local / apache / modules /. .
(2) edit file/usr/local/tomcat/conf/jk2. .properties, finally joining:.
# List of needed handlers. .
handler。.list=channelSocket,request 。.
# Override the default port for the channelSocket. .
channelSocket。.port=8009 。.
(3) edit the file / usr/local/apache/conf/workers2. . Properties (if this file is the new one), as follows:. .
# only at beginnin。. In production uncomment it out 。.
[Logger. . Apache2]. .
level=DEBUG 。.
[Shm]. .
file=/usr/local/apache/logs/shm。.file 。.
size = 1048576. .
# Example socket channel, override port and host。.
[Channel. . Socket: localhost: 8009]. .
port=8009 。.
host = 127. .0. .0. .1. .
# define the worker 。.
[Ajp13: localhost: 8009]. .
channel=channel。.socket:localhost:8009 。.
# Uri mapping. .
[uri:/*。.jsp] 。.
worker = ajp13: localhost: 8009. .
# This is to facilitate the operation of the Apache Tomcat management, for example, document, or you can get rid of.
[Uri: / jsp-examples / *]. .
info=Map the jsp-examples webapp 。.
worker = ajp13: localhost: 8009. .
[uri:/servlets-examples/*] 。.
info = Map the servlets-examples webapp. .
worker=ajp13:localhost:8009 。.
[Uri: / tomcat-docs / *]. .
info=Map the tomcat-docs webapp 。.
worker = ajp13: localhost: 8009. .
[uri:/manager/*] 。.
info = Map the manager webapp. .
worker=ajp13:localhost:8009 。.
(4) edit the file / usr / local / apache / conf / httpd. . Conf, adding:. .
LoadModule jk2_module modules/mod_jk2。.so 。.
DocumentRoot "/ usr / local / tomcat / webapps / ROOT". .
# The default is Apache, Tomcat default/usr/local/apache/htdocs is/usr/local/tomcat/webapps.
# Specify the release of Apache and Tomcat for the same directory (by test set ROOT better), a mix of html, JSP, PHP favorable operating circumstances. .
# If you are not using a mixture of html, JSP, PHP, it is best to use the virtual host settings, please refer to the related articles or books.
(5) test, then enter http://localhost in a browser should appear Tomcat's welcome page. .
Red Flag Linux full install Web server software work!.
----------------------------------. .
The third part of the FTP server software installed.
----------------------------------. .
This section highlights in red flag 4. .1 to install the FTP server software for the most basic processes, software using Linux usage highest vsFTPd FTP server.
First, download the software: ftp://vsftpd. . Beasts. .org/users/cevans/vsftpd-2. .0. .1. . Tar. . Gz, into / tmp / myDown. .
2. install VSFTPD.
(1) extract and compile the software. .
#cd /tmp/myDown 。.
# Tar-xzvf vsftpd-2. .0. .1. . Tar. . Gz. .
#cd vsftpd-2。.0。.1 。.
# Make. .
This will result in a binary file, verify that the form, such as:.
# Ls-l vsftpd. .
-rwxrwxr-x 1 chris chris 61748 Sep 27 00:26 vsftpd 。.
(2) to meet some of the necessary conditions VSFTPD installed. .
VSFTPD default settings requires a "nobody" user, if the user does not exist, add it. As follows:.
# Useradd nobody. .
useradd: user nobody exists 。.
VSFTPD default settings need an empty directory: / usr / share / empty, add this directory, if it does not exist. As follows:. .
# mkdir /usr/share/empty/ 。.
mkdir: cannot create directory `/ usr / share / empty ': File exists. .
Create a user "ftp" (if it does not exist),/var/ftp/is the root of the FTP, you can replace the other.
# Mkdir / var / ftp /. .
# useradd -d /var/ftp ftp 。.
# Chown root. . Root / var / ftp. .
#chmod og-w /var/ftp 。.
(3) Installation VSFTPD configuration, implementation and help files. .
#mkdir /usr/local/man/man5 。.
# Mkdir / usr/local/man/man8. .
#make install 。.
# Cp vsftpd. . Conf / etc. .
(4) Edit .conf/etc/vsftpd., in the following by adding the following line: listen = YES.
(5) testing. .
# /usr/local/sbin/vsftpd & 。.
Note: To turn auto-start vsFTPd, at the / etc / rc. .d / rc. . Local add: / usr / local / sbin / vsftpd &. .
If all is well, then you will be connected to the FTP server, a form, such as:.
$ Ftp localhost. .
Connected to localhost (127。.0。.0。.1)。.
220 (vsFTPd 1. .1. .1). .
Name (localhost:chris): ftp 。.
331 Please specify the password. .
Password: 。.
230 Login successful. . Have fun. .
Remote system type is UNIX。.
Using binary mode to transfer files. .
ftp> ls 。.
227 Entering Passive Mode (127,0,0,1,229,133). .
150 Here comes the directory listing。.
226 Directory send OK. .
ftp> quit 。.
This article, that is, on the IBM ? WebSphere ? Studio Application Developer development team conducted a series of articles in the third article, focusing on how to install the RedHat Linux 7 and configure it to SCM CVS repository.WebSphere Studio Application Developer (hereinafter referred to as Application Developer) and CVS this mainstream open source, network-transparent version control system to seamlessly work together. CVS on most platforms can run, including Windows ?, Linux, AIX ? and UNIX ?. It together with the Application Developer installed on RedHat Linux on the benefits of the following points: Linux is now the monopoly of the open source operating system. RedHat Linux is one of the main distribution. CVS is included in the distribution of RedHat Linux 7. CVS for Linux is very stable, reliable and scalable for individual developers, small group and large-scale, distributed team are very helpful.Application Developer running RedHat Linux 7. When you use the Application Developer, you can use the CVS as a local resource library or as a whole group of the shared resource pool.
However, installing and configuring CVS for Linux is not trivial, and a good documents related to very few. The following step by step guide should be able to help system administrators to use the Application Developer configuration developer CVS for Linux. In the RedHat Linux 7 installed CVS. .
1. CVS version .11. .1 .3 may already be the default. "installed on your RedHat Linux 7. To check if you have CVS installed, enter the command rpm-qa | grep ' cvs '. If the return is cvs-1. .11. .1-3, means that CVS is already installed.
If this command did not return any content, you need to install CVS. CVS rpm usually located in the RedHat Linux 7 distribution installation CD # 2 on RedHat / RPMS directory. Install the CD to / mnt / cdrom, use the rpm command to install CVS: rpm-i / mnt/cdrom/RedHat/RPMS/cvs-1. .11. .1 P1-3. .I386rpm build CVS user accounts and groups to log on to the root user. Create a cvs user to allow the user to use cvs as his primary group. Create the Application Developer using the cvs users. This article uses cvsdev1 and cvsdev2. Use the cvs developers can use their private group as their primary group. For example, cvsdev1 main group cvsdev1, but make sure they belong to cvs group. The establishment of folders and user cvs repository log. In cvs own home directory (ie / home / cvs /) create a directory named repository.Set the access level of the Directory/home/cvs/repository and access mode: chmod 770/home/cvs/repository set the setgid bit/home/cvs/repository directory: chmod g + s/home/cvs/repository.
Description: create a file in a directory, the default document the circumstances of its owner's primary group. Directory setgid bit set, the new files will belong to the same directory with the group, not belonging to its owner's primary group. For example, if a user cvsdev1 in the directory / home / cvs / repository to create a number of files, these files will belong to cvs group rather than its primary group cvsdev1. .
This step is crucial because it enables CVS users will be able to checkout files created by other users. If this step is not completed, when you check out another user when a file is created, the operation will fail, and issued the following message:.
Failed to create lock directory for / home / cvs / repository /. .: Permission denied. .
Failed to obtain lock dir in repository/home/cvs/repository/. initialize the repository: cvs-d/home/cvs/repository cvs init log out user. Modify xinetd service to enable the pserver Protocol to log on as root user. /Etc/xinetd directory. Create a file called cvspserver d files, as follows: # default: off. .
# description: An cvs server。.
service cvspserver. .
{。.
disable = no. .
socket_type = stream。.
protocol = tcp. .
user = root。.
wait = no. .
server = /usr/bin/cvs。.
server_args =-f - allow-root = / home / cvs / repository pserver. .
log_on_success +=USERID。.
log_on_failure + = USERID. .
} Open and verify the existence of the following/etc/services those two lines of code. If does not exist, add them: cvspserver 2401/tcp # CVS client/server operations.
cvspserver 2401/udp # CVS client / server operations to restart the xinetd service: service xinetd restart to create a user environment, open the file / etc / profile. You should see the following in the file these lines: USER = 'id-un'. .
LOGNAME=$USER。.
MAIL = "/ var / spool / mail / $ USER" in the MAIL environment variable, add a line: CVSROOT = ": pserver: $ USER @ localhost: / home / cvs / repository" in the file, you should see this line: export PATH USER LOGNAME MAIL HOSTNAME HISTSIZE INPUTRC CVSROOT modify and add this line export (export) list, as follows: export PATH USER LOGNAME MAIL HOSTNAME HISTSIZE INPUTRC CVSROOT test the installation using the local user identity Developer 1 to cvsdev1 Login。 By entering the following command to make sure that the environment variable is correct: echo $ CVSROOT.
It should return the user name of the result like this:: pserver: cvsdev1 @ localhost: / home / cvs / repository with the following command log CVS: cvs login. .
You will be prompted to provide a password. Enter your Linux password. Create a directory named project1: mkdir project1 in project1 directory named Test files .java. contents of the file are as follows: public class Test {.
public String sayHello (String name) (. .
return "Hello"+name;。.
). .
The use of these commands will} Test. .java import into CVS repository module/home/cvsdev1/project1 project1: cd.
cvs import-m "import Test.. java" project1 wsadgroup release1_0. .
CVS import operation is complete, you should see the message: project1/N .java. Test.
No conflicts created by this import back up your source code: cd. .
Mv project1 project1. .sav from the CVS repository to check out the project1: cd.
cvs checkout project1. .
You should see the create a/home/cvsdev1 named project1 directory, the directory has a .java file and a Test. CVS directories. Developer 2 logged in cvsdev2. CVS: cvs cvsdev2 login logincvsdev2 checkout from CVS: cvs checkout project1 project1.
You should see such a message from CVS: cvs server: Updating project1. .
U project1/Test to Test. .java. .java (located in the directory project1) adds a new method: public String sayBye (String name) {.
return "Bye," + name;. .
} To Test. .java checked into the repository: cvs commit-m ".java" checkin Test. .java. Test.
You should see such a message from the CVS: Checking in Test. . Java;. .
/home/cvs/repository/project1/Test。.java, v <-- Test。.java。.
new revision: 1. .2; Previous revision: 1. .1. .
done。.
Users cvsdev1 with the following command to capture cvsdev2 these changes: cd / home/cvsdev1/project1. .
cvs update Test。.java。.
You should see such a message from the CVS: U Test. . Java. .
You can use the editor to open to view Test. .java cvsdev2 update. Use the Application Developer to test the installation Team Perspective, select the open Repositories view and in the Workbench (Workbench), select File > New > = = Other. Select a category in the CVS Repository Location and click Next. Complete repository location Wizard. The following briefly describes the wizard CVS terms of this panel:. .
Connection type you want to use to connect to CVS server protocol. The default is pserver, it represents the password server protocol. This is what we have in RedHat Linux 7, set the type of connection. User name you use to login to the CVS server by the user. For example, we have mentioned in RedHat Linux 7 defined in cvs group cvsdev1 or cvsdev2. Host name you want to connect to the server machine name . It is a RedHat Linux machine host name or IP address. Repository path resource database on the server fully qualified path to the location. For our installation and configuration, it will be: / home / cvs / repository. CVS location Application Developer to connect to the complete repository location. When you fill out the first few fields, it will be dynamically built.Validate on finish it before returning to the IDE test repository connection. Please always enable it as the first connectivity test.
Figure 1. .
Click Finish. If the Application Developer can connect to CVS server, you will be prompted to provide the password for the user identity. See Figure 2 below.
Figure 2. .
Once the user ID and password are verified, you will return to the Repositories view, and the view on an Application Developer to connect to the new repository entries. Expand the Streams = > HEAD = > project1, you can see the version distributed version 1. Test of .2., .java, we in the "using a local user to test the installation" section in step 13 see.
Figure 3. .
Right-click and select Test. .java Show in History Resource. In the Resource History view, you can see when the Test cvsdev1. .java conducted the first amendments to the code after the change occurs, when the Test cvsdev2. .java checked into the repository.
Figure 4. .
Figure 5.
5. . Finally, right-click the project1 and select Add to Workspace. You have to start on the Application Developer in project1 to operate it! . .
Figure 6.
Conclusion. .
This article has described how to configure RedHat Linux CVS. I hope this article helps, and we welcome all feedback.
dmidecode is a very good software, it can fully display your system information, including bios, cpu, memory and other information. .
I use .edu .pku e... .cn discovered dmidecode-2. .tar .gz .4.., the installation process is very simple:.
[Root @ tony dmidecode-2. .4] # Mv dmidecode-2. .4. . Tar. . Gz / usr / local /. .
[root@tony dmidecode-2。.4]#tar -xzvf dmidecode-2。.4。.tar。.gz 。.
[Root @ tony dmidecode-2. .4] # Make install. .
install -m 755 dmidecode /usr/local/sbin。.
install-m 755 biosdecode / usr / local / sbin. .
install -m 755 ownership /usr/local/sbin。.
install-m 755 vpddecode / usr / local / sbin. .
install -m 644 man/dmidecode。.8 /usr/local/man/man8。.
install-m 644 man / biosdecode. .8/usr/local/man/man8. .
install -m 644 man/ownership。.8 /usr/local/man/man8。.
install-m 644 man / vpddecode. .8 / Usr/local/man/man8 is complete. .
You can see above there are four executables are: dmidecode, biosdecode, ownership, pddecode v. We are the most commonly used are the first two commands. Use dmidecode can show very detailed hardware info.
In addition, there are some minor skills. For example, showed that several memory:. .
dmidecode |grep -A16 "Memory Device$" 。.
Show details CPU: dmidecode | grep-A42 "Processor" | more. .
Note: A42-said to show the number of rows, you can modify according to your own situation. To view the serial number of the motherboard.
dmidecode | grep 'Serial Number'. .
dmidecode | grep 'Serial Number' | awk '{print $3}' | tail -1 。.
-------------------------------------------------- -----------------------。 .
$ dmesg 。.
About the command is not very convenient for you? robinswan comment on :2006-03-28 22:47:33 (219. .136. .73.. ★). .
The original Linux NAT with it, did not think of a few days ago, but how the Internet can not disclosed, but the system users and how the message of:.
ip_conntrack: table full, dropping packet. .
After all we know, Linux NAT ip_conntrack module will users tcp communications protocol established connection of users, and prevents the creation of a timeout period as long as five days (432,000 seconds), so as long as someone is using LAN in P2P software (e.g., eDonkey, BT.) it is easy on this health problem.
Solution (1): increased ip_conntrack_max value. .
Find out the original values: ip_conntrack_max.
Command: cat / proc/sys/net/ipv4/ip_conntrack_max. .
Written into the ideal digital values (per ip_conntrack buffer will place 292 Bytes).
Command: echo "value"> / proc/sys/net/ipv4/ip_conntrack_max. .
For example: echo "81920" >/proc/sys/net/ipv4/ip_conntrack_max.
This effect is temporary, if you want to boot each time using the new values are required to write the above command / etc / rc. .d / rc. . Local. .
Or join in the .conf:/etc/sysctl.. .ipv4. net .ip_conntrack_max = digital values.
Or use the command: sysctl-w net. . Ipv4. . Ip_conntrack_max = value. .
Solution method (2): reducing ip_conntrack timeout time.
Reset ip_conntrack_tcp_timeout_established (Cost: 432 000, unit: seconds). .
Command: echo "digital value >/proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_established.
For example: echo "600"> / proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_established. .
Open machine automatic equipment reset practices and methods (1).
Other relevant directives:. .
View the current buffer using various ip_conntrack.
Command: grep conn / proc / slabinfo. .
EGM examples: ip_conntrack 3024 4090 384 1 409 409 (the value that follows) the number of cache name3024the ip_conntrackthe currently active objects4090the total number of available objects384the size of each object in bytes409the number of pages with at least one active object409the total number of number of pages allocated per pages1the slab are given . .
Man slabinfo may look detailed instructions.
Identified five most current ip_conntrack record IP. .
Instructions: cat/proc/net/ip_conntrack | cut-d ' '-f 10 | cut-d ' = '-f 2 | sort | uniq-c | sort-nr | head-n 5.
Results Example: 2816192. .168. .1. .10014163. .30. .85. .1296220. .132. .142. .1756127. .0. .0. .14218. .187. .5. .223. .
Suffice it to say, 192. .168. .1. place the .100 絕 mostly Australian buffer, augmented this IP of the User may use P2P software.
System administrator is not room on how to continue to monitor and manage Linux servers, Linux servers to run a comprehensive understanding of the state, a system administrator needs to face. Implementation of the Linux server, remote management and monitoring many ways, here introduces the use of special remote monitoring SrvReport this Linux software, Linux server for remote monitoring and management. .
SrvReport configuration methods.
SrvReport is a powerful Linux server remote monitoring software. It can be set under the Linux system administrator, Linux server operating conditions regularly to various parameters via e-mail sent to the specified e-mail address. SrvReport records sent by Linux servers running status information, messages, not simply using HTML or TXT format.Messages in HTML file with column type, high-brightness contrast text, tables, and a detailed list of records on Linux servers running status of the various parameters are classified records. Making Linux system administrator from reading the HTML message, you can easily to Linux server has a very comprehensive understanding.
SrvReport This source software installation and configuration is quite simple. Users can http://sourceforge. .net / project / showfiles. . Php? Group_id = 98398 Download the latest version of the SrvRepor compressed. The following command extract SrvRepor archive:. .
# tar xzfv srvreport-x。.xx。.tgz 。.
Into SrvReport / bin directory, will srvreport. . Pl files to Linux system crontab, so SrvReport run periodically. Editing bin / srvreport. . Conf. . File, in the "mailAddr:" fill in the user designated to receive SrvRepor reports generated e-mail address. .
Bin/edit .conf file srvreport., in addition to filling out reports to e-mail address, you need according to the actual situation, modify the bin/.conf file srvreport. such as the HTML reports are stored address, report a picture storage and reporting you need to record information, and several modules parameters.
Reference configuration. .
For convenience, users can configure SrvReport from its software package/doc directory to see a full EXAMPLE. .HTML. .conf file of srvreport configuration list. The following is the author of the ".HTML" EXAMPLE. configure a .conf srvreport. checklist, bold variable can be based on the Linux server and network conditions.
# # Configuration File for SrvReport. .
# Receiver of the mail-report (receiving srvreport report email address).
MailReport = webmaster @ myschool. . Org. .
# 20041116130854. .htm for saving the html-report (save the HTML report file name).
# May contain%% YYYY,% MM,% DD, which will be replaced with. .
# the apropriate values。.
(% YYYY,% MM,% DD, respectively, year, month, day. Generally srvreport automatically generated). .
FileReport = 。./web/html/%%YYYY-%%MM-%%DD。.html。.
# Path where the images are located (the path of image files are saved). .
FileReportImgPath = 。./。./images/。.
# If you want an up-to-date file, then you should set this to 1. .
(If you need the latest file report, you can set the value of the ReportWithTime FileReportCreateAlways and set to 1).
FileReportCreateAlways = 1. .
ReportWithTime = 1。.
# This defines the order of the report. .
(Definition that you want to monitor by srvreport Linux Server services).
order = Traffic CPUUsage WebServer FTPServer. .
FTPLogs Postfix Warnings LastLogins ChkRootKit。.
In addition to e-mail address and to modify the bold display of several parameters, configure the list of default parameters are not required in most of the changes. Of course, assuming the user's Linux server does not provide FTP services, then delete the configuration list [FTPServer] This module can be. .
Recently work needs to be done about scp and rsync backups offsite safe, tidy up a bit, hope you all useful.
scp backup guide:. .
Requirements: use scp to automate scheduled copy offsite file.
Difficulty: how to make remote host to establish a secure trust relationship. .
1. in A machine with root run generates/root/ssh-keygen. .ssh/identity and identity/root/. .ssh/. .pub files;.
2, A machine running scp / root /. .ssh / identity. . Pub test @ 192. .168. .1. .10: / Upload /. .ssh / authorized_keys (assuming the IP address of the machine B 192. .168. .1. .10, B machine, open the user test, to upload to the directory / upload, input the password). The aim is to local identity. .Pub onto a remote machine and renamed authorized_keys, thus establishing a new host, you will not need to have every time ssh; need to enter a password.
3, established by crontab script, eg: 30 02 * * 1-5 scp / home / data / * test @ 192. .168. .1. .10: / Upload. .
(Day 2: 30am automatically/home/data all of the following file to test the user name passed to the remote host .168.192.. .10 of .1/upload directory).
Certification Principles:. .
If you want from A SSH as user user1 to B as a user user2, to use RSA keys for certification and does not require a password, B on the SSH daemon takes out ~ user2/.ssh/authorized_keys. in A related RSA public key to encrypt A to user1 on running ssh client program to challenge, we have A .pub identity on. copy to b as authorized_keys. A private key is to maintain identity, while B's sshd has come up with A's public key to the challenges, so successful, you can add many lines to the authorized_keys to allow the other server's public key can add to the mix. .
Characteristics: scp.
Use ssl encryption and security. .
Rsync backup Guide:.
Requirements: completion of remote files using rsync synchronization. .
Difficulty: how to establish a trust relationship between the offsite.
1, A host (rsync server) installed to compile rsync, requires version 2. .4. .3 Above (http://rsync.. Samba.. Org), in the / etc directory to establish rsyncd. . Conf file, as follows:. .
uid = nobody 。.
gid = nobody. .
Use chroot = no # do not use the chroot.
max connections = 4 # maximum number of connections is 4. .
log file = /var/log/rsyncd。.log 。.
pid file = / var / run / rsyncd. . Pid. .
Lock file =/var/run/rsync. .lock # logging file.
[Test] # This is the authentication module name, the client needs to specify. .
Path =/home/test # the directory need to be synchronized.
comment = test folder. .
uid = root 。.
ignore errors # can ignore irrelevant IO error. .
Read only = yes # read-only.
list = no # do not allow the following documents. .
Auth users = rsynctest # authentication username, if you do not have this line, it indicates that is anonymous.
secrets file = / etc / test. . Scrt # authentication user password file. .
2. in establishing test/etc. .scrt file, enter:.
Username: Password. .
Case study: rsynctest: testrsync.
Modify file attribute is 600 (million note). .
3. start rsync service: rsync--daemon (rsync run on TCP port 873, you can use the netstat-an | grep LISTEN to see).
4, the B host (rsync client machine) to create / etc / test file, the contents of the A master password, example:. .
testsync。.
5, set up the script with crontab, eg: 0 21 * * 1-5 rsync-vzrtp - progress - delete - password-file = / etc / test rsynctest @ 192. .168. .1. .10:: Test / home / rsynctest. .
Rsync parameters: v is verbose, z is compressed, r is recursive, tp is to keep the original file, in the case of a home, property.
Parameters. - Progress is shown in detail the progress of the case, - delete means delete if the file server, then the client to delete the files accordingly to maintain the real line. - Password-file = / etc / test to specify the password file, so you can script manipulation to. .
Used without password interactively input validation, here it is important to note that this password file permissions property to set only the owner can read (600).
rsynctest @ 192. .168. .1. .10 In, rsynctest is the password file in the specified user name, 192. .168. .1. A .10 is the host IP address:: test is the module name [test], which is in the / etc / rsyncd. . Conf custom name. Final / home / rsynctest is a backup to the local directory name. .
(You can also use the-e ssh parameters to establish an encrypted connection, and then in a trusted host and scp approaches next door).
(In the above instances rsynctest not real user, you can define according to their need to texts, and this is one of the major benefits of using rsync). .
Characteristics: rsync.
Features are:. .
1, can be mirrored to save an entire directory tree and file system.
2, can be very easy to keep the original file permissions, time, hard and soft links and so on. .
3, can be installed without special permission.
4, optimization of processes, file transfer and high efficiency. .
5, you can use the rcp, ssh, and other ways to transfer files, of course, you can direct socket connection.
6, support for anonymous transfers. .
Rsync features are still very powerful, in-depth glance can go to the official website to learn more.
These are my time in learning linux to record something in a notebook, we want to be useful! . .
[B:935c86ad7b] 1 [/b: 935c86ad7b]. to change the telnet login problem: slower.
cd / etc. .
vi resolv。.conf 。.
Empty the contents inside. .
[B:935c86ad7b] 2 [/b: 935c86ad7b].. change the root user cannot directly remote login problem:.
cd / etc. .
cd pam。.d 。.
vi login. .
Comment out this line.
# Auth required pam_securetty. . So / / comment out the line. .
[b:935c86ad7b]3。. [/B: 935c86ad7b], hooks USB mobile hard drive.
Mobile hard drive mount. .
# Df to see Linux hard disk letter.
mount / dev/sda1 / mnt / usb (for example). .
[b:935c86ad7b]4。. [/b:935c86ad7b] Linux time zone synchronization issues (install ntp software process).
First of all, in http://www. . Meinberg. .de / english / sw / index. . Htm. .
Download a windows NTP service program: ntp4171. .zip.
windows 192. .168. .1. .32. .
1. installation is to prompt settings for the server address, I set the widows of native IP of the machine.
2. . Ntpd's control:. .
Control Panel-Administrative Tools-> > component services-NetworkTimeProtocol.
3. . You can start the ntpd daemon to maintain time synchronization. .
4. in the C:\WINNT directory there is a configuration of the ntp ntp. .conf files.
Set to:. .
server 127。.127。.1。.0 prefer 。.
fudge 127. .127. .1. .0 Stratum 10. .
5. determine the ntp is working: ntpq-p.
linux and Windows simultaneously, I use RedHat 9. .0. .
Execute the command: ntpdate .168.192.. .32 .1.
You will find that your time has changed, and 192. .168. .1. .32 The same time. .
If you execute the command to appear about the error.
1. . Tip: 7 Dec 19:24:55 ntpdate [2120]: the NTP socket is in use, exiting. .
This is your linux machine already exists in this process, enter: ps-ef | grep ntpd.
Kill off ntp process. .
2. Tip: No Server suitable for synchronization found.
This is the most prone to problems, more common is to configure your server and start the server process, immediately. .
Starting the client process, so customers will complain. The solution is, in about 3-5 minutes to start a process on the line.
I think every 10 minutes and the Windows Time service synchronization. .
1. create your own a crontab file, just create a file, the first date. .cron can use any text.
Editor, create a new file, and then write to them to run the command and the time to regularly. .
Vi. adding the following .cron date to run the command and the time you want to perform on a regular basis.
* / 10 * * * * / usr / sbin / ntpdate 192. .168. .1. .32. .
And then filed in the exit.
2. . Using the crontab command to install this file, making the user's crontab file. Type:. .
crontab date。.cron 。.
This file has been created for you. .
3. use the command:.
crontab-l (see the arrangements operating sequence) can be seen just work. .
如: 。.
[Root @ NXD-TEST root] # crontab-l. .
# DO NOT EDIT THIS FILE - edit the master and reinstall。.
# (Date.. Cron installed on Tue Dec 7 18:22:42 2004). .
# (Cron version -- $Id: crontab。.c,v 2。.13 1994/01/17 03:20:37 vixie Exp $) 。.
* / 10 * * * * / usr / sbin / ntpdate 192. .168. .1. .32. .
OK, now every 10 minutes and the service-side Linux just synchronized once.
[B: 935c86ad7b] 5. . [/ B: 935c86ad7b] Change Linux startup with a graphical interface or the character interface. .
cd /etc 。.
vi inittab. .
The id: 5: initdefault: 5 represents the default graphical interface.
Change id: 3: initdefault: 3, said character interface. .
[b:935c86ad7b]6。. [/B: 935c86ad7b] restart xinetd).
/ Etc / init. .d / xinetd restart. .
[b:935c86ad7b]7。. [/B: 935c86ad7b] restart smb services.
/ Etc / init. .d / smb restart. .
[b:935c86ad7b]8。. [/B: 935c86ad7b] Configuring smb can be used by IP.
cd / etc / samba. .
Vi smb。.conf 。.
Find hosts allow = 192. .168. .1. . 192. .168. .2. . 127. .
Modify it as what machines are used between IP, note, separated by commas.
For example:. .
hosts allow =192。.168。.1。.110,192。.168。.1。.120 。.
[B: 935c86ad7b] 9. . [/ B: 935c86ad7b] against the background using CTRL-ALT-DELETE rebooting the machine. .
cd /etc/inittab 。.
vi inittab file found in the following line. .
# Trap CTRL-ALT-DELETE 。.
ca:: ctrlaltdel: / sbin / shutdown-t3-r now (comment out this line). .
Example: # CTRL-ALT-DELETE Trap.
# Ca:: ctrlaltdel: / sbin / shutdown-t3-r now. .
[b:935c86ad7b]10。. [/B: 935c86ad7b], modifying the host name.
vi / etc / sysconfig / network. .
To modify the behavior of the HOSTNAME = HOSTNAME a host name.
[B: 935c86ad7b] 11 [/ b: 935c86ad7b]. . To re-start the FTP service. .
/sbin/service vsftpd restart 。.
[B: 935c86ad7b] 12. . [/ B: 935c86ad7b] See the Power test hardware. .
dmesg | more 。.
[B: 935c86ad7b] 13. . [/ B: 935c86ad7b] see hard use. .
df –m 。.
[B: 935c86ad7b] 14. . [/ B: 935c86ad7b] view directory size. .
du –sh dirname 。.
[B: 935c86ad7b] 15. . [/ B: 935c86ad7b] extracting a souvenir. .
tar xvfj lichuanhua。.tar。.bz2 。.
tar xvfz lichuanhua. . Tar. . Gz. .
tar xvfz lichuanhua。.tgz 。.
tar xvf lichuanhua. . Tar. .
unzip lichuanhua。.zip 。.
gz. .
1: decompress. gunzip FileName .gz.
Extract 2: gzip-d FileName. . Gz. .
FileName: gzip compression.
tar. . Gz. .
Extract the tar zxvf:. .tar .gz FileName...
Compression: tar zcvf FileName. . Tar. . Gz DirName. .
--------------------------------------------- 。.
bz2. .
1: decompress bzip2-d FileName. .bz2.
Extract 2: bunzip2 FileName. . Bz2. .
Compression: bzip2-z FileName.
tar. . Bz2. .
Extract the tar jxvf:. .tar .bz2 FileName...
Compression: tar jcvf FileName. . Tar. . Bz2 DirName. .
--------------------------------------------- 。.
bz. .
1: decompress bzip2-d FileName. .bz.
Extract 2: bunzip2 FileName. . Bz. .
Compression: unknown.
tar. . Bz. .
Extract the tar jxvf FileName:. .tar. .bz.
Compression: Unknown. .
--------------------------------------------- 。.
Z. .
Extract: uncompress .Z. FileName.
Compression: compress FileName. .
tar。.Z 。.
Extract: tar Zxvf FileName. . Tar. . Z. .
Compression: tar Zcvf .Z .tar. FileName. DirName.
---------------------------------------------. .
tgz 。.
Extract: tar zxvf FileName. . Tgz. .
Compression: unknown.
tar. . Tgz. .
Extract the tar zxvf FileName:. .tar. .tgz.
Compression: tar zcvf FileName. . Tar. . Tgz FileName. .
--------------------------------------------- 。.
zip. .
Unzip unzip .zip FileName:.. ".
Compression: zip FileName. . Zip DirName. .
--------------------------------------------- 。.
rar. .
Extract: a rar .rar. FileName.
Compression: rar e FileName. . Rar. .
Rar please go to: http://www. .com/download .rarsoft..!.. .htm
Please rar_static after extracting copy / usr / bin directory (the other by the $ PATH environment variable specifies the directory can be):. .
[root@www2 tmp]# cp rar_static /usr/bin/rar 。.
---------------------------------------------. .
lha 。.
Unzip: lha-e FileName. . Lha. .
Compression: lha-a FileName FileName. .lha.
lha go to: http://www. . Infor. . Kanazawa-it. . Ac. . Jp / ~ ishii / lhaunix / download! . .
After extraction, copied the lha/usr/bin directory (the other $ PATH environment variable to the specified directory or can):.
[Root @ www2 tmp] # cp lha / usr / bin /. .
--------------------------------------------- 。.
tar. . Tgz. . Tar. . Gz. . Tar. . Z. . Tar. . Bz. . Tar. . Bz2. . Zip. . Cpio. . Rpm. . Deb. . Slp. . Arj. . Rar. . Ace. . Lha. . Lzh. . Lzx. . Lzs. . Arc. . Sda. . Sfx. . Lnx. . Zoo. . Cab. . Kar. . Cpt. . Pit. . Sit. . Sea. .
Extract: sEx x FileName. *.
Compression: sEx a FileName. .* FileName. .
[b:935c86ad7b]16。. [/B: 935c86ad7b] show memory usage.
free-m. .
[B] 17. forget the root password.
1. . Lilo. .
1. Lilo menu appears when you press "ctrl + x" or "Tab, and then enter: linux single.
Or CD-ROM. .
At the prompt type lilo: linux single.
Screen display lilo: linux single. .
2. Return to go directly to the linux command line.
3. . # Vi / etc / shadow. .
The first row, that is, to the line beginning with the root root: next: after and before deletion of the content.
First line is similar. .
root::。.
Save. .
4. # Reboot restart, the root password is blank.
2. . Grub. .
1. when a grub, use the up or down key to start Linux, press the e key.
2. . Up and down keys to select the kernel / boot / ... ... ... and then press the e key. .
3. change seeing commands, to join the single results:.
kernel / boot/vmlinuz-2. .4. .20-8 Single ro root = LABEL =. .
4. carriage returns, according to the b key to start, go directly to the linux command line.
Direct execution: passwd root. .
Modify your password, your password will get.
5. . You can also modify / etc / shadow in. .
The first row, that is, to the line beginning with the root root: next: after and before deletion of the content.
First line is similar. .
root::。.
Save. .
Reboot to restart, the root password is blank.
18. . Display system running long. .
uptime 。.
19. . To re-start the network. .
/etc/init。.d/network restart 。.
20. . Display the contents of the boot self-test command. .
dmesg 。.
21. . View port. .
netstat –an 。.
netstat-anp. .
22. a detailed list of the port.
/ Etc / services. .
23. view the physical information.
lspci. .
24. install graphical interface cannot appear, use the resolve to install.
Linux lowres (using a 640X480 resolution). .
25. shield of the ping command, the host was unable to ping your computer.
echo 1> / proc/sys/net/ipv4/icmp_echo_ignore_all. .
26. to completely remove an Oracle installation procedure, delete the following directories.
/ Etc / oraInst. . Loc / tmp /. .
27.Linux启动到文字界面(不启动Xwindows界面)
vi /etc/inittab在下面一行
id:5:initdefault: 一行中的5改为3
启动Xwindows 是5
文字截面是 3
28.RPM包
1.卸载 RPM –e
2.查询 rpm –q
-a 查询所有已安装的软件包
-f 查询包含文件>
-I display package information. .
-L display the package's file list.
3. . Verify rpm-v. .
Rpm-Va verifies whole file which files are missing.
Encountered did not know the file using the. .
rpm –qf 。.
4. . A rpm package installed gone (already installed package). .
Rpm-qi package name (here do not include suffixes software .rpm. name, meaning you can only use mysql or .23 mysql-3.. .54a instead mysql-3. .23. .54a. .rpm).
5. . A rpm package which contains files. .
A package is not installed too: use rpm-qip ***. .rpm.
An already installed packages: Use rpm-qi ***. . Rpm. .
29. see the character set is already installed.
locale-a. .
30. Stresses the package tcpdump command.
Example: 192 arrested. .168. .1. .32 Host all incoming and outgoing packets. .
tcpdump host 192。.168。.1。.32 。.
Intercepted a specific port. .
tcpdump tcp port 21 host 192。.168。.1。.32 。.
31. . Text section of the Chinese language support. .
RH 9. .0 comes with installation package zhcon_0. .rh9 .3_1 .2... .i386. .rpm.
After installation, implementation: zhcon can support Chinese. .
32. see what programs are running the port.
lsof-i: 8001. .
33. see real-time log.
tail-f / var / log / messages. .
34. when mount death phenomenon.
1. . Fuser-m / mnt / share to identify the program's process, then Kill off. .
2. then umount/mnt/share.
35. . Linux control windows. .
1. use .0 his band RH9. rdesktop, version 1.2. .0.
Command: rdesktop-u user-f 192. .168. .1. .70 The default is 8-bit color. .
2 to 16 colors, you must download the new version 1. .3. .0.
rdesktop-a 16-u lichuanhua-g 800 * 600 192. .168. .1. .70. .
36. Linux mount Windows partition.
mount ntfs partition. .
1. single hung windows NTFS partition.
1. . On the www. . Google. . Com search and download the kernel-ntfs-2. .4. .18-14. . I686. . Rpm. .
2. rpm -ivh kernel-ntfs-2。.4。.18-14。.i686。.rpm 。.
3. . Mkdir / mnt / share. .
4. mount -t ntfs /dev/hda1 /mnt/share 。.
To mount Windows partition, first create a directory / mnt / share, modify / etc / fstab, add the most at the end (assuming Windows is installed on the hard disk partition the first one). .
/dev/hda1 /mnt/share ntfs defaults 0 0 。.
2. . Network a windows and linux machines, linux machines to share files on mounted windows. .
windows IP:192。.168。.1。.1 。.
1. . Linux mount 192. .168. .1. .1 (Windows) on a shared file dbf, hung in linux the / mnt / share directory in / mnt established under the share directory. .
mount -t smbfs -o username=massky,password=massky //192。.168。.
1. .1/dbf / Mnt / share. .
2. the machine, restarting automount/etc/fstab finally joined: vi.
/ / 192. .168. .1. .1/dbf / Mnt / share smbfs defaults, auto, username = m. .
assky,password=massky 0 0 。.
37. . Oracle9i in Linux9. .0 On the installation. .
1. ensure that the RPM package, use the following command to view the package has been installed.
rpm-q gcc cpp compat-libstdc + + glibc-devel glibc-kernheaders binutils. .
2.-decompress.
zcat Linux9i_Disk1. . Cpio. . Gz | cpio-idmv. .
zcat Linux9i_Disk2。.cpio。.gz | cpio -idmv 。.
zcat Linux9i_Disk3. . Cpio. . Gz | cpio-idmv. .
3. set kernel parameters.
vi / etc / sysctl. . Conf, add the following parameters. .
Kernel. .shmmax = 4294967295 512M memory.
Calculated as: kernel: shmmax = 1024 * 1024 * RAM (M) / 2. .
Execute sysctl-p..
4. . To establish the data directory and user. .
groupadd dba 。.
groupadd oinstall. .
useradd –g oinstall –G dba oracle 。.
passwd oracle. .
mkdir /opt/oracle 。.
mkdir / opt / oracle / product. .
mkdir /opt/oracle/product/9。.2。.0 。.
chown-R oracle. . Oinstall / opt / oracle. .
mkdir /var/opt/oracle 。.
chown oracle. . Dba / var / opt / oracle. .
chmod 755 /var/opt/oracle 。.
5. . Vi. . Bash_profile to set the variable. .
export LD_ASSUME_KERNEL=2。.4。.1 。.
export ORACLE_BASE = / opt / oracle. .
export ORACLE_HOME=/opt/oracle/product/9。.2。.0 。.
export ORACLE_SID = ora9i. .
export ORACLE_TERM=xterm 。.
export TNS_ADMIN = $ ORACLE_HOME / network / admin. .
export NLS_LANG=AMERICAN_AMERICA。.ZHS16GBK 。.
export ORA_NLS33 = $ ORACLE_HOME / ocommon / nls / admin / data. .
LD_LIBRARY_PATH=$ORACLE_HOME/lib:/lib:/usr/lib 。.
LD_LIBRARY_PATH = $ LD_LIBRARY_PATH: / usr / local / lib. .
export LD_LIBRARY_PATH 。.
export PATH = $ PATH: $ ORACLE_HOME / bin. .
CLASSPATH=$ORACLE_HOME/JRE:$ORACLE_HOME/jlib:$ORACLE_HOME/rdbms/jlib 。.
CLASSPATH = $ CLASSPATH: $ ORACLE_HOME / network / jlib. .
export CLASSPATH 。.
38. . Card activation and stop. .
Root;..
ifconfig eth0 down to stop. .
Ifconfig eth0 up startup.
40. . Linux installation configuration under the cvs. .
1. install the CVS package.
2. . Groupadd cvs. .
3。.useradd -g cvs cvsroot 。.
4. . Chmod 777-R / home / cvsroot. .
5。.cd /etc 。.
6. . Vi profile. .
Add the following two lines:.
CVSROOT = / home / cvsroot export CVSROOT. .
CVSEDIT=vi export CVSEDIT 。.
7. . See / etc / services file cvspserver state where the comment line (with put the notes removed). .
8. Enter/etc/xinetd. .d, vi cvspserver the file does not exist, which reads as follows:.
service cvspserver. .
{ 。.
disable = no. .
socket_type =stream 。.
wait = no. .
user =root 。.
env = HOME =. .
server =/usr/bin/cvs 。.
server_args =-- allow-root = / home / cvsroot pserver. .
log_on_failure +=USERID 。.
). .
9. .vi/etc/xinetd. .conf follows, each time you start the service: Auto.
service cvspserver. .
{ 。.
port = 2401. .
socket_type = stream 。.
wait = no. .
user = root 。.
server = / usr / bin / cvs. .
server_args = -f --allow-root=/home/cvsroot pserver 。.
bind = 168. .168. .1. .110. .
} 。.
Cvsroot for user log back on. .
10。./etc/init。.d/xinetd restart 。.
11. . Cvs init (initialize: CVS repository initialization). .
12. .cvs-d: pserver: cvsroot @ 192. .1 .110 .168..:/home/cvsroot login (user login) does not have any tips on successfully.
13. . First import library, assuming the project name LinuxISQuote. .
Steps:.
1, into the LinuxISQuote. .
2. a project for the first time, the import.
cvs import LinuxISQuote lch V_0_0_1. .
At this point to the $ CVSROOT directory, you can see many a LinuxISQuote directory..
41. Command an absolute path. .
If you are not an absolute path, you can enter.
(1) [root @ RedHat linux] # whereis adduser. .
adduser: /usr/sbin/adduser /usr/share/man/man8/adduser。.8。.gz 。.
So you can enter the / usr / sbin / adduser xxx. .
(2), or to join vi/etc/profile: PATH = $ PATH:/usr/sbin:. export PATH, 。.
Can directly enter the adduser. .
42. to modify the permissions of the user.
Change user permissions, you can change vi / etc / passwd. .
Example: I want to become the root user and lll, changed: lll: x: 508: 508::/home/lll:/bin/bash.
508 to change back and root for the same data back on it! . .
Read: lll: x: 508: 0::/home/lll:/bin/bash.
lll have root permissions on the. .
43. a modified grub starts a background picture.
1 will be an image into 640 * 480,14-color XPM file:. .
#convert abc。.jpg -colors 14 -geometry 640x480! abc。.xpm 。.
2 compression generated xpm file, use gzip. .
#gzip -9 abc。.xpm 。.
3 will be abc. . Xpm. . Gz copying it into / boot / grub under. .
4 modify/boot/grub/menu. .lst.
splashimage = (hd0, 0) / boot / grub / abc. . Xpm. . Gz. .
44.VNC for Linux installation.
1. . The first step in the linux install VNCserver. .
tar zxvf vnc-X。.tgz 。.
cd X. .
cp *vnc* /usr/local/bin/ 。.
Vnc directory is not on the construction of vnc directory. .
mkdir /usr/local/vnc 。.
cp-r classes / / usr / local / vnc /. .
2. set the access password vnc server.
vncpasswd. .
3. .linux Edition vnc server improvements.. first perform the vncserver.
Modify / root /. .vnc / xstartup in the twm $ for the gnome-session &. .
4. start the vnc server.
vncserver. .
Note the New ' X ' desktop is KILl: 3 remember 3 is a client to use port.
5. . Clients start vncviewer, enter: as 192. .168. .1. .110:3. .
OK, you see. Kazakhstan.
If you installed Windows client IE or NETSCAPE, can also start IE or netscape. .
Then enter in the address bar (1).
http://192. .168. .1. .64:5801. .
45. Change or close the Oracle XDB FTP and http port.
Oracle 9i started by default when creating a database that contains the XDB feature. Once started the database and the Listener, Oracle XDB's http service on port 8080 occupied, just, and JBoss, Tomcat, etc. The default port conflict. Therefore, there must be a change is made. Tomcat and so easy to change, but time do not know how to change XDB configuration. .
Search in Google and found the answer. The original Oracle XDB port settings in the configuration file, which is in the database. Modify XDB http and FTP service ports are 3:.
1. Log in using the sys Oracle, use dbms_xdb modify the port settings. .
SQL> -- Change the HTTP/WEBDAV port from 8080 to 8081 。.
SQL> call dbms_xdb. . Cfg_update (updateXML (..
2 dbms_xdb。.cfg_get() 。.
3, '/ xdbconfig / sysconfig / protocolconfig / httpconfig / http-port / text ()'. .
4, 8081)).
5 /. .
Call completed。.
SQL> - Change the FTP port from 2100 to 2111. .
SQL> call dbms_xdb。.cfg_update(updateXML( 。.
2 dbms_xdb. . Cfg_get (). .
3 , '/xdbconfig/sysconfig/protocolconfig/ftpconfig/ftp-port/text()' 。.
4, 2111)). .
5 / 。.
Call completed. .
SQL> COMMIT; 。.
Commit complete. .
SQL> EXEC dbms_xdb。.cfg_refresh; 。.
PL / SQL procedure successfully completed. .
2. Use OEM console, select the database, an XML Database, Configuration. Change the relevant settings. XDB.
3. Remove the database initialization parameters: dispatchers = '(PROTOCOL = TCP) (SERVICE = XDB)', will be closed to the http and ftp services XDB. .
46. .XML for linux installation.
I downloaded two files: libxml2-2. .6. .13. . Tar. . Gz and xml4c5_4_0-redhat_80-gcc_32. . Tar. . Gz. .
Join the environment:.
export XERCESCROOT = / home / lch / xml. .
export PATH=$PATH:/home/lch/xml/bin 。.
export XERCESC_NLS_HOME = $ XERCESCROOT / msg. .
export LD_LIBRARY_PATH=$XERCESCROOT/lib:$LD_LIBRARY_PATH (on Solaris, Linux) 。.
Into xml4c5_4_0-redhat_80-gcc_32. . Tar. . Gz unzip directory. .
runConfigure -plinux -cgcc -xg++ -rpthread 。.
/ Configure. .
gmake 。.
47. . Ace for linux installation. .
Due to the installation documentation "ACE-INSTALL. .html" mentioned in the linux installation process, it is intended primarily for Unix, Windows, manually configure more, plus I feel after installation. ".html" file ACE-INSTALL certain audio-visual, because major actions by the ACE installation script in the package. .sh AutoComplete ACE-install, we mainly work directly on the installation script to handle.
1, the installation environment:. .
lRedHat 9。.0 。.
ACE installation package ACE + TAO + CIAO. . Tar. . Gz,. .
Http://deuce. .wustl .edu .doc.../Download Latest Beta .html, "Kit, beta release is the latest version of ACE.
2, the installation process:. .
The first step.
First set ACE_ROOT environment, the command:. .
“vi /etc/profile” 。.
In which the addition of 4 lines. .
ACE_ROOT=/opt/ACE 。.
export ACE_ROOT. .
LD_LIBRARY_PATH=$ACE_ROOT/ace:$LD_LIBRARY_PATH 。.
export LD_LIBRARY_PATH. .
I was in the "export PATH USER ...." After. Finished/etc/profile executed once, command:.
"Chmod 555 / etc / profile". .
“/etc/profile” 。.
So that our ACE_ROOT to set up, and can use the following command to see ACE_ROOT is set up: the. .
“echo $ACE_ROOT” 。.
The best time to start a reboot linux. .
The second step.
Do not own manually ACE + TAO + CIAO. . Tar. . Gz package completely solved, with particular emphasis on not completely removed, the back can see the install script will give us solve it; if you manually unlock all of the installation script will be extracted to your directory removed! We need to do to just ACE + TAO + CIAO. . Tar. . Gz package in the ACE-install. . Sh install script out a separate solution, and its amendments. We can be as long as a file. .
Use mkdir build directory, such as/home/my/ACE, then your ACE + TAO + CIAO. .tar .gz. placed in this directory (use the CP command to copy or move the mv command to this directory). Note that this directory will be your one ACE + TAO + deposited CIAO. .tar .gz's directory,., the install script will come to this directory to find the file, the directory and ACE_ROOT is not the same, and also prompts .sh ACE-install. do not set both the directory set to the same directory. ACE_ROOT will be our installation target directory. .
From ACE + TAO + CIAO. extract the .tar. individual file .gz ACE-install. .sh:.
"Tar-zxvf ACE + TAO + CIAO.. Tar.. Gz ACE_wrappers / ACE-install.. Sh". .
Solutions, will come out a new subdirectory "ACE_wrappers." At this point you can move to .sh ACE-install. directory: outside.
"Mv / ACE_wrappers / ACE-install.. Sh..". .
“。.” Represent the current directory. Of course what ACE-install. .sh is insignificant in the path, because we want the .sh ACE-install. content be modified, there are many paths to modify. Well, now there is the/home/my/ACE ACE-install. .sh, we now use vi to modify it, you can modify the backup before your own. Command:.
"Cp ACE-install.. Sh ACE-install.. Sh.. Bak". .
“vi ACE-install。.sh” 。.
We can see that the default, this file is used to do under the UNIX installation. So we want the UNIX part of which can be replaced by linux. .
Locate the "MY_ACEDIR = $ {HOME}/aceconfig", replacing "MY_ACEDIR =/home/my/ACE" into our own building, where ACE + TAO + CIAO. .tar .gz files directory. ', after removing the previous comment "#" sign.
Then, in the following point, to find "MY_ACE_CONFIG = config-sunos5. .4-Sunc + + -4.. X.. H", be changed to "MY_ACE_CONFIG = config-linux.. H", which changed the configuration files under linux . Continue to change, to find "MY_ACE_GNU_MACROS = platform_sunos5_sunc + +..GNU ", replacing" MY_ACE_GNU_MACROS = platform_linux. .GNU. " This is a wide variety of operating systems platform under the GNU macro file settings.
Well, file modification is completed, save the exit ": wq". .
The third step.
Our focus to, you can now install the ACE. .
At this point should be at/home/my/ACE directory, we do:.
/ ACE-install. . Sh. .
48. Delete/etc/inittab.
Repair method is as follows! . .
1. first of all into Linux rescue mode!.
2. . And then use the following command:. .
rpm -qf --root /mnt/sysimage /etc/inittab 。.
Found the file belongs to which RPM package! . .
3. and then reinstall the RPM packages!.
rpm-ivh - force - root / mnt / sysimage / mnt / source / Redhat / RPMS / packagename. .
4. .sync (the cache contents are written to disk).
5. . Exit. .
49 open talk sessions in the background.
Open talk features: chkconfig talk on. .
Chat: talk massky (user).
50. . Not to display sleep. .
setterm –blank 0 。.
51. . Customize the information displayed when users log on. .
When logged in to edit/etc/motd joined the information to display.
52. . See routing information. .
netstat –rn 。.
route-n. .
54. display hardware info.
lsdev. .
55. Shows the currently loaded kernel modules.
lsmod. .
56. list the system kernel all available modules.
modprobe-l. .
57. According to the process, the process name is displayed.
pidof vsftpd. .
58. The content will be read out in reverse order.
rev file. . Name. .
59. custom user information that is displayed when you log in.
Edit / etc / motd to join login information to display. .
60. see password expiration information.
change-l longinname. .
61. the last user to log on to the system.
last. .
62. the last login unsuccessful login attempts (lastb command).
If the system does not work, you will need to create a file: touch / var / log / btmp, then you can view the implementation of lastb command to the last unsuccessful login attempts. .
63. in 3 seconds to perform an ls command.
watch-n 3 ls. .
64. command displays the current system for each user and he runs the process information.
w. .
65. .Oracle installation interface garbled situation.
Log in using the oracle user, execute the command:. .
export LANG=en 。.
66. . Non-normal shutdown of the automatic disk repair. .
Added a file/etc/sysconfig autofsck. join:.
AUTOFSCK_DEF_CHECK = yes. .
PROMPT=yes 。.
67. . Oracle9i in RedHat7. .1 / 7. .2 The installation configuration. .
1 create Oracle user account number and the installation directory.
Under the shell, as root. .
groupadd dba 。.
groupadd oinstall. .
useradd –g oinstall –G dba oracle 。.
passwd oracle. .
mkdir /opt/oracle 。.
mkdir / opt / oracle / product. .
mkdir /opt/oracle/product/9。.2。.0 。.
chown-R oracle. . Oinstall / opt / oracle. .
mkdir /var/opt/oracle 。.
chown oracle. . Dba / var / opt / oracle. .
chmod 755 /var/opt/oracle 。.
2 Set environment variables. .
Edit the .bash_profile file/home/oracle/., add the following line.
export ORACLE_BASE = / opt / oracle. .
export ORACLE_HOME=/opt/oracle/product/9。.2。.0 。.
export ORACLE_SID = lichuanhua. .
export ORACLE_TERM=xterm 。.
export NLS_LANG = AMERICAN_AMERICA. . ZHS16GBK. .
export NLS_DATE_FORMAT=YYYY-MM-DD 。.
export ORA_NLS33 = $ ORACLE_HOME / ocommon / nls / admin / data. .
LD_LIBRARY_PATH=$ORACLE_HOME/lib:/lib:/usr/lib 。.
export LD_LIBRARY_PATH. .
export PATH=$PATH:$ORACLE_HOME/bin 。.
CLASSPATH = $ ORACLE_HOME / JRE: $ ORACLE_HOME / jlib: $ ORACLE_HOME / rdbms / jlib. .
CLASSPATH=$CLASSPATH:$ORACLE_HOME/network/jlib 。.
export CLASSPATH. .
export DISPLAY=192。.168。.1。.88:0。.0 。.
68. . Compile the kernel steps. .
1. source/usr/src/linux-2. .4.
2. . Make mrproper (remove previous compile the kernel residue.. O files and unnecessary association). .
3. Make menuconfig (character interface to the kernel configuration menu correctly set up a kernel option).
make xconfig (graphical kernel configuration menu options are set correctly cores). .
4. Make dep (set the associated files).
5. . Make bzImage (for large cores, such as the need to compile SCSI support). .
Make zImage (for a small kernel compilation).
6. . Make modules (build the module). .
7. Make modules_install (Setup).
8. . Make install ((for grub start automatically loaded into the grub.. Conf, the direct re-start on OK)..
69. .VMWare linux graphical interface on the installed.
If you are using VMware, you can do. .
First of all in the vmWare VM-Install VMware tools > Select install.
In the implementation. .
1。.mount /dev/cdrom /mnt/cdrom 。.
2. . Cd / mnt / cdrom, there is a vmware-linux *. . Tar. . Gz. .
3。.cp vmware-linux*。.tar。.gz /tmp 。.
4. . Cd / tmp. .
5。.tar zxvf vmware-linux*。.tar。.gz 。.
6. . Into the extract directory cd vmware-tools-distrib. .
7. Enter the directory you unzipped after you run the Setup command./vmware-install. .pl on OK.
8. . Wait for the Vmware-insall run is complete, reboot Linux, we can see the beautiful Linux graphical interface. .
70. the character set issues .Oracle (ora9i).
sqlplus directly into the input commands:. .
select value$ from props$ where name=' NLS_CHARACTERSET'; 。.
Display is not ZHS16GBK, the change, the default is: WE8ISO8859p1. .
Change command:.
update props $ set value $ = 'ZHS16GBK' where name = 'NLS_CHARACTERSET';. .
Force reboot.
71. Query when a system has recently been guided too. .
who -b 。.
72. Check system hardware types. .
uname -m 。.
73. Check system CPU type. .
uname -p 。.
74. Inspection System OS version. .
uname -r 。.
75. . Qt / e installation. .
I'm in rh9. .0 following installation.
1. . Install qt-x11-free-3. .3. .2. . Tar. . Gz. .
1. I put the .2 .3 qt-x11-free-3... .tar .gz to/usr/local/qt. directory.
cd / usr / local / qt. .
tar zxvf qt-x11-free-3。.3。.2。.tar。.gz 。.
mv qt-x11-free-3. .3. .2 Qt. .
2. Vi/etc/profile, add environment.
export QTDIR = / usr / local / qt. .
export PATH=$QTDIR/bin:$PATH 。.
export MANPATH = $ QTDIR / doc / man: $ MANPATH. .
export LD_LIBRARY_PATH=$QTDIR/lib:$LD_LIBRARY_PATH 。.
3. . Check whether the environment there. .
#echo $QTDIR 。.
Should return / usr / local / qt. .
4。.#。./configure 。.
5. . # Make. .
6. startup,/usr/local/qt/bin .qt directory..
#. . / Designer. .
You can see the qt interface!.
If you make time error:. .
In file included from kernel/qtaddons_x11。.cpp:25: 。.
kernel/qt_x11_p. . H: 66:22: X11/Xlib. . H: No such file or directory. .
Kernel/qt_x11_p. h:71: 23: X11 til. the .h: no files or directories.
kernel/qt_x11_p. . H: 72:21: X11/Xos. . H: No such file or directory. .
Kernel/qt_x11_p. h:73: 23: X11/.h: Xatom. There is no file or directory.
make [2]: *** [. .obj/release-shared/qtaddons_x11. . O] Error 1. .
make[2]: Leaving directory `/usr/local/qt/src' 。.
make [1]: *** [sub-src] Error 2. .
make[1]: Leaving directory `/usr/local/qt' 。.
make: *** [init] Error 2. .
The question I get a half-day, the last to know.
This error is because the X11 development package is not installed, the add and remove add the X11 development package inside. .
2. install .2 .3 qt-embedded-free-3... .tar .gz. ".
1. . Unzip qt-embedded-free-3. .3. .2. . Tar. . Gz. .
I put in the/root/qt following.
# Tar zxvf qt-embedded-free-3. .3. .2. . Tar. . Gz. .
#cd qt-embedded-free-3。.3。.2 。.
# Export QTDIR = / root/qt/qt-embedded-free-3. .3. .2. .
#export LD_LIBRARY_PATH=/root/qt/qt-embedded-free-3。.3。.2/lib:$LD_LIBRARY_PATH 。.
#. . / Configure. .
# make 。.
Then there was a long process. .
76. Modify the TTL value of ping (rh9).
Modify the file / proc/sys/net/ipv4/ip_default_ttl value (default is 64). .
Example: I have to modify the ttl of 128.
# Echo 128> / proc/sys/net/ipv4/ip_default_ttl. .
77. the use of up to 23 virtual console.
Suppose there are six, modeled on the / etc / inittab kinds of files, adding. .
8:2345:respawn:/sbin/mingetty tty8 。.
10:2345: respawn: / sbin / mingetty tty10. .
24:2345:respawn:/sbin/mingetty tty24 。.
To skip VT7, because the X to use the terminal. Then telinit q to reload the configuration file. Use the left Alt + Fn to switch items in the 1-6 and 8-12, use the right Alt + Fn keys to switch between 13-24. .
78. .Xmanager2 configuration.
Do not use graphical interface can also use the graphical control Xmanager2 landing. .
#vi /etc/X11/xdm/xdm-config 。.
In the last line: DisplayManager. . RequestPort: 0 preceded by! No. comment out this line. .
#vi /etc/X11/xdm/Xservers 。.
In the last line:: 0 local / usr/X11R6/bin/X preceded by the # comment out this line. .
#vi /etc/X11/xdm/Xaccess 。.
Find # * # any host can get a login window. .
This row of the # removed, turned out to be:.
* # Any host can get a login window. .
Last run # xdm. This use of xmanager tools can connect Linux!.
If you use ssh remote login from windows to linux. .
SSH must open X forwarding options.
1. . Vi / etc / ssh / sshd_config in X11Forwarding for yes. .
2. .vi/etc/ssh/ssh_config is the ForwardX11 yes.
79 to change the console resolution (grub). .
vi /boot/grub/grub。.conf 。.
In kernel / vmlinuz-2. .4. .20-8smp ro root = LABEL = / line behind adding the parameter vga = 792 as. .
kernel /vmlinuz-2。.4。.20-8smp ro root=LABEL=/ vga=792 。.
Said last vga = 792 1024x768, 16 colors. .
Specific parameters are:.
depth 640x480 800x600 1024x768 1280x1024. .
8bit 769 771 773 775 。.
15bit 784 787 790 793. .
16bit 785 788 791 794 。.
24bit 786 789 792 795. .
Now select (); return the current time format to hh: ii: YYYY-MM-DD ssNOW () function is not very useful, but it can be used in expressions. As compared to the current date or other date difference. Note: If you call a function in a query, and the function name followed by parentheses no spaces are allowed in the middle of the insert into table_name values (value1, value2, value3,. ), (Value11, value21, value31 ,。.); from 3. .22. .5 Since MySQL version allows multiple values by specifying a list, using a single INSERT statement to insert a table in a few lines of this type than the number of INSERT statements should be less work, and the server implementation of more efficient manner.insert into tabl_name (col1,col2) vlalues (value1,value2);insert into tabl_name (col1,col2) vlalues (value1,value2),(value3,value4);insert into tabl_name set col1=value1,col2=value2。. Over these types of cases are allowed to the database and table names may be case-sensitive; this will depend on the host server using the file system. In the UNIX server running on the database name and table names are case-sensitive, because the UNIX file names are case-sensitive. Windows file names are not case sensitive, so the server running on Windows, the database name and table name does not distinguish between the date when the search can be <> to compare the 2005-01-02 data that was.select * from tabl_name where info_date <2005-1-1 and (sqle='ma' or sqle='ba');where 子句中的表达式可使用表1-1中的算术运算符、表1-2 的比较运算符和表1-3 的逻辑运算符。 and="" (sqle="ma" or="" sqle="ba" );where="" 子句中的表达式可使用表1-1中的算术运算符、表1-2="" 的比较运算符和表1-3=""> You can also use an expression, parentheses will be divided into several parts. You can use the constants, the scheduled and function to complete the operation. A null value.
NULL value is special; because it represents "no value." Impossible to assess the value of the same two known ways to assess it with the known values. In order to search for NULL values, you must use a special syntax. Can not use = or! = To test equal to NULL or not equal to NULL, instead of using the IS NULL or IS NOT NULL to test. MySQL3. .23 and the later versions have a special MySQL proprietary comparison operator "< =="">", even if it is NULL and NULL comparisons, it IS equivalent. For example: select * from tabl_name where not (sqle <=>NULL); and select * from tabl_name is not NULL where sqle; the same limitLIMIT can also be removed from the query results. To do this, you must specify two values. The first value is the result of want to see the first record (the first result record is numbered 0, not 1). The second value is to see the number of records. Such as select * from tabl_name limit 10,5; be in accordance with a formula to sort query results.For example, using ORDER BYRAND () and LIMIT, from the table in a random drawing to a record such as: select * from tabl_name order by rand () limit 1concat () select concat (' ", the province, city) as address, concat (info_date,", "the check_id) as info; this query to provinces and cities, in the middle of the interval by a space, will address name to form a single string, and date of birth and the check_id connected together, a comma in the interval, the formation of the information fields . .
Use expressions to calculate the value for the column, this expression is used as the column headings. If the expression is very long (as in the previous query sample), then there may be a very wide columns. In order to handle this situation, you can use AS the column name to rename the title structure. Such names as column aliases. This way you can make the above output more meaningful.
Date of operation used in the MySQL date to remember is that given in the first year of that date. July 27, 1999 that the "1999 - 07 - 27", not as usual, expressed as "07 - 27 - 1999" or "27 - 07 - 1999." mysql can be on the format for the 1999 - 07 - 27 dates, such as size comparison: select * from hy_users where 1 and '1998-01-02 '. .
生成汇总:MySQL所能做的最有用的事情是浓缩大量的原始数据行并对其进行汇总。汇总的一种简单的形式是确定在一组值中哪些值是唯一值。利用DISTINCT 关键字来删除结果中的重复行。例如,不重复的列出会员的注册地:select DISTINCT state from companys; 其他的汇总形式涉及计数,可利用COUNT( ) 函数。如果使用COUNT (*),它将给出查询所选择的行数。COUNT(*) 对选中的行进行计数。而COUNT(col_name) 只对非NULL 值进行计数select count(DISTINCT state) from companys;针对用于group by中的having句子,要纠正的是它没有提高查询效率的作用。但它是在查询结果已经选出后才应用的,用来缩减服务器实际送到客户机的结果。除了COUNT( ) 外还有许多汇总函数。MIN( )、MAX( )、SUM( ) 和AVG( ) 函数在确定列的最大、最小、总数和平均值时都非常有用,甚至可以同时使用它们。如:select event_id MIN(score) as minmum,MAX(score) as maximum,MAX(score)-MIN(score)+1 as range,SUM(score) as total,AVG(score) as average from score Group by event_id 从多个表中检索信息在从多个表中选择信息时,需要执行一种称为连接(join)的操作。这是因为需要将一个表中的信息与其他表中的信息相连接来得出查询结果。即通过协调各表中的值来完成这项工作 原文地址:http://www.ddvip.net/database/mysql/index1/4.htm 某驼续貂:本篇文章是从上面那个连接地址里面总结归纳出来的.某驼对原文的实在作者佩服的五体投地,里面介绍的技巧都是非常实用和省力的,某驼看了大有相见恨晚之感觉.可惜原文太长了,边看边理解边关联,一天下来驼驼有点吐血了.归纳到这里,还差联合查询和group by这部分不完全了,某驼歇会儿先.换换感觉在回来接着总结.
一直想写一片关于VPN配置方面的文章,由于时间等等很多问题,一直没有落实,现在终于和大家见面了,由于本人知识有限也并非专业从事这方面工作的,难免有错误,望指正,共同提高。
自从认识VPN以来,一直在找寻一个容易配置、功能强大、支持多系统的VPN程序,由于一直没有找到合适的软件,Linux下的FreeSWAN、OpenBSD FreeBSD下的IPSec、Windows下的PPTP都试了试,始终不能满足自己的要求,直到OpenVPN的出现。
关于各种VPN软件或者硬件的优缺点,在这里我就不再叙述了,因为这个掺杂着很多人为的因素在里边(萝卜好吃还是青菜好吃?),一个软件:稳定、符合自己的要求、自己用的习惯就是一个好软件。
对于OpenVPN,在CU的VPN版面也有过很多的讨论,其中也不乏精华的文章,但是都是使用Static key验证的,从字面上就可以看出来Static key使用的就是预先生成的key对数据进行加密和解密,也就是常说的对称试加密,加密和解密双方必须预先知道加密的Key。本文讨论的是基于TLS加密方式,使用CA验证VPN Client的身份,OpenVPN使用TLS加密是通过使用公开密钥(非对称密钥,加密解密使用不同的key,一个称为Public key,另一个是Private key)对数据进行加密的,对于TLS传输的工作原理,大家可以去Google一下,资料一大堆。对于OpenVPN使用TLS mode,首先Server和Client要有相同CA签发的证书,双方通过交换证书验证双方的合法性以决定是否建立VPN连接,然后使用对方CA把自己目前使用的数据加密方法(类似于密钥)加密后发送给对方,由于使用对方CA加密的,所以只有对方CA对应的Private key才能解密该字串,保证了此密钥的安全性,并且此密钥定期改变,对于窃听者来说,可能还没有破解出密钥,通信双方已经更换密钥了。
我个人对OpenVPN的感觉(或者说是我使用OpenVPN的理由),NAT穿透力特强,支持HTTP代理,对动态地址支持很好,可配置性强,配置安全,开源便于二次开发...其他没有想好:)。
关于OpenVPN的相关内容可以在http://openvpn.net上找到。
下面开始正式讨论OpenVPN的安装和配置方法,本文是在Fedora Core 2环境下配置的,由于机器在网络中不是在网关的位置,所以使用NAT方式来访问内网,否则还涉及到配置网络设备的路由。假设我的VPN Server有2块网卡,eth0对外,IP:61.1.1.2 eth1对内,IP:192.168.1.2,内网地址:192.168.0.0/16
本文除配置文件中行首的"#"是注释外,其他行首的"#"都是提示符,如果在非配置文件一行中第二次出现"#"说明后面的是注释,书写命令时可以省略。
获取并安装Openvpn:
首先检查系统是否安装lzo实时压缩工具
$rpm -qa | grep lzo
如果没有安装可以在http://www.oberhumer.com/opensource/lzo/找到并安装,安装方法详见压缩包中的INSTALL文件,当然也可以用rpm包安装,记住一定要安装lzo-devel开头的那个包,因为OpenVPN需要使用lzo的头文件。
$wget http://mesh.dl.sourceforge.net/sourceforge/openvpn/openvpn-2.0_rc16.tar.gz
$tar -zxvf openvpn-2.0_rc16.tar.gz
$cd openvpn-2.0_rc16
$./configure
$make
$su
#make install
按照INSTALL文件中的说明,做如下操作:
#mknod /dev/net/tun c 10 200 #创建一个tun设备
#echo "alias char-major-10-200 tun" >;>; /etc/modprobe.conf
#echo 1 >; /proc/sys/net/ipv4/ip_forward #打开系统的转发功能
接下来就生成服务器客户端需要使用的keys了,为了方便,我们使用OpenVPN包自带的脚本生成。
#mkdir /etc/openvpn
#cp -r easy-rsa /etc/openvpn #切换到OpenVPN源代码目录执行
修改vars 文件
-------------CUT Here-------------
# easy-rsa parameter settings
# NOTE: If you installed from an RPM,
# don't edit this file in place in
# /usr/share/openvpn/easy-rsa --
# instead, you should copy the whole
# easy-rsa directory to another location
# (such as /etc/openvpn) so that your
# edits will not be wiped out by a future
# OpenVPN package upgrade.
# This variable should point to
# the top level of the easy-rsa
# tree.
export D=`pwd`
# This variable should point to
# the openssl.cnf file included
# with easy-rsa.
export KEY_CONFIG=$D/openssl.cnf
# Edit this variable to point to
# your soon-to-be-created key
# directory.
#
# WARNING: clean-all will do
# a rm -rf on this directory
# so make sure you define
# it correctly!
export KEY_DIR=$D/keys
# Issue rm -rf warning
echo NOTE: when you run ./clean-all, I will be doing a rm -rf on $KEY_DIR
# Increase this to 2048 if you
# are paranoid. This will slow
# down TLS negotiation performance
# as well as the one-time DH parms
# generation process.
export KEY_SIZE=1024
# These are the default values for fields
# which will be placed in the certificate.
# Don't leave any of these fields blank.
# 定义你所在的国家,2个字符
export KEY_COUNTRY=CN
# 你所在的省份
export KEY_PROVINCE=Liaoning
# 你所在的城市
export KEY_CITY=Shenyang
# 你所在的组织
export KEY_ORG="ELM OpenVPN ORG"
# 你的单位
export KEY_OU="OpenVPN Service"
# 你的邮件地址
export KEY_EMAIL="elm@elm.freetcp.com"
-------------CUT Here-----------------
修改后保存,下面我们开始什成keys,以下为shell命令 "#" 为提示符
#. vars #使修改的变量生效
NOTE: when you run ./clean-all, I will be doing a rm -rf on /etc/openvpn/easy-rsa/keys
#./clean-all #初始化keys目录,创建所需要的文件和目录
#./build-ca #什成Root CA证书,用于签发Server和Client证书,请保护好keys/ca.key文件。
Generating a 1024 bit RSA private key
........................++++++
.............++++++
writing new private key to 'ca.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [CN]: #如果无需修改,直接回车
State or Province Name (full name) [Liaoning]:
Locality Name (eg, city) [Shenyang]:
Organization Name (eg, company) [ELM OpenVPN ORG]:
Organizational Unit Name (eg, section) [OpenVPN Service]:
Common Name (eg, your name or your server's hostname) []:OpenVPN Root CA
Email Address [elm@elm.freetcp.com]:
# ls keys
ca.crt ca.key index.txt serial
我们可以看到ca.crt ca.key文件已经什成了。
下面我们为服务器生成 Diffie-Hellman 文件
# ./build-dh #TLS server 需要使用的一个文件
Generating DH parameters, 1024 bit long safe prime, generator 2
This is going to take a long time
..+..............................................................+....................................................................+....+........+.........+....................................................+.+..................................................................................................................................................................+.......................................+.................................+.............+.................................................................................+.......................................................+.............................++*++*++*
创建并签发VPN Server使用的CA
# ./build-key-server server # server 为创建后的文件名,分别为server.crt server.key
Generating a 1024 bit RSA private key
......................++++++
...............++++++
writing new private key to 'server.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [CN]:
State or Province Name (full name) [Liaoning]:
Locality Name (eg, city) [Shenyang]:
Organization Name (eg, company) [ELM OpenVPN ORG]:
Organizational Unit Name (eg, section) [OpenVPN Service]:
Common Name (eg, your name or your server's hostname) []:Server No.1
Email Address [elm@elm.freetcp.com]:
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
Using configuration from /etc/openvpn/easy-rsa/openssl.cnf
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
countryName 
RINTABLE:'CN'。.
stateOrProvinceName. .
RINTABLE:'Liaoning'。.
localityName. .
RINTABLE:'Shenyang'。.
organizationName. .
RINTABLE:'ELM OpenVPN ORG'。.
organizationalUnitName. .
RINTABLE:'OpenVPN Service'。.
commonName. .
RINTABLE:'Server No。.1'。.
emailAddress: IA5STRING: 'elm @ elm. . Freetcp. . Com '. .
Certificate is to be certified until Feb 26 14:43:44 2015 GMT (3650 days)。.
Sign the certificate? [Y / n]: y. .
1 out of 1 certificate requests certified, commit? [y/n]y。.
Write out database with 1 new entries. .
Data Base Updated。.
Next issue CA certificates for the VPN Client, if the future for other Client certificates, direct use of build-key command issued a new certificate. .
# 。./build-key elm。.
Generating a 1024 bit RSA private key. .
++++++。.
++++++。 .
writing new private key to 'elm。.key'。.
-----。 .
You are about to be asked to enter information that will be incorporated。.
into your certificate request. .
What you are about to enter is what is called a Distinguished Name or a DN。.
There are quite a few fields but you can leave some blank. .
For some fields there will be a default value,。.
If you enter '. . ', The field will be left blank. .
-----。.
Country Name (2 letter code) [CN]:. .
State or Province Name (full name) [Liaoning]:。.
Locality Name (eg, city) [Shenyang]:. .
Organization Name (eg, company) [ELM OpenVPN ORG]:。.
Organizational Unit Name (eg, section) [OpenVPN Service]:. .
Common Name (eg, your name or your server hostname) []: # Common Name ELM is best not to pay attention to are the same, if the same [server to add duplicate-cn options], then the Email address cannot be the same.
Email Address [elm @ elm. . Freetcp. . Com]:. .
Please enter the following 'extra' attributes。.
to be sent with your certificate request. .
A challenge password []:。.
An optional company name []:. .
Using configuration from /etc/openvpn/easy-rsa/openssl。.cnf。.
Check that the request matches the signature. .
Signature ok。.
The Subject's Distinguished Name is as follows. .
countryName 。.
RINTABLE: 'CN'. .
stateOrProvinceName 。.
RINTABLE: 'Liaoning'. .
localityName 。.
RINTABLE: 'Shenyang'. .
organizationName 。.
RINTABLE: 'ELM OpenVPN ORG'. .
organizationalUnitName:PRINTABLE:'OpenVPN Service'。.
commonName: PRINTABLE: 'ELM'. .
emailAddress :IA5STRING:'elm@elm。.freetcp。.com'。.
Certificate is to be certified until Feb 26 14:45:36 2015 GMT (3650 days). .
Sign the certificate? [y/n]:y。.
1 out of 1 certificate requests certified, commit? [Y / n] y. .
Write out database with 1 new entries。.
Data Base Updated. .
To prevent malicious attacks (such as DOS, UDP port flooding), we generate a "firewall" HMAC.
# Openvpn - genkey - secret keys / ta. . Key. .
Generates a certificate revocation chain file to prevent future someone lost certificates, illegal user access VPN.
#. . / Make-crl vpncrl. . Pem. .
Using configuration from /etc/openvpn/easy-rsa/openssl。.cnf。.
So far, everything is ready, start to write the following configuration files, in order to reduce the length of the original notes were removed. .
Server using the server configuration file. .conf.
---------------- CUT Here -------------. .
# Affirms that this computer uses the IP address or not.
; Local a. . B. . C. . D. .
# Affirms that the use of the port, the default 1194.
port 1194. .
# Affirms that uses, by default using UDP, if you use an HTTP proxy, you must use the TCP protocol.
; Proto tcp. .
proto udp。.
# Declare the use of equipment optional tap and tun, tap is a two-story facilities to support the link layer protocol. .
# Tun is the IP layer of point-to-point protocol restrictions slightly more, I used to use the TAP device.
dev tap. .
;dev tun。.
# OpenVPN uses the ROOT CA, generated using the build-ca, used to validate the certificate if the customer is legitimate. .
ca ca。.crt。.
# Server to use the certificate file. .
cert server。.crt。.
# Server certificate using the corresponding key, pay attention to file permissions to prevent theft. .
key server。.key # This file should be kept secret。.
# CRL document stated that the suspension of the certificate chain, these certificates will be unable to log on. .
crl-verify vpncrl。.pem。.
# The above-mentioned documents generated Diffie-Hellman. .
dh dh1024。.pem。.
# This is a command of the collection, if you are old OpenVPN users know the origins of this command. .
# This command is equivalent to:.
# Mode server # OpenVPN work in Server mode, can support more dynamic access to client at the same time. .
# Tls-server # use TLS encryption for the transmission, end-to-Server, Client-side for tls-client.
#. .
#: # If dev tun tun device, if the use is equivalent to the following configuration.
# Ifconfig 10. .8. .0. .1 10. .8. .0. .2 # Set the local tun device address. .
# Ifconfig-pool 10. .8. .0.10. .8 .4. .0. OpenVPN uses .251 # description of address pool (for distribution to customers), namely the start address and end address.
# Route 10. .8. .0. .0 255. .255. .255. .0 # To add a static route, omit the next hop address, next hop address for the right side, here is: 10. .8. .0. .2. .
# If client-to-client: # If you use this option. client-to-client.
# Push "route 10. .8. .0. .0 255. .255. .255. .0" # This way by the sending to the client, client to connect automatically added after the success of routing table, omit the next hop address : 10. .8. .0. .1. .
# else。.
# Push "route 10. .8. .0. .1" # Otherwise, send this route, which is a host route, omit the subnet mask, and next hop address, namely: 255. .255. .255. 10 .255. .8. .0. .1. .
#。.
# If dev tap: # If you use a tap device, is equivalent to the following command. .
# Ifconfig 10. .0 .1 .8.. 255. .255. .255. .0 # tap device address configured.
# Ifconfig-pool 10. .8. .0. .2 10. .8. .0. .254 255. .255. .255. .0 # Client uses the address pool, were the starting address, ending address, the subnet mask. .
# Push "route-gateway 10. .8. .0 .1" # include. environment variable route-gateway passed to the client.
#. .
10. server. .0 .0 .8.255. .255. .255. .0 # is equivalent to the above command.
# Used to record the IP address of a Client access, similar to the dhcpd. . Lease documents. .
# Prevent openvpn reboot "forget" the Client has used the IP address.
ifconfig-pool-persist ipp. . Txt. .
# Bridge State similar to DHCPD configuration, assigning addresses to customers, as a result of this work in routing mode, so no use.
; Server-bridge 10. .8. .0. .4 255. .255. .255. .0 10. .8. .0. .50 10. .8. .0. .100. .
# VPN Server to the Client through the routing, client push pull push instruction for Server and application of all the options.
; Push "route 192. .168. .10. .0 255. .255. .255. .0". .
;push "route 192。.168。.20。.0 255。.255。.255。.0"。.
# VPN starts, the VPN Server on the increase in routing, VPN stopped automatically deleted. .
;route 10。.9。.0。.0 255。.255。.255。.252。.
# Run script or shell command cmd to validate client. .
#virtual addresses or routes。. Specific view manual.
; Learn-address. . / Script. .
# Other need to PUSH to the Client's option.
#. .
# Makes the Client's default gateway to point to the VPN, so that all Client Traffic is going through a VPN.
; Push "redirect-gateway". .
# DHCP options, see the Manual.
; Push "dhcp-option DNS 10. .8. .0. .1". .
;push "dhcp-option WINS 10。.8。.0。.1"。.
# If the VPN Client can access each other directly through the openvpn process forward,. .
# Do not send to tun or tap device after forwarding, optimizing Client to Client access efficiency.
client-to-client. .
# If the Client uses the Common Name of the CA is repeated, or that the customer uses the same CA.
# And keys to connect VPN, we must open the option, or only allow a person to connect VPN. .
;duplicate-cn。.
# NAT behind the use of VPN, VPN a long time if not communication, NAT Session may be invalid. .
# Lead the VPN connection is lost, to prevent such things from happening, keepalive provides a mechanism similar to the ping.
# The following every 10 seconds that the Control access through VPN ping each other, if the row can not ping through 120 seconds,. .
# Thinks the connection is lost, and restart the VPN reconnect.
# (For mode server mode openvpn does not reconnect). .
keepalive 10 120。.
# The above-mentioned HMAC firewall, to prevent DOS attacks, for all the control information, use the HMAC signature,. .
# No HMAC signature control information will not be processed, the numbers following the server-side must use 0, 1 client use.
tls-auth ta. . Key 0 # This file is secret. .
# Compressed, note the Server and Client agreement.
comp-lzo. .
# Define the maximum number of connections.
; Max-clients 100. .
# Define users running openvpn.
user nobody. .
group nobody。.
# Detected by keepalive timeout, restart the VPN, do not re-read the keys, to retain the first use of the keys. .
persist-key。.
# Detected by keepalive timeout, restart the VPN, has maintained tun or tap device is a linkup, the. .
# Otherwise network connection will first linkdown then linkup.
persist-tun. .
# Regularly put some status information, openvpn is written to a file so that you can write your own program, billing or other operations.
status openvpn-status. . Log. .
# Logging enabled, each time you restart after you delete the original openvpn log information.
log / var / log / openvpn. . Log. .
# And log, each restart after retaining the original's openvpn log information, new information is appended to the file last.
; Log-append openvpn. . Log. .
# Equivalent to debug level, view the manual.
verb 3. .
--------------Cut Here-----------------。.
The server. . Conf file to / etc / opennvpn directory, and under the use of easy-rsa scripts even as the key is copied to the / etc / openvpn directory, the command is as follows:. .
#cd /etc/openvpn。.
# Cp easy-rsa/keys/ca. . Crt. .
#cp easy-rsa/keys/server。.crt 。.
# Cp easy-rsa/keys/server. . Key. .
#cp easy-rsa/keys/dh1024。.pem 。.
# Cp easy-rsa/keys/ta. . Key. .
#cp easy-rsa/keys/vpncrl。.pem 。.
Creating OpenVPN startup script, can be found in the source code directory, in the sample-scripts directory openvpn. . Init file, copy it to / etc / init. . D / directory, renamed as openvpn. .
Then run:.
# Chkconfig - add openvpn. .
#chkconfig openvpn on。.
Immediately start openenvpn. .
#/etc/init。.d/openvpn start。.
Next, configure the client profile client. . Conf:. .
Linux or Unix with extension. use Windows .conf. .ovpn and require the use of keys are copied to the directory where the configuration file ca. .crt elm. ta .crt elm. .key. .key.
------------- Cut Here ---------------------. .
# Affirms that we are a client, server-side configuration from a pull over, such as IP address, routing information, such as the use of "Server push from the push instruction."
client. .
# Specify the interface type, Server strict and end-line.
dev tap. .
;dev tun。.
# Windows needs the TAP-Win32 adapter name. .
# from the Network Connections panel。.
# If you have more than one. . On XP SP2,. .
# you may need to disable the firewall。.
# For the TAP adapter. .
;dev-node MyTap。.
# Use the protocol, and Server strict agreement. .
;proto tcp。.
proto udp. .
# Set the Server's IP address and port, if you have multiple machines do load balancing, remote keyword can appear more than once.
remote 61. .1. .1. .2 1194. .
;remote my-server-2 1194。.
# Randomly select a Server connection, or in accordance with the order from top to bottom and then click Connect. .
;remote-random。.
# Always re-parsing Server's IP address (if the remote followed by the domain names),. .
# Assurance Server IP address is dynamic using DDNS, DNS dynamic update Client to automatically reconnect when resolving the IP address of the Server.
# So no need to restart your people, you can re-access VPN. .
resolv-retry infinite。.
# In the machine does not set any port state monitor incoming data, Client without this action, unless one to one VPN necessary. .
nobind。.
# Run openvpn user's identity, the old version need to win the next two lines commented out, the new version without this operation. .
user nobody。.
group nobody. .
# Increase in Client-side routing, making all access to the intranet of the traffic through the VPN is out.
# Of course, can also be inside the configuration file in the Server Settings, Server configuration inside to use the command is. .
# push "route 192。.168。.0。.0 255。.255。.255。.0"。.
route 192. .168. .0. .0 255. .255. .0. .0. .
# And Server configuration functions the same way if you use chroot or su functionality, it is best to open the following two options to prevent reboots keys file not found, or nobody user does not have permission to start the tun device.
persist-key. .
persist-tun。.
# If you use a HTTP proxy to connect VPN Server, the Proxy's IP address and port writes the following. .
# If the proxy requires authentication, use http-proxy server port [authfile] [auth-method].
# One authfile is a 2-line text file, the user name and password each line, auth-method can be omitted, detailed information view the Manual. .
;http-proxy-retry # retry on connection failures。.
; Http-proxy [proxy server] [proxy port #]. .
# For wireless devices to use the VPN configuration, see will understand.
# Wireless networks often produce a lot. .
# of duplicate packets。. Set this flag。.
# To silence duplicate packet warnings. .
;mute-replay-warnings。.
# Root CA file name, Server CA certificate used to verify the legitimacy generated by easy-rsa/build-ca ca. . Crt, and the Server Configuration in the ca. . Crt files with a. .
ca ca。.crt。.
# Easy-rsa/build-key generated key pair file, generate key part of the above mentioned, different clients use different keys to configure and modify the following two lines can use their keys. .
cert elm。.crt。.
key elm. . Key. .
# DAS Server use build-key-server script, in x509 v3 extensions joined ns-cert-type options.
# Prevent the VPN client to use their keys + DNS hack cheat vpn client to connect them to a fake VPN Server. .
# Because they did not have this extension, CA.
ns-cert-type server. .
# And consistent in the Server configuration, ta also inconsistent, .key. Note that the last parameter is 1.
tls-auth ta. . Key 1. .
# Compression options, Server strict and consistent.
comp-lzo. .
# Set log file verbosity。.
verb 4. .
--------------Cut Here---------------------。.
OpenVPN Client for Linux, the same way as the installation, but configuration files and keys on the different, as long as the client. . Conf ca. . Crt elm. . Crt elm. . Key ta. . Key copied to the / etc / openvpn directory to start the VPN. .
Under the install OpenVPN Win, WIN under the graphical interface of the program, download OpenVPN-GUI http://openvpn. .se.
Download and install, the default next step OK, installed after the emergence of a new tray icon, the client. . Ovpn ca. . Crt elm. . Crt elm. . Key ta. . Key files are copied to C: \ Program Files \ openvpn \ config directory, then right click connect on OK. .
For some use NAT LinuxServer:.
Forward must first open system, can adopt the following command. .
echo 1 >; /proc/sys/net/ipv4/ip_forward。.
Or use. .
sysctl -w net。.ipv4。.ip_forward=1。.
Or modify the / etc / sysctl. . Conf files, to increase. .
net。.ipv4。.ip_forward = 1。.
SNAT rule set, use the iptables command. .
iptables -t nat -A POSTROUTING -s 10。.8。.0。.0/24 -o eth1 -j SNAT --to-source 192。.168。.1。.2。.
OK, OpenVPN Client can access the internal network. .
Because this is the first time to write such a detailed document, there are many places to write more, there are a lot of things possible I think it is very easy to understand, but may not be from a beginner's point of view to consider the issue, but also hope their opinions, in order to improve, because I am not a professional engaged in research on VPN, this article will inevitably be inaccuracies, but also to correct me.
Many foreign software has Howto, but not OpenVPN Howto, hope that we can in this article + articles on other static key to form a not very comprehensive HOWTO. .
1. install.
# Wget http://jaist. . Dl. . Sourceforge. .net/sourceforge/awstats/awstats- ***. . Tgz. .
# tar zxvf awstats-***。.gz。.
# Cp-r awstats-*** / usr / local / awstats. .
# chown -R root:root /usr/local/awstats。.
# Chmod-R 755 / usr / local / awstats. .
# cd /usr/local/awstats/tools。.
# Perl awstats_configure. . Pl. .
The installation process will let you answer the following questions.
Do you want me to setup Apache to write 'combined' log files [y / N]? Y. .
Do you want me to build a new AWStats config/profile file (required if first install) [y/N] ? y。.
Your web site, virtual server or profile name:. .
> www。.test。.com。.
Directory path to store config file (s) (Enter for default):. .
> /usr/local/etc/awstats。.
Installation process will automatically httpd. . Conf file, add the following configuration information. .
Alias /awstatsclasses "/usr/local/awstats/wwwroot/classes/"。.
Alias / awstatscss "/ usr / local / awstats / wwwroot / css /". .
Alias /awstatsicons "/usr/local/awstats/wwwroot/icon/"。.
ScriptAlias / awstats / "/ usr / local / awstats / wwwroot / cgi-bin /". .
AllowOverride None. .
Order allow,deny。.
Allow from all. .
Modify the host configuration file (/usr/local/etc/awstats/awstats. .www. .test. .com. .conf), with an emphasis on checking the LogFile, LogType, LogFormat, SiteDomainin, HostAlias this several options.
For GNU / Linux on the statistics simply edit the Apache log: LogFile SiteDomain these two options. .
1. GNU/Linux LogFile="/var/log/httpd/access_log。.%YYYY-24%MM-24%DD-24"。.
This configuration means is 24 hours before the year, month, date, spell out the log file name;. .
2. SiteDomain="www。.test。.com"。.
Site name, default is empty, if empty, AWStats will refuse to run;. .
3. For statistics on how to modify IIS log one:.
LogFormat = 2. .
The default value is 1: Apache logs and 2 is the IIS log.
Create / usr / local / share / awstats directory for statistical data output. .
# mkdir -p /usr/local/share/awstats/http。.
Modify / usr / local / apache / conf / httpd. . Conf configuration file. .
Put.
CustomLog logs / access_log combined. .
Changed.
CustomLog / var / log / httpd / mylog. . Log combined. .
My profile in part as follows.
LogFile = "/ var / log / httpd / mylog.. Log". .
SiteDomain="www。.test。.com"。.
HostAliases = "test.. Com www.. Test.. Com 192. .168. .0. .3". .
DirData="/usr/local/share/awstats/http"。.
Other points to note. .
AWStats default SWF files are not filtered, the .swf is PageView., so if the main SWF file on the site is the best advertising or do you want to filter out.
2. . Log statistics. .
Statistics host log.
# Cd / usr / local / awstats / wwwroot / cgi-bin /. .
# perl awstats。.pl -config=www。.test。.com -update -lang=cn。.
You can generate a static page to view information. .
# perl awstats。.pl -config=www。.test。.com -output -staticlinks -lang=cn> awstats。.www。.test。.com。.html。.
Timing statistics host log. .
#update awstats。.
30 7 * * * / usr / local / awstats / wwwroot / cgi-bin / awstats. . Pl-config = www. . Test. . Com-update-lang = cn. .
Test.
http://192. .168. .0. .3/awstats/awstats. . Pl? Config = www. . Test. . Com. .
3. virtual host log statistics.
AWStats comes with a batch processing tool: tools / awstats_updateall. . Pl, can be mass to traverse a directory of all configured file and run statistics. Therefore the remaining work on the main problem is the synchronization log. .
For more than one site, many configuration options are repeated, if each of these configuration files are modified to maintain very troublesome, .4 from 5. AWStats version provides configuration file contains features, so we can configure a generic configuration, such as: .conf. common.
Configuration settings and other sites are: the back of the options can be inconsistent coverage and the default configuration. .
awstats。.bbs。.chedong。.conf。.
Include "chedong.. Common.. Conf". .
LogFile "/path/to/bbs_log"。.
SiteName "bbs.. Chedong.. Com". .
awstats。.www。.chedong。.conf。.
Include "chedong.. Common.. Conf". .
LogFile "/path/to/www_log"。.
SiteName "www.. Chedong.. Com". .
HostAliases="chedong。.com" 。.
Description of statistical indicators. .
* Visitors: visitors do not duplicate IP statistics, a representative of IP; one visitor.
* The number of visits: one visitor may visit several times within one day (for example: the morning one in the afternoon), so a certain period of time (eg: 1 hour), not the number of duplicate IP statistics, the number of visits visitors ;. .
* The number of pages: does not include pictures, CSS, JavaScript files etc of pure total page views, but if a page uses frames, each frame has a page request;.
* Number of files: from the browser requests the total number of client files, including images, CSS, JavaScript, etc., the user requests a page, if the page contains pictures, so many files on the server will issue a request, the file for generally far more in the number of files;. .
* Bytes: handed down to the client's data flows;.
* The data from the REFERER: Log in reference (REFERER) field, record visit the corresponding web page before the address, so if the user is through search engine results click access to the site, a user will log in the corresponding search query engine address, this address can resolve the user query through the use of keywords extracted:. .
For example:.
2003-03-26 15:43:58 123. .123. .123. .123 - GET / index. . Html 200 192 HTTP / 1. .1 Mozilla / 4. .0 + (Compatible; + MSIE +5. .01; + Windows + NT +5. .0) Http://www. . Google. .com / search? q = chedong. .
AWStats in search engines for key phrases and keywords statistics features or more complete: be 3 100 species worldwide machine crawler identification, and can recognize most of the major international search engines and in many parts of the local language search engine.
4. . Plugin. .
Install GeoIP.
Needs. .
GeoIP C Library。.
Geo:: IP Perl Module (faster, but requires C library). .
Geo::IP::PurePerl Module (slower, but does not require C library)。.
C Library and the Perl Module is a group, you must first install the C compiler, and then compile the installation of perl, or directly mounted PurePerl Module, I was in this way. .
Install GeoIP C Library.
# Wget http://www. . Maxmind. .com/download/geoip/api/c/GeoIP-1. .3. .8. . Tar. . Gz. .
# tar zxvf GeoIP-1。.3。.8。.tar。.gz。.
# Cd GeoIP-1. .3. .8. .
# 。./configure; make; make install。.
Install Geo:: IP Perl Module. .
# wget http://www。.maxmind。.com/download/geoip/api/perl/Geo-IP-1。.25。.tar。.gz。.
# Tar zxvf Geo-IP-1. .25. . Tar. . Gz. .
# cd Geo-IP-1。.25。.
# Perl Makefile. . PL. .
# make。.
# Make test (pass under the AS4, waiver, modification PurePerl Module). .
# make install。.
These two steps also can be installed. .
# perl -MCPAN -e shell。.
cpan> install Geo:: IP. .
Install Geo:: IP:: PurePerl Module.
# Wget http://www. . Maxmind. .com/download/geoip/api/pureperl/Geo-IP-PurePerl-1. .14. . Tar. . Gz. .
# tar zxvf Geo-IP-PurePerl-1。.14。.tar。.gz。.
# Cd Geo-IP-PurePerl-1. .14. .
# perl Makefile。.PL。.
# Make. .
# make test。.
# Make install. .
You can also install this.
# Perl-MCPAN-e shell. .
cpan> install Geo::IP::PurePerl。.
Modify / usr / local / etc / awstats / awstats. . Www. . Test. . Com. . Conf, canceled following the comment line, to enable this plug-in. .
LoadPlugin="geoip GEOIP_STANDARD"。.
Updated GeoIP database. .
# cd /usr/local/share/GeoIP/。.
# Wget http://www. . Maxmind. .com / download / geoip / database / GeoIP. . Dat. . Gz. .
# gunzip GeoIP。.dat。.gz 。.
Regularly update the GeoIP library. .
0 0 * * * root /usr/local/bin/geoipupdate -v。.
Installation XWhois. .
# perl -MCPAN -e shell。.
cpan> install Net:: XWhois. .
Modify the .test .www/usr/local/etc/awstats/awstats..., cancel the .conf .com. following this line, enable this plug-in.
LoadPlugin = "hostinfo". .
Install decodeutfkeys.
# Perl-MCPAN-e shell. .
cpan> install URI::Escape。.
Modify / usr / local / etc / awstats / awstats. . Www. . Test. . Com. . Conf, canceled following the comment line, to enable this plug-in. .
LoadPlugin="decodeutfkeys"。.
Update log. .
/usr/local/awstats/wwwroot/cgi-bin/awstats。.pl -config=www。.test。.com -update -lang=cn 。.
5. . Of other logs. .
5. .1. .ftp log.
5. .1. .1. . Proftp. .
Setup proftp.
Change proftpd. . Conf file, add the following two lines. .
LogFormat awstats "%t %h %u %m %f %s %b"。.
# Note: Number in% between the tab key to be used as a separator, can not use the space bar. .
ExtendedLog /var/log/xferlog read,write awstats。.
# WARNING: ExtendedLog directive might need to be placed inside a virtual host context if you use them. .
Then close the old log format.
TransferLog none. .
# WARNING: TransferLog directive might need to be placed inside a virtual host context if you use them。.
Want your settings take effect, the first stop proftp service, delete the old log file / var / log / xferlog, then start proftp service. Login ftp, download a file, your new log file will be a new line, like this similar to the following:. .
[01/Jan/2001:21:49:57 +0200] ftp。.server。.com user RETR /home/fileiget。.txt 226 1499。.
Set AWStats. .
Copy configuration files to awstats. .model. .conf to/usr/local/etc/awstats directory and file name to awstats. .ftp. .conf, modify this new configuration file.
# Mkdir-p / usr / local / share / awstats / ftp. .
# cp /usr/local/awstats/wwwroot/cgi-bin/awstats。.model。.conf /usr/local/etc/awstats/awstats。.ftp。.conf。.
# Vi / usr / local / etc / awstats / awstats. . Ftp. . Interpack. . Cn. . Conf. .
LogFile="/var/log/xferlog" 。.
LogType = F. .
LogFormat="%time1 %host %logname %method %url %code %bytesd" 。.
LogSeparator = "\ t". .
SiteDomain="ftp。.test。.com"。.
HostAliases = "ftp.. Test.. Com 192. .168. .0. .3". .
DirData="/usr/local/share/awstats/ftp" 。.
NotPageList = "". .
LevelForBrowsersDetection=0 。.
LevelForOSDetection = 0. .
LevelForRefererAnalyze=0 。.
LevelForRobotsDetection = 0. .
LevelForWormsDetection=0 。.
LevelForSearchEnginesDetection = 0. .
ShowLinksOnUrl=0 。.
ShowMenu = 1. .
ShowSummary=UVHB 。.
ShowMonthStats = UVHB. .
ShowDaysOfMonthStats=HB 。.
ShowDaysOfWeekStats = HB. .
ShowHoursStats=HB 。.
ShowDomainsStats = HB. .
ShowHostsStats=HBL 。.
ShowAuthenticatedUsers = HBL. .
ShowRobotsStats=0 。.
ShowEMailSenders = 0. .
ShowEMailReceivers=0 。.
ShowSessionsStats = 1. .
ShowPagesStats=PBEX 。.
ShowFileTypesStats = HB. .
ShowFileSizesStats=0 。.
ShowBrowsersStats = 0. .
ShowOSStats=0 。.
ShowOriginStats = 0. .
ShowKeyphrasesStats=0 。.
ShowKeywordsStats = 0. .
ShowMiscStats=0 。.
ShowHTTPErrorsStats = 0. .
ShowSMTPErrorsStats=0。.
Statistics Host Log. .
# /usr/local/awstats/wwwroot/cgi-bin/awstats。.pl -config=ftp。.test。.com -update -lang=cn。.
You can generate a static page to view information. .
# perl awstats。.pl -config=ftp。.test。.com -output -staticlinks -lang=cn> awstats。.ftp。.test。.com。.html。.
Timing statistics host log. .
#update awstats。.
30 7 * * * / usr / local / awstats / wwwroot / cgi-bin / awstats. . Pl-config = ftp. . Test. . Com-update-lang = cn. .
Test.
http://192. .168. .0. .3/awstats/awstats. . Pl? Config = ftp. . Test. . Com. .
5. .2. .mail log.
Applies to Postfix, Sendmail, QMail. .
Copy configuration files to awstats. .model. .conf to/usr/local/etc/awstats directory and file name to awstats. .mail. .conf, modify this new configuration file.
# Mkdir-p / usr / local / share / awstats / mail. .
# cp /usr/local/awstats/wwwroot/cgi-bin/awstats。.model。.conf /usr/local/etc/awstats/awstats。.mail。.conf。.
# Vi / usr / local / etc / awstats / awstats. . Mail. . Conf. .
For standard Postfix, Sendmail, MDaemon and standard QMail logfiles, set。.
LogFile = "perl / usr / local / awstats / tools / maillogconvert.. Pl standard
If the logfiles are compressed, they can be processed this way。.
LogFile = "gzip-cd / var / log / maillog. .0.. Gz | / usr / local / awstats / tools / maillogconvert.. Pl standard |". .
And for VAdmin QMail logfiles (multi-host/virtualhost mail servers running vadmin software), set。.
LogFile = "perl / usr / local / awstats / tools / maillogconvert.. Pl vadmin
Then, whatever is you mail server, you must also change: 。.
LogType = M. .
LogFormat="%time2 %email %email_r %host %host_r %method %url %code %bytesd"。.
SiteDomain = "mail.. Test.. Com". .
HostAliases="mail。.test。.com 192。.168。.0。.3"。.
DirData = "/ usr / local / share / awstats / mail". .
LevelForBrowsersDetection=0 。.
LevelForOSDetection = 0. .
LevelForRefererAnalyze=0 。.
LevelForRobotsDetection = 0. .
LevelForWormsDetection=0 。.
LevelForSearchEnginesDetection = 0. .
LevelForFileTypesDetection=0 。.
ShowMenu = 1. .
ShowSummary=HB 。.
ShowMonthStats = HB. .
ShowDaysOfMonthStats=HB 。.
ShowDaysOfWeekStats = HB. .
ShowHoursStats=HB 。.
ShowDomainsStats = 0. .
ShowHostsStats=HBL 。.
ShowAuthenticatedUsers = 0. .
ShowRobotsStats=0 。.
ShowEMailSenders = HBML. .
ShowEMailReceivers=HBML 。.
ShowSessionsStats = 0. .
ShowPagesStats=0 。.
ShowFileTypesStats = 0. .
ShowFileSizesStats=0 。.
ShowBrowsersStats = 0. .
ShowOSStats=0 。.
ShowOriginStats = 0. .
ShowKeyphrasesStats=0 。.
ShowKeywordsStats = 0. .
ShowMiscStats=0 。.
ShowHTTPErrorsStats = 0. .
ShowSMTPErrorsStats=1。.
Statistics Host Log. .
# /usr/local/awstats/wwwroot/cgi-bin/awstats。.pl -config=mail。.test。.com -update -lang=cn。.
You can generate a static page to view information. .
# perl awstats。.pl -config=ftp。.test。.com -output -staticlinks -lang=cn> awstats。.mail。.test。.com。.html。.
Timing statistics host log. .
#update awstats。.
30 7 * * * / usr / local / awstats / wwwroot / cgi-bin / awstats. . Pl-config = mail. . Test. . Com-update-lang = cn. .
Test.
http://192. .168. .0. .3/awstats/awstats. . Pl? Config = mail. . Test. . Com. .
Want to use bind9 's view features multi-line auto orientation, because in the new network, the application domain does not support this feature, so I had to point to your own server implements this functionality.
Implementation steps:. .
There are two domain names, assumptions: .net and b a.. .cn domain name, in both a. adding a DNS server in .NET ns. .a. .net and .net ns1. .a. points to the separately on my own server IP, and in the new network of mydns two functions in A record also correspond to resolve to the IP, b. .cn's DNS servers have been modified to ns. .a. .net and .net ns1.. .a..
Two were set up bind9 server environment, named. . Conf as follows:. .
key "rndc-key" { 。.
algorithm hmac-md5;. .
secret "eVlLdn/KBaRN3qZFzgwcFA=="; 。.
);. .
controls { 。.
inet 127. .0. .0. .1 Port 953. .
allow { 127。.0。.0。.1; } keys { "rndc-key"; }; 。.
);. .
options { 。.
directory "/ var / named";. .
version "I am bind"; 。.
listen-on (218. .58. .15. .155; 127. .0. .0. .1;);. .
}; 。.
acl CNCGROUP (58. .16. .0. .0/16;. .
58. .0 .0 .17..../17;
58. .17. .128. .0/17;. .
58. .0 .0 .18..../16;
58. .19. .0. .0/16;. .
58. .0 .0 .20..../16;
58. .22. .0. .0/15;);. .
view "internal" { 。.
match-clients (10. .0. .0. .8 / 8;);. .
recursion yes; 。.
zone ".." (. .
type hint; 。.
file "/ var / named / named.. Ca";. .
}; 。.
zone "localhost" IN (. .
type master; 。.
file "/ var / named / localhost.. Zone";. .
allow-update { none; }; 。.
);. .
zone "0。.0。.127。.in-addr。.arpa" { 。.
type master;. .
file "/var/named/named。.local"; 。.
allow-update (none;);. .
}; 。.
);. .
view "cnc" { 。.
match-clients (CNCGROUP;);. .
recursion no; 。.
zone "b.. Cn" (. .
type master; 。.
file "/ var / named / b.. Cn.. Cnc";. .
}; 。.
);. .
view "other" { 。.
match-clients (any;);. .
recursion no; 。.
zone "b.. Cn" (. .
type master; 。.
file "/ var / named / b.. Cn.. Bind";. .
}; 。.
);. .
Named. .ca is downloaded from the Internet's latest .root. named.
named. . Local is:. .
$TTL86400 。.
@ IN SOA localhost. . root. . Localhost. . (..
42; serial (d。. adams) 。.
1H ; refresh. .
15M ; retry 。.
1000H ; expiry. .
1H ); minimum 。.
IN NS localhost. .
1 INPTR localhost。.
localhost. . Zone is:. .
$TTL86400 。.
$ ORIGIN localhost. .
@ 1D IN SOA @ root ( 。.
42 ; serial (d.. Adams). .
3H; refresh 。.
15M ; retry. .
1W; expiry 。.
1D) ; minimum. .
1D IN NS@ 。.
1D IN A 127. .0. .0. .1. .
.Bind .cn. b.:.
$ TTL 86400. .
$ORIGIN b。.cn。.
@ IN SOA ns. . A. . Net. . root. . B. . Cn. . (..
1 ; Serial 。.
3600 ; Refresh. .
900; Retry 。.
720000 ; Expire. .
3600 ); Minimum 。.
; IN NS localhost. .
INNSns。.a。.net。.
IN NS ns1. . A. . Net. .
@ INA 222。.14。.180。.98 。.
www IN A 222. .14. .180. .98. .
pic INA 222。.14。.180。.99 。.
* IN A 222. .14. .180. .99. .
.Cn. .cnc b.:.
$ TTL 86400. .
$ORIGIN b。.cn。.
@ IN SOA ns. . A. . Net. . root. . B. . Cn. . (..
1 ; Serial 。.
3600 ; Refresh. .
900; Retry 。.
720000 ; Expire. .
3600 ); Minimum 。.
; IN NS localhost. .
INNSns。.a。.net。.
IN NS ns1. . A. . Net. .
@ INA 218。.58。.15。.154 。.
www IN A 218. .58. .15. .154. .
pic INA 218。.58。.15。.155 。.
url IN A 218. .58. .15. .156. .
* INA 218。.58。.15。.155 。.
#. .
# Based on the NCSA service configuration file.
#. .
# This is the main Apache server configuration file.
# It contains the server of the server running the configuration directives. .
# See.
# 。.
# Do not simply read the instructions in here without understanding. .
# Here just to do simple instructions, if you do not have reference online files, you will be warned.
#. .
# The configuration directive is divided into the following three parts:.
# 1. . Control of the Apache server process (ie, global environment variable). .
# 2. Define the main parameters of the service, or the default instructions, as well as all Web hosting providers on the default setting parameters.
# 3. . Virtual host setup parameters. .
# 。.
# Configuration and logfile names: If you specify a file name with "/" start (win32 next to "dirver :/"),. .
# Servers will use an absolute path, if the filename does not begin with "/", then it will put the ServerRoot.
The value add # in front of the file name, for example, "logs / foo.. Log", if ServerRoot value. .
# "/Usr/local/apache2", the file should be ".log"/usr/local/apache2/logs/foo...
#. .
# # The first District: global environmental parameters.
#. .
# Parameter, set here will affect the behavior of the whole; the Apache server.
# For example, Apache can handle the quantity of concurrent requests. .
# 。.
# ServerRoot: that the server save its configuration, error, and log files in the root directory. .
# 。.
# Note! If you want to designate it as NFS or other network location. .
# Be sure to read the documentation with the LockFile (May.
#. .
# This will make your own can solve many problems. .
# 。.
# Do not add a slash at the end of the path. .
# 。.
ServerRoot "/ usr/loacl/apache2". .
# 。.
# Serial access to the lock file must be saved in local disk. .
# 。.
# LockFile logs / accept. . Lock. .
# ScoreBoardFile: to save the internal service process information.
# If unspecified (the default), score board (scoreboard) will be stored in an anonymous shared memory segment, the. .
# And it cannot be third-party software being used.
# If specified, to ensure that Apache can not use both use the same scoreboard file. .
# This scoreboard file must be saved on the local disk.
#. .
#ScoreBoardFile logs/apache_runtime_status 。.
#. .
# PidFile: record server startup process number of the file.
#. .
PidFile logs/httpd。.pid 。.
#. .
# Timeout: received and sent before the timeout in seconds.
#. .
Timeout 300 。.
#. .
# KeepAlive: whether to allow secure connections (each connection has more than one request).
# Set to "Off" to deactivate. .
# 。.
KeepAlive On. .
# 。.
# MaxKeepAliveRequests: a solid connection in the period of maximum allowed number of requests. .
# Set to 0 for unlimited access.
# We recommend you to set a larger value in order to improve performance. .
MaxKeepAliveRequests 100 。.
#. .
# KeepAliveTimeout: in the same connections from the same client on the number of seconds that is receiving the request.
#. .
KeepAliveTimeout 15 。.
# #. .
## Server-Pool size setting (MPM).
# #. .
# prefork MPM 。.
# StartServers: Start the process starts when the server number. .
# MinSpareServers: tenure of the alternate minimum number of the process.
# MaxSpareServers: retain the maximum number of backup process. .
# MaxClients: Server allows to start the process number of the maximum.
# MaxRequestsPerChild: a service process to allow the maximum number of requests. .
StartServers 5 。.
MinSpareServers 5. .
MaxSpareServers 10 。.
MaxClients 150. .
MaxRequestPerChild 0 。.
# Worker MPM. .
# StartServers: Server startup service processes.
# MaxClients: maximum allowed number of users simultaneously connected. .
# MinSpareThreads: maintain the minimum number of worker threads.
# MaxSpareThreads: allows to maintain the maximum number of worker threads. .
# ThreadsPerChild: each service worker threads in the process of constant.
# MaxRequestsPerChild: service process to allow the maximum number of requests. .
StartServers 2 。.
MaxClients 150. .
MinSpareThreads 25 。.
MaxSpareThreads 75. .
ThreadsPerChild 25 。.
MaxRequestsPerChild 0. .
# perchild MPM 。.
# NumServers: the number of service processes. .
# StartThreads: each service in the process of starting a thread number.
# MinSpareThreads: to maintain the minimum number of threads. .
# MaxSpareThreads: retain maximum number of threads.
# MaxThreadsPerChild: each service process to allow the maximum number of threads. .
# MaxRequestsPerChild: each service process allows the maximum number of connections.
NumServers 5. .
StartThreads 5 。.
MinSpareThreads 5. .
MaxSpareThreads 10 。.
MaxThreadsPerChild 20. .
MaxRequestsPerChild 0 。.
# WinNT MPM. .
# ThreadsPerChild: service worker threads in the process of constant.
# MaxRequestsPerChild: service process to allow the maximum number of requests. .
ThreadsPerChild 250 。.
MaxRequestsPerChild 0. .
# BeOS MPM 。.
# StartThreads: Server startup start threads. .
# MaxClients: you can start the maximum number of threads (thread is equal to a user).
# MaxRequestsPerThread: each thread is the maximum allowed number of requests. .
StartThreads 10 。.
MaxClients 50. .
MaxRequestsPerThread 10000 。.
# NetWare MPM. .
# ThreadStachSize: for each worker thread allocation of stack size.
# StartThreads: Server startup start threads. .
# MinSpareThreads: used to process the actual request to the number of idle threads.
# MaxSpareThreads: the maximum number of idle threads. .
# MaxThreads: at the same time the activities of the maximum number of threads.
# MaxRequestPerChild: a maximum number of service requests thread,. .
# Recommend setting it to 0 for unlimited access.
ThreadStackSize 65536. .
StartThreads 250 。.
MinSpareThreads 25. .
MaxSpareThreads 250 。.
MaxThreads 1000. .
MaxRequestPerChild 0 。.
# OS / 2 MPM. .
# StartServers: started service process number.
# MinSpareThreads: each process to allow the minimum idle threads. .
# MaxSpareThreads: per-process maximum idle thread.
# MaxRequestsPerChild: the process of each service to allow the maximum number of connections. .
StartServers 2 。.
MinSpareThreads 5. .
MaxSpareThreads 10 。.
MaxRequestsPerChild 0. .
# 。.
# Listen: Allows you to bind Apache service to the specified IP address and port to replace the default value. .
# See instructions.
# Use the following command to Apache only in the designated IP address monitoring,. .
# In order to prevent it in the IP address 0. .0 .0 .0..., listening.
#. .
# Listen 12。.34。.56。.78:80 。.
Listen 80. .
# 。.
Dynamic Shared Support (DSO). .
# 。.
# To be able to use those to compile the module DSO mode function, you must have a corresponding "LoadModule" line. .
# So here contains these directives in order to be able to use it before activation.
# Statically compiled modules do not need those listed here (that is, "httpd-l" lists the modules). .
# 。.
# Example:. .
# LoadModule foo_module modules/mod_foo。.so 。.
#. .
# 。.
# ExtendedStatus: When you call "server-status", the control of Apache is to produce "full" state. .
# Information (ExtendedStatus On), or generate basic information (ExtendedStatus Off).
# The default is off. .
# 。.
# ExtendedStatus On. .
### II: "main" service configuration.
#. .
# This is the "home zone" Server uses the value of the directive, in order to respond to those who are not.
# Define processing any requests. .
# These values can also provide default values to the following definition of a container.
# If you have defined, then this value will be defined by instructions. .
# Define covered.
#. .
# 。.
# If you want to httpd to another user or group to run, you must start with a root mode start. .
# Then it switches to you want to use a user or group.
#. .
# User/Group: running httpd users and groups.
# In the SCO (ODT3) use "User nouser" and "Group nogroup". .
# On HPUX, you may not be able to use shared memory nobody identity, it is recommended that you create a www user.
# Note that some of the core (kernel) in the group ID greater than 60,000, refused to setgid (Group) or semctl (IPC_SET),. .
# Festival in these systems do not use "Group #-1".
#. .
User nobody 。.
Group # -1. .
# 。.
# ServerAdmin: Your e-mail address, where problems with Apache will be mailed. .
# As a document, the address is displayed in the server-generated page.
# For example: admin @ your-domain. . Com. .
# 。.
ServerAdmin kreny @ sina. . Com. .
# 。.
# ServerName Apache uses to identify itself specify the name and port number. .
# Typically this value is automatically assigned, but we recommend that you explicitly specify it to prevent an error at startup.
#. .
# If you host for you have specified an invalid DNS name server-generated redirection will not work.
# See UseCanonicalName instructions. .
# 。.
# If your host is not registered DNS name, type it in here, the IP address. .
# Anyway, you must use its IP address to provide services.
# Here use a redirection service is easy to understand way. .
ServerName www。.dalouis。.com:80 。.
#. .
# UseCanonicalName: decided to Apache how to construct URLS and SERVER_NAME and SERVER_PORT directive.
# When set to "Off" time, Apache will use the client to provide the host name and port number. .
# When set to "On", Apache will use the ServerName directive value.
#. .
UseCanonicalName Off 。.
#. .
# DocumentRoot: the root of your document. By default, all requests from that directory to answer.
# But you can use symbolic links and aliases to point to other locations. .
# 。.
DocumentRoot "/ home / redhat / public_html". .
# 。.
# Apache can access each directory can be configured to access (including its subdirectories). .
# 。.
# First, we configure the characteristics of a high limit. .
# This will prevent access to the directory containing the file system, and add you want to allow access to the directory blocks.
# Shown below. .
Order Deny,Allow 。.
Deny from all. .
# 。.
# Note that from this point forward you must specifically allow particular features to be used. .
#-If Apache is not as you expected it to work.
# Please check if you explicitly specified it in the following available. .
# 。.
#. .
# This will change the way you set the DocumentRoot.
#. .
# 。.
# Options: The value of this directive can be "None", "All", or any combination of the following options:. .
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews 。.
#. .
# Note that "MultiViews" must be specified explicitly, "Options All" does not provide this feature.
#. .
# This instruction is complex and important, see.
# "Http://httpd.. Apache. .org/docs-2. .0/mod/core.. Html # optioins" for more information. .
# 。.
Options FollowSymLinks. .
# 。.
# AllowOverride controls that are placed. . Htaccess file in the command. .
# It can be "All", "None", or a combination of the following directives:.
# Options FileInfo AuthConfig Limit. .
# 。.
AllowOverride None. .
# 。.
# Control who can get services. .
# 。.
Order allow, deny. .
Allow from all 。.
#. .
# UserDir: specify a ~ user requests will be added to the user home directory after the directory name.
#. .
UserDir public_html 。.
# To prevent loopholes in the UserDir directive, on the root user settings. .
# As "./" UserDir is very useful.
# If you are using Apache 1. .3 Or above, we strongly recommend you. .
# In your server configuration file contains the following line.
UserDir disabled root. .
# 。.
# The following is a use of UserDir directive to make a site directory with read-only property:. .
# 。.
#. .
# AllowOverride FileInfo AuthConfig Limit Indexes 。.
# Options MultiViews Indexes SymLinksIfOwnerMatch IncludeNoExec. .
# 。.
# Order allow, deny. .
# Allow from all 。.
#. .
# 。.
# Order deny, allow. .
# Deny from all 。.
#. .
# 。.
#. .
# DirectoryIndex: define the request is a directory, Apache offers the user the name of the service.
#. .
# Index .html. .var file., (a type of image file) is used to provide a list of document processing.
# For the same purpose, you can also use the MultiViews option, but it will be very slow. .
# 。.
DirectoryIndex index. . Php index. . Html index. . Html. . Var. .
# 。.
# AccessFileName: query in each directory for additional configuration directives for the directory of the file name. .
# See the AllowOverride directive.
#. .
AccessFileName 。.htaccess 。.
#. .
# The following lines to prevent .htaccess and .htpasswd.. Web client viewing a file is.
#. .
Order allow,deny 。.
Deny from all. .
# 。.
# Typeconfig: where the query definition of mime. . Types file. .
# 。.
TypeConfig conf / mime. . Types. .
# 。.
# DefaultType: if it can not determine the MIME type the server will default MIME type. .
# If your services are mainly contains text or HTML document, "text/plain" is a good choice.
If most of your content is binary, such as software or images, you should use. .
# The "application/octer-stream" to prevent the browser as the display text as binary files.
#. .
DefaultType text/plain 。.
#. .
# Mod_mime_magic allows server from your own files to define your own types use different clues (hints).
# Define hints that MIMEMagicFile directive defines where the document. .
# 。.
MIMEMagicFile conf / magic. .
# 。.
# HostnameLookups: designated record the names of clients or IP address, for example, when the command is on. .
# Record host name, such as www. .apache. .org; to off record IP addresses .129 .62.204.. .132.
# The default is off, it is much better than the set on, as if set on each client requests will be. .
# Nameserver at least on a query.
#. .
HostnameLookups Off 。.
#. .
# EnableMMAP: control whether memory dumps (if the OS supports it).
# The default is on, if your server is installed in the network file system (NFS), please close it. .
# On some systems, close it will boost your system performance (has nothing to do with the file system type).
# Please refer to the specific http://httpd. . Apache. .org/docs-2. .0/mod/core. . Html # enablemmap. .
# 。.
# EnableMMAP off. .
# 。.
# EnableSendfile: control whether to use the sendfile kernel support for sending files. .
# (If the OS supports it). The default is on, if your server is installed on a network file system.
# (NFS), make you close it. .
# See http://httpd. .apache. .org/docs-2. .0/mod/.html # enablesendfile core...
#. .
# EnableSendfile off 。.
#. .
# ErrorLog: error log file location.
# If you do not, including the definition of ErrorLog directive, the virtual host error message. .
# Will be recorded here. If you defined the ErrorLog there, these error messages are logged in you.
# Define the file, not the definition of the file here. .
# 。.
ErrorLog logs / error_log. .
# 。.
# LogLevel: Control the error log file recorded in the amount of information in the log. .
# Possible values include: debug, info, notice, warn, error, crit, alert, emerg.
#. .
LogLevel warn 。.
#. .
# The following directive to the CustomLog directive defines the format of the alias.
#. .
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined 。.
LogFormat "% h% l% u% t \"% r \ "%> s% b" common. .
LogFormat "%{Referer}i -> %U" referer 。.
LogFormat "% (User-agent) i" agent. .
# You need to install the module mod_logio. in order to use the% .c I and% O..
# LogFormat "% h% l% u% t \"% r \ "%> s% b \"% (Referer) i \ "\"% (User-Agent) i \ "% I% O" combinedio. .
# 。.
# Specify the access log file location and format (Common Logfile Format). .
# If you didn't, define this directive, the transfer information is recorded here.
# If you define this command, then record the location you specify, rather than the location of the definition here. .
# 。.
CustomLog logs / access_log common. .
# 。.
# If you want to record agent and referer information, you can use the following instructions. .
# 。.
# CustomLog logs / referer_log referer. .
# CustomLog logs/agent_log agent 。.
#. .
# If you want to use a file record access, agent and referer information.
# You can define the command as follows:. .
# 。.
# CustomLog logs / access_log combined. .
# 。.
# ServerTokens. .
# Define this instruction is contained in the HTTP response to the type of information in the header. The default is "Full".
# This means that in response to the first module will be included in the operating system type and compile information. .
# Can be set to the value of one.
# Full | OS | Minor | Minimal | Major | Prod. .
# Full message maximum, and minimum Prod.
#. .
ServerTokens Full 。.
#. .
# Arbitrary added that contains the server version and virtual host name line of information to the output page server-generated.
# (Internal error documents, FTP directory listings, mod_status and mod_info output etc., in addition to CGI error..
# Or a custom error document).
# Set to "EMail" will contain a link to the ServerAdmin of the mailto: link. .
# Can be the following value: On | Off | EMail.
#. .
ServerSignature On 。.
#. .
# Aliases: Lyric to add an alias, you need to be formatted as follows:.
# Alias Alias real name. .
# 。.
# Note that if you did not end in the alias contains a "/", then also need to include in the URL "/." .
# Therefore, "/icons" is not an alias for this example.
# If the alias of "/" at the end, then the real name must also be "/" end. .
# If an alias has been omitted from the end of the "/", then the real name must also be omitted.
#. .
# We use the alias/icons/"to represent" FancyIndexed directory listings, if you don't use.
# FancyIndexing, you may comment this out. .
# 。.
# Alias / icons / "/ usr/local/apache2/icons /". .
# 。.
# Options Indexes MultiViews. .
# AllowOverride None 。.
# Order allow, deny. .
## Allow from all 。.
#. .
# 。.
# This will change the ServerRoot / manual. The alias provides the location of man pages,. .
# If you change your DocumentRoot. If you have no manual page don't seem so,!.
# You can comment it. .
# 。.
Alias / manual "/ usr/loacl/apache2/manual". .
Options Indexes FollowSymLinks MultiViews IncludesNoExec 。.
AddOutputFilter Includes html. .
Order allow,deny 。.
Allow from all. .
# 。.
# ScriptAlias: specifies the directory containing the script service. .
# ScriptAliases is essentially the same, apart from the Aliases of document here at request time to do other than for the procedures to handle processing.
# Trailing "/" the same rules and Alias. .
# 。.
ScriptAlias / cgi-bin / "/ usr/loacl/apache2/cgi-bin /". .
# Here is add php 4 support in the directive.
AddType application / x-httpd-php. . Php. .
LoadModule php4_module modules/libphp4。.so 。.
#. .
# Add mod_cgid. .c settings, mod_cgid to communicate using the cgid Unix socket.
# Scripting interface path. .
# 。.
# Scriptsock logs / cgisock. .
# 。.
# The "/ usr/local/apache2/cgi-bin" to your ScriptAliased specified CGI directory. .
# If you have configured it.
#. .
AllowOverride None 。.
Options None. .
Order allow,deny 。.
Allow from all. .
# 。.
# Redirect allows you to tell the client to use the name exists in the server space in the document. .
# Instead, which helps clients to locate those who changed the location of the document.
# For example:. .
# Redirect permanent /foo http://www。.example。.com/bar 。.
#. .
# Server-generated directory list shows the control of the directive.
#. .
# 。.
# IndexOptions: control of server-generated directory listings display characteristics. .
# 。.
IndexOptions FancyIndexing VersionSort. .
# 。.
# AddIcon * directives tell the server image files with different extensions to show. .
# FancyIndexed directive only applies to.
#. .
AddIconByEncoding (CMP,/icons/compressed。.gif) x-compress x-gzip 。.
AddIconByType (TXT, / icons / text.. Gif) text / *. .
AddIconByType (IMG,/icons/image2。.gif) image/* 。.
AddIconByType (SND, / icons/sound2.. Gif) audio / *. .
AddIconByType (VID,/icons/movie。.gif) video/* 。.
AddIcon / icons / binary. . Gif. . Bin. . Exe. .
AddIcon /icons/binhex。.gif 。.hqx 。.
AddIcon / icons / tar. . Gif. . Tar. .
AddIcon /icons/world2。.gif 。.wrl 。.wrl。.gz 。.vrml 。.vrm 。.iv 。.
AddIcon / icons / compressed. . Gif. . Z. . Z. . Tgz. . Gz. . Zip. .
AddIcon /icons/a。.gif 。.ps 。.ai 。.eps 。.
AddIcon / icons / layout. . Gif. . Html. . Shtml. . Htm. . Pdf. .
AddIcon /icons/text。.gif 。.txt 。.
AddIcon / icons / c. . Gif. . C. .
AddIcon /icons/p。.gif 。.pl 。.py 。.
AddIcon / icons / f. . Gif. . For. .
AddIcon /icons/dvi。.gif 。.dvi 。.
AddIcon / icons / uuencoded. . Gif. . Uu. .
AddIcon /icons/script。.gif 。.conf 。.sh 。.shar 。.csh 。.ksh 。.tcl 。.
AddIcon / icons / tex. . Gif. . Tex. .
AddIcon /icons/bomb。.gif core 。.
AddIcon / icons / back. . Gif. .
AddIcon /icons/hand。.right。.gif README 。.
AddIcon / icons / folder. . Gif ^ ^ DIRECTORY ^ ^. .
AddIcon /icons/blank。.gif ^^BLANKICON^^ 。.
#. .
# DefaultIcon to those that don't explicitly define an icon file for processing.
#. .
DefaultIcon /icons/unknown。.gif 。.
#. .
# AddDescription allows you to place a server-generated index after the brief description.
# Only FancyIndexed effective instruction. .
# Format: AddDescription "description" in the file name.
#. .
# AddDescription "GZIP compressed document" 。.gz 。.
# AddDescription "tar archive". . Tar. .
# AddDescription "GZIP compressed tar archive" 。.tgz 。.
#. .
# ReadmeName specifies the server default find readme file name, and add to the list of directories.
#. .
# List of prefixes specified directory HeaderName filename.
ReadmeName README. . Html. .
HeaderName HEADER。.html 。.
#. .
# IndexIgnore specified directory index ignored and not included in the list of file name, the collection.
# Support shell type wildcard. .
# 。.
IndexIgnore. .?? * * ~ * # HEADER * README * RCS CVS *, v *, t. .
# 。.
# AddEncoding allows you to send in information to use (Mosaic / X 2. .1 +) Extract information. .
# Note: not all browsers support this option.
# Despite the name similarity, but the following commands and custom instructions above FancyIndexing different. .
# 。.
AddEncoding x-compress Z. .
AddEncoding x-gzip gz tgz 。.
#. .
# DefaultLanguage and AddLanguage allows you to specify the language of the document.
# This allows you to allow users to use easily understood language document. .
# 。.
# Specify the default language, which means that all language is not specified, the package will use that language. .
# In most cases, you might not want to set it up, unless you are sure this is correct.
# In general, do not use the language set is better than using the wrong language. .
# 。.
# DefaultLanguage nl. .
# 。.
# Note 1: Affix the keyword as a language is undoubtedly not the same - with Poland. .
# Text document (network standard language code is pl) will want to use ".po" AddLanguage pl. ..
# Perl script to avoid the general affix produce ambiguity. .
# 。.
# Note 2: The following examples illustrate some examples of the two character abbreviation of language and its country. .
# 2-character abbreviation, for example "dk Danmark/Danmark/" and "da" comparison.
#. .
# Note 3: in the "ltz" we use a three-character affixes, contrary to the provisions of the RFC.
# Run will fix it and use the RFC1766 standard to obtain reference data. .
# 。.
# Danish (da) - Dutch (nl) - English (en) - Estonian (et). .
# French (fr) - German (de) - Greek-Modern (el) 。.
# Italian (it) - Norwegian (no) - Norwegian Nynorsk (nn) - Korean (ko). .
# Portugese (pt) - Luxembourgeois* (ltz) 。.
# Spanish (es) - Swedish (sv) - Catalan (ca) - Czech (cz). .
# Polish (pl) - Brazilian Portuguese (pt-br) - Japanese (ja) 。.
# Russian (ru) - Croatian (hr). .
# 。.
AddLanguage da. . Dk. .
AddLanguage nl 。.nl 。.
AddLanguage en. . En. .
AddLanguage et 。.et 。.
AddLanguage fr. . Fr. .
AddLanguage de 。.de 。.
AddLanguage he. . He. .
AddLanguage el 。.el 。.
AddLanguage it. . It. .
AddLanguage ja 。.ja 。.
AddLanguage pl. . Po. .
AddLanguage ko 。.ko 。.
AddLanguage pt. . Pt. .
AddLanguage nn 。.nn 。.
AddLanguage no. . No. .
AddLanguage pt-br 。.pt-br 。.
AddLanguage ltz. . Ltz. .
AddLanguage ca 。.ca 。.
AddLanguage es. . Es. .
AddLanguage sv 。.sv 。.
AddLanguage cz. . Cz. .
AddLanguage ru 。.ru 。.
AddLanguage tw. . Tw. .
AddLanguage zh-tw 。.tw 。.
AddLanguage hr. . Hr. .
# LanguagePriority allows you priority during the session to use some of the language.
#. .
# Priority descending manner they are listed. We are more or less using alphabetical order manner.
# Arrange them. Maybe you want to change this order. .
LanguagePriority en da nl et fr de el it ja ko no pl pt pt-br ltz ca es sv tw 。.
#. .
# ForceLanguagePriority allows you to MULTIPLE CHOICES (Prefer) [communications].
# Or NOT ACCEPTABLE (Fallback) [not an acceptable situation matches the language] to provide a results page. .
# 。.
ForceLanguagePriority Prefer Fallback. .
# 。.
# To send out all the pages to specify a default character set, which is always a good idea, and for you. .
# Internationalization of the Web site, it's not exactly what you want? Similarly, all sections, and all architectures.
# The default character set has some minor damage, such as the one using iso-8859-1 (latin1) standard command. .
# Of pages, unless otherwise specified, for example, you simply declare it explicitly.
# There are also those always encourage you to use the default character set javascropt and the URL syntax. .
# Browser for security reasons.
#. .
#AddDefaultCharset ISO-8859-1 。.
AddDefaultCharse GB2312. .
# 。.
# Generally use the file extension of the character set. Maybe you want to avoid the occurrence of language extensions. .
# Crash unless you each time a change is a good test.
# See http://www. . Iana. .org / assignments / character-sets to obtain the character set. .
# List of names and their respective RFCs.
#. .
AddCharset ISO-8859-1 。.iso8859-1 。.latin1 。.
AddCharset ISO-8859-2. . Iso8859-2. . Latin2. . Cen. .
AddCharset ISO-8859-3 。.iso8859-3 。.latin3 。.
AddCharset ISO-8859-4. . Iso8859-4. . Latin4. .
AddCharset ISO-8859-5 。.iso8859-5 。.latin5 。.cyr 。.iso-ru 。.
AddCharset ISO-8859-6. . Iso8859-6. . Latin6. . Arb. .
AddCharset ISO-8859-7 。.iso8859-7 。.latin7 。.grk 。.
AddCharset ISO-8859-8. . Iso8859-8. . Latin8. . Heb. .
AddCharset ISO-8859-9 。.iso8859-9 。.latin9 。.trk 。.
AddCharset ISO-2022-JP. . Iso2022-jp. . Jis. .
AddCharset ISO-2022-KR 。.iso2022-kr 。.kis 。.
AddCharset ISO-2022-CN. . Iso2022-cn. . Cis. .
AddCharset Big5 。.Big5 。.big5 。.
# For Russian use of multiple character sets (how to use mainly rely on client-side):. .
AddCharset WINDOWS-1251 。.cp-1251 。.win-1251 。.
AddCharset CP866. . Cp866. .
AddCharset KOI8-r 。.koi8-r 。.koi8-ru 。.
AddCharset KOI8-ru. . Koi8-uk. . Ua. .
AddCharset ISO-10646-UCS-2 。.ucs2 。.
AddCharset ISO-10646-UCS-4. . Ucs4. .
AddCharset UTF-8 。.utf8 。.
# The following character set is not mapped to a specific standard (iso), but they are in the browser. .
# Were widely supported. Note that the capital letters.
# (It should not be, but it is compatible with some browsers which do). .
# 。.
# See http://www. . Iana. .org / assianments / character-sets to achieve. .
# List of them. But browser support is less.
#. .
AddCharset GB2312 。.gb2312 。.gb 。.
AddCharset utf-7. . Utf7. .
AddCharset utf-8 。.utf8 。.
AddCharset big5. . Big5. . B5. .
AddCharset EUC-TW 。.euc-tw 。.
AddCharset EUC-JP. . Euc-jp. .
AddCharset EUC-KR 。.euc-kr 。.
AddCharset shift_jis. . Sjis. .
# 。.
# AddType allows you to specify file types to add or override mime. . Types configuration file MIME. .
# 。.
AddType application / x-tar. . Tgz. .
AddType image/x-icon 。.ico 。.
#. .
# AddHandler allows you to determine the file name extension to "handlers":.
# Nothing to do with the file type behavior. This is both compiled into the server can also be added to the Action directive. .
# (See below).
# In order to use outside designated ScriptAliased command CGI script:. .
# (To make it available, you also need to add "Options ExecCGI".
#. .
# AddHandler cgi-script 。.cgi 。.
#. .
# For those that contain their own HTTP headers.
#. .
# AddHandler send-as-is asis 。.
#. .
# For file: server-parsed imagemap.
#. .
# AddHandler imap-file map 。.
#. .
# Agemap file:.
#. .
# AddHandler imap-file image.
#. .
# Type-image transfer resources).
# (This is the default setting to allow the Apache's "It Worked" page can be distributed in multiple languages). .
# 。.
AddHandler type-map var. .
# 。.
# Filters allow you to send it to the client before processing. .
# 。.
# In order to analyze the server side include (SSI) in. . Shtml document:. .
# (The instruction to be executed, you will also need to add in the Options directive "Includes". ) 。.
#. .
# AddType text/html 。.shtml 。.
# AddOutputFilter INCLUDES. . Shtml. .
# 。.
# Action lets you define the media files when you call match will be the following. This will be reduced. .
# That are frequently used by CGI scripts for the URL pathname to re-enter.
# Format: Action media / type / cgi-script/location. .
# Format: handler-name/cgi-script/location Action.
#. .
# 。.
# Error response can be configured in three styles:. .
# 1)plain text 2)local redirects 3) external redirects 。.
#. .
# Examples:.
# ErrorDocument 500 "The server made a boo boo..". .
# ErrorDocument 404 /missing。.html 。.
# ErrorDocument 404 "/ cgi-bin/missing_handler.. Pl". .
# ErrorDocument 402 http://www。.example。.com/subscription_info。.html 。.
#. .
# 。.
# Integrated application of these instructions, we can create an international wrong answer. .
# 。.
# We use Alias to redirect any / error / HTTP_. . Html. . Var answer to. .
# Our multilingual error messages collection. Use the correct text replaces it.
#. .
# By adding the following line, you will be able to change the display of these messages, without having to change.
# HTTP_. . Html. . Var file. .
# 。.
# Alias / error / include / "/ your / include / path /". .
# 。.
# To the / usr/local/apache2/error/include / copy the files under / your / inclue / path / under. .
# Start, you can create your own collection of files, or even its to each virtual host.
# No matter how you ServerSignature set, the default include files will show you. .
# Aapche version number and your ServerAdmin email address.
#. .
# Internationalized error documents require mod_alias, three mod_include and mod_negotiation.
# Module. To activate them, cancel the following 30 lines of comment symbols. .
# Alias /error/ "/usr/local/apache2/error/" 。.
#. .
# 。.
# AllowOverride None. .
# Options IncludesNoExec 。.
# AddOutputFilter Includes html. .
# AddHandler type-map var 。.
# Order allow, deny. .
# Allow from all 。.
# LanguagePriority en de es fr it nl sv. .
# ForceLanguagePriority Prefer Fallback 。.
#. .
# 。.
# ErrorDocument 400 / error / HTTP_BAD_REQUEST. . Html. . Var. .
# ErrorDocument 401 /error/HTTP_UNAUTHORIZED。.html。.var 。.
ErrorDocument 403 / error. . Php. .
# ErrorDocument 404 /error/HTTP_NOT_FOUND。.html。.var 。.
# ErrorDocument 405 / error / HTTP_METHOD_NOT_ALLOWED. . Html. . Var. .
# ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT。.html。.var 。.
# ErrorDocument 410 / error / HTTP_GONE. . Html. . Var. .
# ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED。.html。.var 。.
# ErrorDocument 412 / error / HTTP_PRECONDITION_FAILED. . Html. . Var. .
# ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE。.html。.var 。.
# ErrorDocument 414 / error / HTTP_REQUEST_URI_TOO_LARGE. . Html. . Var. .
# ErrorDocument 415 /error/HTTP_SERVICE_UNAVAILABLE。.html。.var 。.
# ErrorDocument 500 / error / HTTP_INTERNAL_SERVER_ERROR. . Html. . Var. .
# ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED。.html。.var 。.
# ErrorDocument 502 / error / HTTP_BAD_GATEWAY. . Html. . Var. .
# ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE。.html。.var 。.
# ErrorDocument 506 / error / HTTP_VARIANT_ALSO_VARIES. . Html. . Var. .
# 。.
# The following command to change the standard HTTP response behavior to deal with known browser issue. .
# 。.
BrowserMatch "Mozilla / 2" nokeepalive. .
BrowserMatch "MSIE 4\。.0b2;" nokeepalive downgrade-1。.0 force-response-1。.0 。.
BrowserMatch "RealPlayer 4 \. .0" Force-response-1. .0. .
BrowserMatch "Java/1\。.0" force-response-1。.0 。.
BrowserMatch "JDK / 1 \. .0" Force-response-1. .0. .
# 。.
# The following command to turn off those who do not end with "/" directory of non-GET requests for redirection. .
# These commands fixes Microsoft uses DAV method cannot correctly handle the redirection of WEB folders.
# Apple under the DAV file system and Gnome VFS under the support of the DAV is also used in this way. .
# For processing.
#. .
BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully 。.
BrowserMatch "^ WebDrive" redirect-carefully. .
BrowserMatch "^WebDAVFS/1。. [012]" redirect-carefully 。.
BrowserMatch "^ gnome-vfs" redirect-carefully. .
# 。.
# Allows you to use URL: http://servername/server-status to students by mod_status. .
# Into and report server status information. Changed. .example. .com domain name for your own.
#. .
# 。.
# SetHandler server-status. .
# Order deny,allow 。.
# Deny from all. .
# Allow from 。.example。.com 。.
#. .
# 。.
# Allowed to use URL: http://servername/server-info to remote report server configuration. .
# (Mod_info. .c support required). Change the ".example .com".. for your own domain name.
#. .
# 。.
# SetHandler server-info. .
# Order deny,allow 。.
# Deny from all. .
# Allow from 。.example。.com 。.
#. .
# 。.
# Proxy server command, remove the following exercise of the agency services available. .
# 。.
#. .
# ProxyRequests On 。.
#. .
# Order deny,allow 。.
# Deny from all. .
# Allow from 。.example。.com 。.
#. .
# 。.
# Install or turn off HTTP / 1. .1 "Channel" the first treatment. .
# (The "Full" Add Server version information, the "Block" move out all output "channel" header information.
# The following options can be set to one of: Off | On | Full | Block. .
# 。.
# ProxyVia On. .
# Is a good idea to install a caching proxy server, remove the following lines of the comment symbol:.
# (No CacheRoot not buffer). .
# 。.
# CacheRoot "/ usr/local/apache2/proxy". .
# CacheSize 5 。.
# CacheGcInterval 4. .
# CacheMaxExpire 24 。.
# CacheLastModifiedFactor 01. .
# CacheDefaultExpire 1 。.
# NoCache a-domain. . Com another-domain. . Edu joes. . Garage-sale. . Com. .
# 。.
# The end proxy command. .
# 。.
# Add a specific module configuration. .
# 。.
Include conf / ssl. . Conf. .
# # 3: Web hosting.
#. .
# VirtualHost: you can set up a virtual host container for your host to retain more.
# Domain / host name. Most configuration information is only name-based virtual hosts, so the server. .
# Don't have to worry about the IP address of the problem, the following command to * instead of hostname.
#. .
# When you try to configure your virtual host, see.
# URL: http://httpd. . Apache. .org/docs-2. .0/vhosts /> For more information. .
# 。.
# You can use the command line option "-S" to test your virtual host configuration. .
# 。.
# Use name-based virtual hosts. .
# 。.
# NameVirtualHost *. .
# 。.
# Virtual host example:. .
# Nearly all Apache command can be used in a virtual host container.
# The first virtual host name to the service area is unknown for the request response configuration. .
# 。.
#. .
# ServerAdmin webmaster@dummy-host。.example。.com 。.
# DocumentRoot / www / docs / dummy-host. . Example. . Com. .
# ServerName dummy-host。.example。.com 。.
# ErrorLog logs / dummy-host. . Example. . Com-error_log. .
# CustomLog logs/dummy-host。.example。.com-access_log commom 。.
#. .
OpenSSH with Kerberos.
The following steps provide information on the use of OpenSSH with Kerberos initial set of information required: in your OpenSSH client and server, / etc/krb5. . Conf file must exist. Kerberos uses the file tells what KDC, to each voucher long lifetime and so on. The following is a krb5. . Conf sample file: [libdefaults]. .
ticket_lifetime = 600。.
default_realm = OPENSSH. . AUSTIN. . XYZ. . COM. .
default_tkt_enctypes = des3-hmac-sha1 des-cbc-crc。.
default_tgs_enctypes = des3-hmac-sha1 des-cbc-crc. .
[realms]。.
OPENSSH. . AUSTIN. . Xyz. . COM = (. .
kdc = kerberos。.austin。.xyz。.com:88。.
kdc = kerberos-1. . Austin. . Xyz. . Com: 88. .
kdc = kerberos-2。.austin。.xyz。.com:88。.
admin_server = kerberos. . Austin. . Xyz. . Com: 749. .
default_domain = austin。.xyz。.com。.
). .
[domain_realm]。.
austin. . Xyz. . Com = OPENSSH. . AUSTIN. . XYZ. . COM. .
kdc。.austin。.xyz。.com = OPENSSH。.AUSTIN。.XYZ。.COM。.
Also, you must add the following Kerberos services to each client's / etc / services file: kerberos 88/udp kdc # Kerberos V5 KDC. .
kerberos 88/tcp kdc # Kerberos V5 KDC。.
kerberos-adm 749/tcp # Kerberos 5 admin / changepw. .
kerberos-adm 749/udp # Kerberos 5 admin/changepw。.
krb5_prop 754/tcp # Kerberos slave. .
# propagation。.
If your KDC is using LDAP as the registry to store user information, it is recommended to read LDAP and Kerberos authentication load modules publications. Also, please ensure the implementation of the following: KDC is running LDAP client. You can start the LDAP client command secldapclntd daemon. LDAP server is running slapd LDAP server daemon.The OpenSSH server, edit/etc/ssh/sshd_config file to contain the following line: KerberosAuthentication yes.
KerberosTicketCleanup yes. .
GssapiAuthentication yes。.
GssapiKeyExchange yes. .
GssapiCleanupCreds yes。.
In the SSH server, run startsrc-g ssh command to start the ssh server daemon. In the SSH client machine, run the kinit command to obtain initial credentials (TGT). Can run the klist command to verify that received a TGT. This will show all your credentials are. By running the ssh username @ servername command to connect to the server.If you have properly configured Kerberos to authenticate a user, you will not be displayed that requests the password prompt, and the user is automatically logged in to the SSH server.
rpm-ivh bind-9. .2. .4-2. . I386. . Rpm. .
[root@ns01 named]# rpm -q bind。.
bind-9. .2. .4-2. .
This will install the bind package.
Reference http://www. .5 Ilinux. .com/blog/archives/000063. . Html article. .
First of all.
vi / etc / named. . Conf. .
Add the following content.
#############################。 .
zone "。." {。.
type hint;. .
file "named。.ca";。.
);. .
zone "0。.0。.127。.in-addr。.arpa" {。.
type master;. .
file "0。.0。.127。.in-addr。.arpa。.zone";。.
);. .
zone "localhost" {。.
type master;. .
file "localhost。.zone";。.
);. .
zone "5ilinux。.com" {。.
type master;. .
file "5ilinux。.com。.zone";。.
);. .
To download a file named. .ca, but install the article download address cannot be downloaded. Dig @ a. .root-servers. .net > named. .ca can produce named., cp named .ca. .ca/var/named/named. .ca bind by rpm installation is not localhost. .zone, vi to create a new file in vi/var/named/localhost. zone ##################$ TTL 86400. .
@ IN SOA @ root。.localhost (。.
1; serial. .
28800 ; refresh。.
7200; retry. .
604800 ; expire。.
86400; ttl. .
)。.
IN NS localhost. .
@ IN A 127。.0。.0。.1。.
#################### Vi / var/named/0. .0. .127. . In-addr. . Arpa. . Zone #################### N SOA localhost. . Root. . Localhost (..
2 ; serial。.
28800; refresh. .
7200 ; retry。.
604800; expire. .
86400 ; ttl。.
) @ IN NS localhost. .
1 IN PTR localhost。.1 IN PTR ns1。.###################。.
vi / var/named/5ilinux. . Com. . Zone. .
####。.
$ TTL 86400. .
@ IN SOA ns01。.5ilinux。.com。. root。.localhost (。.
3; serial. .
28800 ; refresh。.
7200; retry. .
604800 ; expire。.
86400; ttl. .
)。.
@ IN NS ns01. .5 Ilinux. . Com. .
ns01 IN A 192。.168。.0。.10。.
##################。 .
/etc/rc。.d/iinit。.d/named restart。.
Should be able to use. You can look at / etc / resolv. . Conf. .
Start according to the article, but no.
IN NS ns01. .5 Ilinux. . Com. .
Subsequently changed.
@ IN NS ns01. .5 Ilinux. . Com. .
You can use.
This is a simple dns configuration process simple enough. .
DNS overview.
DNS Origin. .
The full DNS name is the Domain Name System, through DNS system, we can consist of a domain name of the machine check IP, or by a machine's IP anti-Cha its domain name, in addition to DNS and Mail System or data-Mail, provided routing functionality.
Early this domain name and IP of the corresponding table is recorded in each machine's / etc / host this file, when the computer much better numbers, but the number of computers more than one problem occurs mainly in the following questions. .
1. Traffic & Load 。.
2. . Conflict. .
3. Consistency 。.
Because the record with the hosts domain name <-> ip mapping of the above, it was developed DNS. .
Domain Name Space 。.
Computers on the INTERNET so many, how to ensure that two computers do not have the same domain name / IP is a very important issue. . Several important concepts as follows. .
1. Domain (Internet domain).
The entire internet into a number of domain, each domain further divided into a number of the next domain, then the sub-domain as the actual demand once again broken down into a number of domain, has been the cycle continues. .
Basically, every domain name of the mapping from a host client management.
top level domain - com, edu, gov, mil, net, org, int (now issuing as many top domain of the isp, art, etc.). .
2. Delegation (license).
Just mentioned, the actual demand for each domain can be further broken down by into many sub domain. . Top of the domain can be ceded to a sub domain of the domain name and IP mapping management by another machine, this action is called delegation. .
3. Reverse .Forward/(forward/inverse).
Spoke of the domain name <-> IP mapping, in fact should be seen as two namespaces:. .
One is the domain name-> IP, as forward of mapping is known, this name space is divided in the previously mentioned those top domain, sub domain, store, share and store content.
For example winnie. . Corp. . Hp. . Com -> 15. .16. .192. .152 Representative responsible for corp. . Hp. . Com this sub domain of the machine, can be found on its mapping table with a record winnie -> 15. .16. .192. .152. .
One is IP-name > domain mapping is known as reverse. This naming space in which all IP set into a variable called top of arpa. .in-addr domain, and then in IP layers layers: min.
For example, 15. .16. .192. .152 -> Winnie. . Corp. . Hp. . Com 192 representatives in charge. .16. .15. . In-addr. . Arpa (Note that in turn was because the top domain in the final surface) of this sub domain of the machine, can be found on its mapping table with a record 152 -> winnie. . Cop. . Hp. . Com. .
It is worth noting:.
a. . For forward mapping and reverse mapping of the machine is not necessarily the same one. .
Client .hp corp.. client .com domain and. .16.192. .in-addr .15. .arpa's machine is not necessarily the same machine, even in the same machine, if you are not aware of, both content may also be situations in which do not match.
b. . Domain with the ip subnet and there is no one to one relationship. .
Example, into the large motor domain is ee. .ncku. .tw .edu., but because a large motor internal machine DVD-more about this time, the IP subnet with 140. .116. .72, 140.9.1 ** *., 140, 140 .116. .163. .116. .156, 140. .116.5 sets .227.
Name Server. .
Client users forward/reverse mapping of the machine where a will call name server software, through this software ?????‰ come from other machine to the domain name or IP-look.
1. . Zone & domain. .
As mentioned above, basically every domain to a machine from the client, its better to ensure accurate to say should be every zone by name server from a client, which is zone is a sub domain to lose client under layers, while the remaining part of the moment is the zone.
2. . Primary / Secondary. .
Every zone by a name server client approach may have one or one million, this name server current off, may cause other machine on the Internet can not achieve the attribute in this zone information (domain name and the ip mapping). In order to avoid this situation, we can put this information in the same zone, the time to give more name server client. This is called the original primary name server, the other as secondary name server. . Secondary name server will periodically be primary name server information on the zone down to a backup copy. .
The market in the name of the server on layers, it is just set a personal zone Polish delegate to a dns server under layers, but it is not to know who's online is a true primary, who's online is secondary. It just depends on the order for a course that is a problem, when the first client zone on a DNS server is currently down, the time, it will in order to find the next personal client DNS server.
ps: primary / secondary name server program in the new version changed to master / slave. .
Name Resolution (name resolution, Helsingborg look).
Next we introduce the name of query terms or the operation of some important concepts. .
1. Resolver 。.
Equivalent to a DNS server in the client side, usually the way libraries are placed in the entire operating system, various types of applications by calling the resolver library can easily query the DNS server to obtain the desired information . .
2. Root Name Server 。.
Information in the inquiry, always have a starting point, when a local DNS server received from the client side of a domain name query, the local DNS server how do you know the domain name of the relevant information is recorded in the INTERNET which one of the DNS on it?. .
The answer is to root name server question for a course. Root name server users the top domain distinction which DNS server is determined by the client. For example, say you want to find www. .yohoo. .com, the time, the root name server will tell your favorite local DNS server client name server. .com this domain, and then revert to the local dns client. . Com's name server to ask about the yohoo. . Com was which name server in charge. . The last local DNS can be responsible for yohoo. . Com's name server asked about www. . Yohoo. . Com information. .
Where: the presence of the root name server will be the world's DNS sever ask, shares a lot in the world there are more than a dozen personal server root name. But every name server software that is accompanied by a text file, in which users this more than a dozen world renowned root name server IP address.
3. . Recursive Query. .
In the above introduction of Windows Server 2003 SP1 CD, DNS client-side process simply throw a ask to the local DNS server, and then local DNS would find the answer to that come up, at EGM fax were given client, this look is known as recursive query.
Image above DNS client-side (resolver) to the local DNS server for recursive query, check girigri. . Gbrmpa. . Gov. . Au of IP. . Local DNS server will start from the root name server asked, sequentially found responsible. . Au domain's DNS server, is responsible. . Gov. .Au domain DNS server, the client gbrmpa. .gov .au domain DNS-server client in pipped. .gov .au gbrmpa. background of the DNS server to girigri. .gov .au .gbrmpa.. information and fax back to DNS client (resolver).
4. . Iterative Query. .
The preceding introduction, the local DNS to other DNS issue of ask, just know that a much further in line cable, and then sends a problem users (local DNS) that cable cable to go further to find the answer, this way is known as ask iterative query.
ps:. .
A.-General instructions from, the local DNS resolver to are recursive query server, and DNS server of the auctions are iterative query.
b. . Most of the DNS server can accept recursive and iterative two query methods, but consider the load problem, root name server only accepts iterative query. .
5. DNS Caching 。.
From the preceding description we can understand from the resolver sends a query to the local DNS, the answer to the last local DNS to pass back in the middle requires many times the query, in order to save time these repeated search, DNS server will find the results of secretly temporary keep for a while that way when there are other machines make the same inquiry, you can save a lot of time. .
Example, an ask www. .ncku. devises, .edu., .tw guide of local DNS can be learned.
a. . Responsible. . Tw's name server IP. .
b。. .Edu. client. name of the server IP .tw.
c. . Responsible. . Ncku. . Edu. . Tw's name server IP. .
d。. Www. .ncku. .edu. .tw IP.
In addition to the machine again check www. . Ncku. . Edu. . Tw become faster, the query and a, b, c-related domain of the data also becomes faster, because the local DNS no longer from the root name server layers have asked. .
Ps: your local DNS secretly record some information in order to accelerate the time, a real water information is modified, the time how do? DNS server approach to its client's domain information has a TTL (time to leave) parameters, used tell other DNS cache their data, the time that information and how long should cache only. Than cache TTL, that is why after period no apparent effect.
MySQL is the "world's most popular open database", at least for the MySQL Web site will. But whether MySQL is so popular, many companies have on the resistance to the use of MySQL. This phenomenon from a number of reasons, some people mistakenly believe that open source Dai Ma Xing children's building blocks is equal to the game, while others think that the things will not be any free is a good thing.Maybe these ideas are misunderstood, however there is a complaint is justified, and the other is not the same as the corresponding product, such as Oracle or DB2, MySQL does not support stored procedures (stored procedures).
The latest MySQL 5. .0 To support stored procedures. If you are not familiar with stored procedure, then you can think of them stored in the database server side logic of SQL commands and procedures for the collection. These stored procedures can be invoked by the application, so developers of different skill levels can create their own SQL. .
Advantages.
Stored procedure to allow most of the database access logic and program logic separate. One of the stored procedure using indirect advantage is that the code becomes more compact and easy to understand. Another advantage of stored procedures, SQL can be pre-compiled, thus improving the speed of the program. Because the stored procedure contains the program logic, the database server can perform more processing more. Similarly, when the implementation of an n-tier program, the stored procedure is used for the data layer and service layer separates. .
Safety is also another stored procedure. When you cannot directly access the form, the program can perform the priority level assigned to a stored procedure. Unfortunately, at this time, MySQL does not support "grant execution (GRANT EXECUTE)". This means that unless a program has permission to access the form, or call to access the same table in a stored procedure. Use of this feature is a bit like doing a very interesting gambling.
Standard. .
With Oracle or Microsoft's relational database, MySQL and IBM DB2 to SQL stored procedures: 2003 syntax. In theory, this means that, if the database structure is the same as the stored procedure can be used in a different database.
Supports the SQL statement. .
Although MySQL does not support stored procedures, it can complete many tasks, such as shown in A table. In addition, MySQL stored procedure documentation (stored procedure document) describes the available for Oracle PL/SQL and SQL Server t-SQL for many compatibility characteristics. I stored procedures support the impression that its implementation has been slow, with the aim of avoiding any impact of large-scale software development projects.
Table A. .
Declaration.
Description. .
CREATE PROCEDURE。.
Stored in a MySQL database, a form of stored procedures. .
CREATE FUNCTION。.
A user-defined function, particularly in the data storage process. .
ALTER PROCEDURE。.
Created with the CREATE PROCEDURE to change pre-specified stored procedure, which does not affect related stored procedures or stored functions. .
ALTER FUNCTION。.
Created with the CREATE FUNCTION to change pre-specified stored procedure, which does not affect related stored procedures or stored functions. .
DROP PROCEDURE。.
Removed from the MySQL table to one or more stored procedures. .
DROP FUNCTION。.
Removed from the MySQL table to one or more storage function. .
SHOW CREATE PROCEDURE。.
Return to pre-established using the CREATE PROCEDURE stored procedure specified in the text. This statement is SQL: 2003 specification for a MySQL extension. .
SHOW CREATE FUNCTION。.
Return to pre-established using the CREATE FUNCTION stored procedure specified in the text. This statement is SQL: 2003 specification for a MySQL extension. .
SHOW PROCEDURE STATUS。.
Return to a pre-specified characteristics of stored procedures, including name, type, creator, creation date, and change the date. This statement is SQL: 2003 specification for a MySQL extension. .
SHOW FUNCTION STATUS。.
Return to a pre-specified characteristics of the storage function, including name, type, creator, creation date, and change the date. This statement is SQL: 2003 specification for a MySQL extension. .
CALL。.
Call a pre-established using the CREATE PROCEDURE specifies the stored procedure. .
BEGIN 。. END。.
Contains a set of multi-statement execution. .
DECLARE。.
Used to specify a local variable, the environment, processor, and pointers. .
SET。.
For changing local and global server variables. .
SELECT 。. INTO。.
Variables used to store display column. .
OPEN。.
To open a pointer. .
FETCH。.
Using a specific pointer to get the next column. .
CLOSE。.
Used to close and open the pointer. .
IF。.
1 An if-then-else-end if statement. .
CASE 。. WHEN。.
The structure of a case statement. .
LOOP。.
A simple loop structure; can use the LEAVE statement to exit. .
LEAVE。.
For out of IF, CASE, LOOP, REPEAT, and WHILE statements. .
ITERATE。.
For the re-start cycle. .
REPEAT。.
At the end of the test cycle. .
WHILE。.
Test at the beginning of the cycle. .
RETURNS。.
Return the value of a stored procedure. .
[/size] [/b] 。.
MySQL 5. .0 Support stored procedure statement. .
1. connect to the MySQL.
Format: mysql-h host address-u username-p password. .
1. case study 1: connect to MYSQL on my computer.
First, open the DOS window, then enter the directory mysqlbin, then type the command mysql-uroot - p, a carriage return after the prompt you lose your password, if the newly installed MYSQL, super-user root no password, so you can directly enter Enter in the MYSQL, MYSQL prompt is: mysql>. .
2. case study 2: connect to MYSQL on a remote host. Assume that the remote host's IP is: 110. .110. .110. .110, username is root and password as abcd123. Type the following command:.
mysql-h110. .110. .110. .110-Uroot-pabcd123. .
(Note: u and root can not add a space, the other is the same).
3 out of MYSQL command: exit (Enter). .
2. modify the password.
Format: mysqladmin-u username-p password your new password the old password. .
1, example 1: to add a password ab12 root. First enter in the DOS directory mysqlbin, and then type the following commands (password inside do not add command).
mysqladmin-uroot password ab12. .
Note: because there is no root password at the beginning, so-p an old password can be omitted.
2, Example 2: then root password to djg345. .
mysqladmin -uroot -pab12 password djg345 。.
Third, add a new user. (Note: different from above, the following environment because it is MYSQL command, so all the back end with a semicolon as a command character). .
Format: grant select on the database. * username @ sign to the host identified by "password".
Example 1, add a user password for test1 abc, so he can log on any host, and all databases have query, insert, update, delete permissions. First of all, for the root user connected to the MYSQL, and then type the following command:. .
grant select,insert,update,delete on *。.* to test1@"%" Identified by "abc"; 。.
But the case of an increase in users is very dangerous, you want to Ru test1 password of someone who is, then he can in the internet on any computer to log on to your mysql database and your data can do whatever they want, and solutions See Example 2. .
Case study 2, add a user test2 password for abc, he can only log on to the localhost, and you can make to the database mydb to query, insert, modify, and delete operations (localhost refers to the local host, MYSQL database resides on the host), so the user that the password used to know test2, he cannot be accessed directly from the Internet only through the MYSQL databases host web page to access a..
grant select, insert, update, delete on mydb. .* To test2 @ localhost identified by "abc";. .
If you do not want to have a password, test2, and then call a command password inclined.
grant select, insert, update, delete on mydb. .* To test2 @ localhost identified by "";. .
In the last article we talked to login, add users, change passwords, etc. The next article we'll look at the relevant databases in MySQL. Note: you must first login to MYSQL, the following actions are MySQL prompt every command ends with a semicolon.
1, operation skills. .
1, if you play command, enter the bonus, after the discovery of forgotten, you do not have to retype them again command, only the semicolon a carriage return. This means you can put a complete order into separate lines, after the semicolon to the end of the flag is OK.
2, you can use the cursor up and down keys bring up the previous command. But before I used an older version of MYSQL does not support. I am using the mysql-3. .23. .27-Beta-win. .
2. shows the command.
1, shows the list of databases. .
show databases; 。.
At first only two databases: mysql and test. mysql database MYSQL inside it is very important system information, we change the password and add users actually use this library to operate. .
2, display the data sheet: library.
use mysql; / / open the library, studied FOXBASE certain it will not be unfamiliar. .
show tables; 。.
3 shows the structure of the data table:. .
Describe table name;.
4, building a database:. .
Create database library name;.
5, building the table:. .
Use the library name;.
create table table name (field set list);. .
6. to delete a library and to delete tables:.
drop database database name;. .
Drop table; the table name.
7, empty record to the table:. .
Delete from table name;.
8, shown in the table record:. .
Select * from table name;.
Third, a building a database and build tables and insert data instance. .
Drop database if exists school; SCHOOL file://if there is a delete.
create database school; file: / / build libraries SCHOOL. .
Use open library school; SCHOOL file://.
create table teacher file: / / build table TEACHER. .
( 。.
id int (3) auto_increment not null primary key,. .
name char(10) not null, 。.
address varchar (50) default 'Shenzhen',. .
year date 。.
); File: / / build the table end. .
The following is inserted into the field file://.
insert into teacher values ('',' glchengang ',' one China, Shenzhen ', '1976-10-10');. .
Insert into teacher values ('', ' jack ', ' a ', ' in 1975-12-23 ');.
Note: In the construction of the table. .
(1) ID is set to a length of 3 numeric fields: int (3) and let it automatically per record plus one: auto_increment and can not be empty: not null and let him become a master primary key field.
(2) NAME set the field length is 10 characters. .
(3) will ADDRESS set to 50 characters in length, and default value for a field. Varchar and char what's the difference?, only waiting for a future article again.
(4) YEAR set the date field. .
If you have mysql prompt, type the above command can also be, but not easy to debug. You can use the above command exactly as written to a text file are assumed to be school., and then copy the .sql c:\, and enter the directory in DOS \mysql\bin, and then type the following command:.
mysql-uroot-p password school. . Bbb. .
Note: the database backup to school school school .bbb file.. .bbb is a text file, the file name as, open and see your new discovery.
Postscript: Actually, the operation of the database MYSQL and other similar SQL type database, you find the best SQL book will look. I will only introduce some basic, in fact, I also only know of these, and Oh. The best MYSQL tutorial or "Yan Zi," translation "MYSQL Reference Manual" is not only related to sites each have a free download, and it is the most authoritative. Unfortunately not, as "PHP4 Chinese manual" as is chm format, in order to find the time inconvenient function. .
Relational database design when it is necessary to comply with certain rules. Especially in database design paradigm is simple introduction 1NF (first model), 2NF (second normal form), 3NF (third normal form) and BCNF, fourth and fifth normal form remain to introduce later. When you design a database, to be consistent with the pattern, you're the expert in database design.
The first paradigm (1NF): patterns in the relationship R in a specific relationship between each of r, if each attribute value is no longer the smallest unit of data points, claimed the relationship R is the first paradigm. Example: If employee number, name, phone number form a table (one person may have an office phone and a home phone number) specification into 1NF There are three ways:. .
A duplicate stored numbers and names of employees. This keyword can only be a phone number.
Second, the number of workers for the keyword, phone number, divided into units of residential phone calls and two properties. .
Third, staff number keyword, but forcing each record can have only one phone number.
Above three methods, the first method the most desirable situation selected by the latter two cases. .
Second normal form (2NF): If the relationship between the model R (U, F) all non-primary attributes are fully dependent on any one candidate keys, called the relationship R belong to the second paradigm.
Example: Elective relations SCI (SNO, CNO, GRADE, CREDIT) for the student number which SNO, CNO for the course number, GRADEGE for the results, CREDIT for the credits. From these conditions, combination of keywords for the keyword (SNO, CNO). .
In the application of the above relationship models have the following questions:.
a. . Data redundancy, assuming the same 40 students from the elective course, credits to repeat 40 times. .
B.-Update exception, if tweaking a course credits, CREDIT the corresponding tuple values to be updated, there may be different for the same course credits.
c. . Insert the exception, such as plans to open a new lesson, because no one elective, not Student ID tags, and so was only able to courses and elective credits deposited. .
D.-Remove exception, if the student has closed down, remove the elective from the current database record. Some of the course students have not elective, this course and credit records cannot be saved.
Reason: non-keyword attribute CREDIT only function depends on the CNO, which is partly dependent CREDIT combination of the keywords (SNO, CNO) but not completely. .
Workaround: divided into two relational schema SC1 (SNO, CNO, GRADE) and C2 (CNO, CREDIT). New relationship includes two relational schema, they pass between the foreign key in the SC1 CNO, needed for natural joins, the recovery of the original.
The third paradigm (3NF): If the pattern of relationships R (U, F) of all non-primary attributes on candidate keys do not exist any reliable delivery is said to belong to the third R relations paradigm. .
Example: If S1 (SNAME, SNO, DNO, DNAME, LOCATION) of the property on behalf of the school number, respectively.
Name, the host system, department name, department address. .
The decision to the individual attribute keyword SNO. Because it is a single keyword, no part of the dependency problems, is certainly 2NF. But it certainly has a lot of redundancy, the student is located several properties for DNO, DNAME, will repeat the storage LOCATION, insert, delete, and modify the above example produces a similar situation.
Reason: dependence relations in the delivery caused. The SNO -> DNO. The DNO -> SNO does not exist, DNO -> LOCATION, LOCATION, therefore the function key Liao SNO decision on passing the dependent SNO -> LOCATION achieved. In other words, SNO does not directly determine the non-primary attributes LOCATION. .
Address purpose: each relational schema cannot have passed on.
Solution: two relations S (SNO, SNAME, DNO), D (DNO, DNAME, LOCATION). .
Note: the relationship between the S in outer keyword DNO. Otherwise, the relationship between the two.
BCNF: If the pattern of relationships R (U, F) of all properties (including the main property and non-primary attributes) do not pass any candidate dependent on the R keyword, then said the relations are BCNF R's. Relationship model, or R, if every decision factors include keywords (instead of being included in keyword), then the relationship between the model RCNF. .
Case study: parts management relationship model WPE (WNO, PNO, ENO, QNT), respectively, tables, accessories, warehouses, workers, and quantity. The following conditions.
a. . A warehouse with multiple employees. .
B.-one trade work only in a warehouse.
c. . Each warehouse a model for the accessories by hand, but a person can manage several parts. .
D.-the same type of accessories can be divided into several warehouses.
Analysis: can not be determined from the above get PNO QNT, by the combination of attributes (WNO, PNO) to determine the existence of functional dependencies (WNO, PNO) -> ENO. Since each warehouse is responsible for a fitting by hand, but a person can manage several parts, so a combination of attributes (WNO, PNO) to determine the person in charge, there is (WNO, PNO) -> ENO. Because only one employee working in a warehouse, with ENO -> WNO.Because each warehouse of spare parts by the person in charge, but only one employee working in a warehouse, (ENO, PNO)-> QNT.
What keywords to find the candidate, because (WNO, PNO) -> QNT, (WNO, PNO) -> ENO, so (WNO, PNO) can determine the element group, is a candidate keyword. According to ENO-> WNO, (ENO, PNO) -> QNT, so (ENO, PNO) can determine the element group, for another candidate keywords. Attribute ENO, WNO, PNO are the main attributes, only one non-primary property QNT.It on any one candidate keys are fully functional dependencies, and is directly dependent, so the relational model is a 3NF.
Analysis of the main property. For ENO-> WNO, ENO is the main attribute determinants of WNO, but it is not a keyword, only part of the keyword combinations. This has resulted in major property WNO on the other candidate keys (ENO, PNO) part of the dependence, because (ENO, PNO) -> ENO other hand does not hold, and P-> WNO, so (ENO, PNO) -> WNO is dependent on delivery. .
Although there is no non-primary key ' attribute on the candidate's pass-dependent, but the main properties of candidate keyword delivery will depend on, also. As a new employee is assigned to the warehouse, but temporarily in practice, there is no independent responsible for certain parts of the administrative tasks. Because of the lack of part of the PNO keyword cannot be inserted into the relationships. And if someone into whatever parts to be responsible for safety, delete parts of the Union will also be deleted.
The solution: split into Management EP (ENO, PNO, QNT), keywords (ENO, PNO) work EW (ENO, WNO) the keyword is ENO. .
Disadvantages: decomposed remains of functional dependencies of the poor. Such cases, due to the decomposition, functional dependencies (WNO, PNO)-> ENO lost the original semantics have been destroyed. Does not reflect each warehouse a part by hand. There might be a part consists of two or more than two people to manage both. Therefore, the relationship between the mode after decomposition reduces some integrity constraints.
A relation into several relations, to make a meaningful decomposition, minimum requirement is not lost after decomposition of the original information. This information includes not only the data itself, but also expressed by the functional dependency between the data constraints. Decompose the goal is to achieve a higher level of standardization degree, but the decomposition must also consider two questions: lossless join and maintain a functional dependency. Sometimes, not always possible to do both of lossless join, they remain completely functional dependency. Need to balance needs. .
1NF until BCNF four paradigms have the following relationships: between.
Contains 2NF 3NF BCNF contains contains 1NF. .
Summary:.
AIM: the purpose is to standardize the structure is more reasonable to eliminate the memory exception, so that data redundancy as possible, easy to insert, delete and update. .
Principles: to comply with the concept of a "flattened" principle, i.e. a relational schema describes an entity or entities of a contact. Specification of the essence of the concept of uniformity.
Methods: The relationship model is decomposed into the relationship between two or more modes. .
Requirements: the decomposed relational schema collection should be the original relational schema "equivalent", that is, after natural joins can recover the original relationship without loss of information, and to maintain a reasonable contact between attributes.
Note: Results of a pattern of relationships that decomposition can be set different pattern of relationships, that decomposition is not unique. Minimum redundancy requirements must be decomposed database to express the original database as the basis for achieving all of the information. The fundamental goal is to save storage space, to avoid data inconsistency, improve the relationship between operational efficiency, while meeting the application requirements. In fact, all the models are not necessarily required to achieve BCNF not. Sometimes deliberately retain some redundancy may be more convenient for data query. Especially for those who update frequency is not high, very high frequency of database query system especially. .
In a relational database, in addition to the functional dependencies are multivalued dependencies, join relies on the fourth paradigm, the fifth paradigm, higher level of standardization requirements. In this later on.
Dear friends, after you've seen what he thought, in fact, a database based on any theory of the book will say these things, take into account the number of users is a quasi-, to do the database. Point to find a special book to copy a copy, you have any questions, do not ask me, their own relational database theory to find a book to see it, perhaps, on you go a long way.That is to say these are the basic things, please think about it, what are you doing database design have been compliance with the paradigm, there is a database design does not do well, think about it, compared to the above mentioned, it is a violation of article several paradigms?.
Database design I've seen a few people to do more than is consistent with several paradigms, in general, the first paradigm we can observe, comply fully with very few second and third paradigm, and to comply with certain people is Design a master database, BCNF paradigm fewer opportunities arise, and will destroy the integrity of the design you can do does not consider it, of course, can be adopted in the ORACLE triggers to solve their shortcomings. After the design we've done together, they hope to comply with more than a few paradigm. .
1. What is an index?.
Index to quickly find those records with specific values, all MySQL to B-tree indexes are in the form of preservation. If there is no index, the implementation of MySQL query must start from the first recording scan the entire table all the records, until you find the records meet the requirements. The number of records inside the table the more the higher the cost of this operation. If the column as the search conditions have been created on the index, MySQL without any record can be quickly scanned by recording the location of targets. If the table has 1000 records, indexes to find records by at least faster than the sequential scan record 100 times. .
Suppose we create a table named: people.
CREATE TABLE people (peopleid SMALLINT NOT NULL, name CHAR (50) NOT NULL);. .
We then completely random to 1000 different name values are inserted into a table of people. The following figure shows the people table data file a fraction:.
Can be seen in the data file name out there is no clear order. If we create a name out of the index, MySQL will be sorted by name column in the index:. .
For an index of each item, MySQL internally as an actual record in the data file to the location of the "guidelines". Therefore, if we are to find a name equal to "Mike" record peopleid (SQL command "SELECT peopleid FROM people WHERE name = \'Mike\ ';"), MySQL was able to find the index of the name "Mike" value, and then go directly to a data file in the appropriate row returns the row of accurately peopleid (999). In this process, MySQL can only handle one line of results returned. If there is no "name" column of the index, MySQL to scan all records in the data file that the 1000 record! Clearly, MySQL fewer number of records processed, then it is faster to complete tasks. .
Second, the type of index.
MySQL offers a variety of index types are available:. .
General index.
This is the most basic index types, and it is not the only restriction of the class. General index can be created through the following ways:. .
Create an index, such as CREATE INDEX.
<索引的名字>ON tablename (column list);. .
Modify the table, ALTER TABLE tablename ADD for example INDEX [index name] (the column list).
When creating the table the specified index, such as CREATE TABLE tablename ([。.], INDEX [index name] (column list));. .
Uniqueness of index.
This index and the previous "general index" is basically the same, but there is a difference: the index with all the values can only occur once, that must be unique. Uniqueness of the index can be created with the following:. .
Create an index, such as CREATE UNIQUE INDEX.
<索引的名字>ON tablename (column list);. .
ALTER TABLE tablename ALTER TABLE, for example, ADD UNIQUE [index name] (the column list).
When creating the table the specified index, such as CREATE TABLE tablename ([。.], UNIQUE [name index] (column list));. .
The primary key.
Primary key is a unique index, but it must be designated as the "PRIMARY KEY". If you've ever used AUTO_INCREMENT column type, you may already be familiar with the primary key of the class concept. Primary key usually specified when creating the table, for example, "CREATE TABLE tablename ([。.], PRIMARY KEY (column list));."However, we can also modify the primary key for the join table, for example, "ALTER TABLE tablename ADD PRIMARY KEY (a list of the columns);". Each table can have only one primary key.
Full-text index. .
3. MySQL from .23. version support .23 full-text indexing and full-text search. In MySQL, the full-text indexed FULLTEXT index type. Full-text index can VARCHAR or TEXT type column. It can CREATE TABLE commands to create, you can also ALTER TABLE or CREATE INDEX command to create. For large data sets, through the ALTER TABLE (or CREATE INDEX) command to create full-text index than the record into an empty table with the full-text index faster. This article is no longer involved in the discussion below full-text index, more information, please see the MySQL documentation. .
3. single-column indexes and multiple-column indexes.
Index can be a separate index, it can be multi-column index. Here we illustrate through specific examples of the difference between the two indexes. Suppose there is such a people table:. .
<><>
This fragment has four names "Mikes" (where two surnames Sullivans, two surnames McConnells), there are two age is 17-year-old man, there is a name out of the ordinary Joe Smith.
The main purpose of this table is based on the specified user name, name and age to return the corresponding peopleid. For example, we may need to find the name of Mike Sullivan, aged 17, the user's peopleid (SQL command as SELECT peopleid FROM people WHERE firstname = \ 'Mike \' AND lastname = \ 'Sullivan \' AND age = 17;).Since we do not want to let MySQL do the query each time to scan the entire table, here you need to consider using an index.
First of all, we can consider to create an index in a single column, such as firstname, lastname, or age out.If we create the firstname column of an index (ALTER TABLE ADD INDEX people (firstname); firstname), MySQL will rapidly through the index to limit the search scope to those firstname = \'Mike\ ' records, and then in the "intermediate result set" on the other conditions of the search: it first excluded those lastname is not equal to "Sullivan," the record, and then exclude those age is not equal to 17. When the records meet the search criteria, after all, MySQL returns the final results. .
Since the establishment of the firstname column index and perform a full scan of a table, MySQL efficiency compared to improve a lot, but we ask that the number of records scanned MySQL still far exceeded the actual need. Although we can delete the index on the column firstname, lastname or creating age column index, but in general it seems that no matter what creating an index on a column that is similar to searching efficiency remains.
In order to improve search efficiency, we need to consider the use of multi-column index. If firstname, lastname and age of these three columns to create a multi-column index, MySQL can retrieve only one to find the right results! The following is to create a multi-column index SQL command:. .
ALTER TABLE people ADD INDEX fname_lname_age (firstname,lastname,age);。.
As the B-tree index file format, MySQL can immediately go to the appropriate firstname, and then go to the appropriate lastname, and finally to the appropriate age. In the absence of any one record scan data file the case, MySQL will correctly identify the target of search records! . .
So, if in the firstname, lastname, age of the three columns to create single-column indexes, respectively, the effect is and create a firstname, lastname, age of a multiple-column index? the answer is no, the two are completely different. When we execute the query, MySQL can use only one index. If you have a three-column index, MySQL tries to select one of the most restrictive index. However, even the most stringent restrictions on a separate index, its limited capacity and certainly far less than firstname, lastname, age more than the three columns on the column index. .
Fourth, the leftmost prefix.
Multi-column index Another advantage, which is called the left by the prefix (Leftmost Prefixing) reflected the concept. Continue to consider the previous example, we now have a firstname, lastname, age out on the multi-column index, we call this index fname_lname_age. When the search condition is when the following combination of columns, MySQL will use fname_lname_age Index:. .
firstname,lastname,age 。.
firstname, lastname. .
firstname。.
On the other hand understand that we have created the equivalent of (firstname, lastname, age), (firstname, lastname) and (firstname) The combination of the index columns. Here are some queries can use this fname_lname_age Index:. .
<><>MySQL文档
<>找到有关该命令的更多说明。下面是一个例子:
table。.
type. .
possible_keys。.
key. .
key_len。.
ref. .
rows。.
Extra. .
people。.
ref. .
fname_lname_age。.
fname_lname_age. .
102.
const, const, const. .
1.
Where used. .
Here we look at this EXPLAIN the meaning of the results of the analysis.
table: This is the table name. .
Type: the type of join operation. The following is the MySQL documentation on ref connection type notes:.
"For each record in another table combination, MySQL tables read from the current index value of all the records with a match. If the connection operation using only the most left-prefix keys, or if the key is not UNIQUE or PRIMARY KEY type (in other words, if the connection operation can not select a unique row under the key), then MySQL use the ref connection type. If the connection operation of the key used matches only a small number of records, then the ref is a good connection type. ". .
In this case, because the index is not a UNIQUE type, ref is we can get the best connection type.
If EXPLAIN shows the connection type is "ALL", and you do not want to choose the most from the table which records, then MySQL will be very low operating efficiency, as it is to scan the entire table. You can add more indexes to solve this problem. Foresee more information, please see the MySQL manual for instructions. .
possible_keys:。.
May be able to use the index name. Here's the index name is specified when creating the index the index nickname; If the index is not a nickname, the default display is the index in the first column name (in this case, it is the "firstname"). The meaning of the name of the default index is often not obvious. .
Key:。.
It shows the actual use of MySQL indexes by name. If it is empty (or NULL), then MySQL does not use the index. .
key_len:。.
Index by using some of the length, in bytes. In this case, key_len is 102, of which 50 bytes firstname, lastname 50 bytes, age accounted for 2 bytes. If MySQL to use only part of the index in the firstname, the key_len will be 50. .
ref:。.
It shows the name of the column (or the word "const"), MySQL will be the basis of these columns to select rows. In this case, MySQL was chosen based on three constants. .
rows:。.
MySQL perceived it to find the correct result the number of records to be scanned. Obviously, the ideal number is 1. .
Extra:。.
There may be many different options, most of them will have a negative impact on query. In this case, MySQL is just to remind us that it will use the WHERE clause to limit the search result set. .
7. the shortcomings of the index.
So far, we discussed the advantages are indexed. In fact, the index is flawed. .
First of all, the index you want to consume disk space. Typically, this problem is not very prominent. However, if you create a column for each possible combination of the index, the index file volume growth will be far greater than the data file. If you have a very large table, the index file size may reach the maximum allowed by the operating system file limit.
Second, the operation needs to write data, such as DELETE, UPDATE, and INSERT operations, the index will reduce their speed. This is because MySQL is not only necessary to change the data written to data files, but it is also necessary to write these changes to the index file. .
【 Closing: in a large database, the index is to improve the speed of a critical factor. Regardless of how the structure of the table is simple, once 500000 row table scan operation in any case not be fast. If your site has such a large table, then you really should take some time to analyze which indexes can be used, and consider whether you can rewrite the query to optimize applications. To learn more, see the MySQL manual. Also note, this article assumes that you are using MySQL is version 3. .23, part of the query will not work in version 3. .22. MySQL.
A good database product does not mean that there is a good application, if they can not design a rational database model will not only increase client and server, the programming and maintenance section of the difficulty, and will affect the system operation performance.Generally speaking, a MIS system, design, testing and commissioning phase, because the data in smaller, designers and testers often pay attention only to functions, but it is difficult to pay attention to the performance of weaknesses, wait until the system into the actual run-time, system performance decreases, to improve performance is to spend more resources, and the entire system is also the inevitable formation of a patch. The author based on many years of design and use of database experience, the following design guidelines for colleagues reference.
. .
Naming specification.
Different database object naming products have different requirements, therefore, the various objects in the database name, the background process should be case-sensitive code is written in the form of naming various objects length should not exceed 30 characters, so easy applications to adapt to different databases. .
。.
Cursor (Cursor) of caution. .
Cursor provides specific collection deinterlace means, the general use of the cursor line by line through the data, according to data of different criteria for different actions. In particular, a large multi-table and the table definition of the cursor (large data set) into the loop is easy to make the program a long and other special or even crash, the author in the city, "Housing Fund Management System" on the final rolled product number of interest-bearing account handling When a 10-million accounts on the cursor handle causes the program indefinitely and so on into a special (after 48 hours required by the calculation to complete) (Hardware Environment: Alpha/4000 128Mram, Sco Unix, Sybase 11..0) under different conditions to the update statement in 20 minutes.
Examples are as follows:. .
Declare Mycursor cursor for select count_no from COUNT 。.
. .
Open Mycursor 。.
. .
Fetch Mycursor into @vcount_no 。.
. .
While (@@sqlstatus=0) 。.
. .
Begin 。.
. .
If @ vcount_no = ' 1 ' conditions.
. .
Action 1.
. .
If @ vcount_no = ' 2 ' conditions.
. .
Action 2.
. .
。.
. .
Fetch Mycursor into @vcount_no 。.
. .
End 。.
. .
。.
. .
。.
. .
Instead.
. .
Update COUNT set for condition 1 1 operation.
. .
Update COUNT set for condition 2 2 operation.
. .
。.
. .
。.
. .
In some situations, sometimes have to use a cursor, you might also consider adding eligible data rows into a temporary table, and then define a cursor on a temporary table, you can get a noticeable increase in performance. The author in a certain city page〈 Telecom billing system > database daemon design, on a table (3 million rows meet the criteria of 30 multiple rows of data) for cursor operations (hardware environment: PC servers, PII266 64Mram, NT4. Ms Sqlserver .0 6. .5). Example:.
. .
Create # tmp/* define a temp table */..
. .
(Field 1.
. .
Field 2.
. .
。.
). .
。.
Insert into # tmp select * from TOTAL where conditions / * TOTAL, 3 million lines of only a few dozen lines meet the requirements * /. .
。.
Declare Mycursor cursor for select * from # tmp. .
。.
/ * Define a cursor on the temporary table * /. .
。.
. .
。.
. .
Index (Index)-use principle.
. .
Create index generally fall into the following two objectives: the maintenance of the indexed column is unique and provides quick access to the data in the table. There are two indexes that large database cluster index and non cluster index table without a clustered index is based on the heap structure to store data, all data are added to the tail of the table, and the establishment of a cluster index table, its data physically clustered index key will be in accordance with the order of storage, a table allows only one clustered index, therefore, according to B tree structure, you can add any kind of understanding of the index can increase the speed of queries by indexing the column, but will reduce the insert, update, delete operating performance, especially when the fill factor (Fill Factor) is large.The index of a table with more frequent insert, update, and delete operations, build the tables and indexes by setting the fill factor is relatively small, so that the data page to leave more free space, reduce the page segmentation and reorganize the work.
. .
Data consistency and integrity.
. .
In order to ensure consistency and integrity of the database, designers tend to design too many table (Relation), reducing data redundancy. Correlation between the tables is a mandatory measures, established on the parent table (the Parent Table) and the child table (Child Table) of the Insert, update, and delete operations are to take the cost of the system, in addition, it is best not to Identify the property field as a primary key associated with the child table. If data redundancy is low, data integrity is guaranteed easy, but the increase of inter-table join query operation, in order to improve system response time, reasonable data redundancy is necessary. Using the rules (Rule) and constraints (Check) to prevent the system operator error caused by data input errors is to design a common means of another officer, but unnecessary rules and constraints of the system will take up unnecessary overhead, needs attention is bound to data validation faster than the rules. All of these designers in the design phase should be based on the type of system operation, frequency considered to be balanced. .
。.
Service trap. .
。.
Transaction is completed in a single operation. Although these operations are a single operation, SQL Server to ensure that this group of operations have been completed either all or a little nothing. This feature is the large database, so data integrity is a great guarantee. .
We all know, SQL Server for each individual SQL statement provides implicit transaction control, allows each DML operations to complete the data is committed or rolled back, SQL Server provides an explicit transaction control statements--BEGIN TRANSACTION starts a transaction.
---- COMMIT TRANSACTION submit a transaction. .
。.
---- ROLLBACK TRANSACTION rolls back a transaction. .
。.
---- Transaction can be nested, you can retrieve the global variable @ @ trancount to the connected transaction nesting level. .
。.
And special attention needs to be very easy for programmers to make mistakes is that each show or implied, are made, start the variable plus 1 for each transaction submitted to the variable by one, each transaction will be made to roll back The variable set to 0, but only if the variable is 0, the transaction commit (the last one to submit statement), then only then physical data written to disk. .
。.
Database performance tuning. .
。.
In the computer hardware configuration and network design to determine the case, the impact on application performance factor nothing more than for the database performance and client programming. Most database designers database design using two-step method: First of all logical design, physical design of the latter. Logical database design eliminates all redundant data, improve data throughput speeds, ensures data integrity, a clear expression of the relationship between data elements. For the association between multi-table queries (especially..
It is a large table), its performance will slow, but also improves client programming difficult, therefore, to consider the physical design of the need to compromise, based on business rules to determine the amount of data to the associated table size, frequency of visit, the items on this table frequently associated query should increase data redundancy design.
Select the data type. .
The data type of a reasonable choice for database performance and has a great impact on this book, many of the experiences here are introduced.
. .
Don't Identify field as the primary key for a table with other table, this will affect the table's data migration. Text and Image fields is a pointer to the type of data, it is mainly used to store binary large object (BLOB). This type of data operation compared with other data type is slower, so to avoid using.
Date-type field is blessed with many date functions support, the size of the date of comparison, addition and subtraction operation is very simple. However, in accordance with the date as a condition of the query should use the function, compared to other data types on the much slower rate, because with the function as the query terms, the server can not use advanced strategies to optimize query performance can only form traverse each line scan. .
For example: from DATA_TAB1 (which have a DATE in a date field) for all records in 1998.
echo "$";// be $. .
Echo "\";//get.
However, single quotes do not need to escape. .
2, $ _SERVER [' QUERY_STRING '] and $ _SERVER [' REQUEST_URI '] is not available in iis.
3, if php. . Ini in the session. . Use_trans_sid = 1, then your website link will appear PHPSESSID = xxx. .
4, if the data is not passed, you may not use the response of predefined variables to get it.. If register_globals in php. .ini is set to off, then get the POST method data through the use of $ _POST [' varname '], url, etc. GET method passes data using $ _GET [' varname '], $ _SESSION variables used SESSIION [' varname '], $ _COOKIE COOKIE variables with ["varname"].
5,4. .23 Version of the register after the session variables with session_register error, please use the $ _SESSION ["varname"] = "varValue"; to register the variable varname. .
6, reading the data in a file with fopen, fread, seldom if data is only used when file, file_get_contents, fgets, etc., the efficiency is very low.
7, using PERL-style regular expressions than the POSIX-style regular expression n times faster, and feature powerful n times, it is proposed multi-use perg_ function. . Such as using preg_match instead of ereg / eregi, preg_replace instead of str (i) _replace, ereg_replace, eregi_replace, preg_split instead of explode, split (i). .
8, use regular expressions or other methods of extracting a string containing text, sometimes garbled, this is because a character as two bytes, the solution can search on the Internet.
9, mysql Chinese string search sometimes go wrong, you can use the binary (title) alike ('% keyword%') solution, mysql also has a regular expression functions REGEXP. .
10, using a regular expression search string, these special characters to escape +,-, *, ^, $, (, [,,],), | search these characters, an error occurs.
11, n number of letters or characters with the website will form bursting with css can solve this problem. .
Fixed table 1).
2), newline character. .
12, do the translation, you can use header (' content-type = text/html; charset = gb2312 "); forces the browser to use the appropriate encoding, so as not to have to manually select 13, set_time_limit (60); to set the program's longest running time, here is the 60s, if 0, indicates no limit.
by yunshen (2005 年 12 15, 10:54..
A taste of Emacs.
What is Emacs?. .
E。. M。. A。. C。. S。.
emacs Makes A Computer Slow. .
Escape Meta Alt Control Shift。.
emacs Makers Are Crazy Sickos. .
emacs Makes All Computing Simple。.
emacs Makefiles Annihilate C-Shells. .
emacs Manuals Always Cause Senility。.
emacs May Allow Customized Screwups. .
emacs Manuals Are Cryptic and Surreal。.
Eventually Munches All Computer Storage. .
Eight Megabytes And Constantly Swapping。.
Elsewhere Maybe All Commands are Simple. .
Excellent Manuals Are Clearly Suppressed。.
emacs May Alienate Clients and Supporters. .
Except by Middle Aged Computer Scientists。.
Extended Macros Are Considered Superfluous. .
Every Mode Accelerates Creation of Software。.
Each Manual's Audience is Completely Stupefied. .
Exceptionally Mediocre Algorithm for Computer Scientists。.
Easily Maintained with the Assistance of Chemical Solutions. .
Eradication of Memory Accomplished with Complete Simplicity。.
Emacs is a UNIX / Linux system, yet another powerful tool. . He can use a text editor, but just a text editor can not reflect his strong. . He also can be used to edit the source code, then compiled, you can say he is a powerful IDE. . However, surprisingly also more than that we can use him to send and receive e-mail, Internet browsing. . In brief, Emacs surprisingly strong. .
Remember it was said that this sentence: the world in three kinds of people, one is Vi, another way is to use Emacs, rest is.. Thus we can see the powerful Emacs and Vi. However, such a good program but have different characteristics, the same delightful. we may, in accordance with our personal preferences to choose our favorite, but don't say Vi or Emacs is better than Emacs, Vi., because they are the same powerful elite, similarly, the same appearance, we still enjoy our favorite things!. Why do these senseless wars of words then?. .
Remember that there are people who said it seems to be very reluctant to do so in one sentence: Emacs is very good, but UNIX systems there are other excellent software, thus we can see that people on the State of the attitude of the Emacs. some people say that Emacs itself is an operating system, we can accomplish all of our work, and Emacs. development goal is: If we leave Emacs, then we should leave the computer.. we can realize the power of Emacs. The Office of the powerful Emacs to say there are many, we can search on their own to slightly:). .
Here we come to know a Emacs:.
The current Linux distributions with Emacs in general are, if not we can download it here to compile it yourself installation: http://www. . Emacs. . Org. . But there is another version of XEmacs, Emacs can be said to be improved it. . Is a graphical sector Emacs (but do not know where slightly, in my opinion Emacs and XEmacs is a graphical interface, uh,>). .
If our system installed Emacs, we can enter the Terminal commands to start:.
$ Emacs. .
$emacs filename。.
$ Xemacs. .
$xemacs filename。.
Through this order we can see the Emacs or XEmacs. .
At the top of the Emacs is the menu bar, we can choose from a variety of features to complete our work. below the menu bar is a toolbar that is here to provide us with a variety of features, such as the file to open the save, etc..
In the tool bar below is our editor, that is where we call the buffer zone. . Here we can carry out our wide variety of editing operations. . But then we need to know the contents of the buffer is not really written to disk files, we need to finish our work to save the editor. .
In the buffer, the following is what we call it the mode line (mode-line), here you can display the file name and State.. If the file name before--then this file does not change if you ** this file has been altered, we remember to save on exit.%% indicates that the file is not editable, that is to say the file is write protect..% * indicates that the file is write-protected, but we can into the editing.
Then the following is the so-called small buffer (mini-buffer) where, when you can show some of our editorial process in the file information, the other is that we can enter our command to control the work of Emacs. .
Introduction to Emacs, another point have to say is that Emacs commands in some of the character C, M.. in Emacs Ctrl c refers, and M is the Alt, if Alt doesn't work, we can press ESC to replace it.. in the command in Emacs is a key combination, such as we exit Emacs command this for C-x C-c means we have to press the Ctrl-x, and then press a to exit the Emacs Ctrl-c.
Finally, we come to introduce some common Emacs useful site:. .
Hometown: http://www Emacs. .emacs. .org.
XEmacs: http://www. . Xemacs. . Org. .
Emacs for some useful configuration: http://zhdotemacs. .sourceforge. .org.
Emacs so powerful, so called faster we start our journey into ~~:)。 Emacs .
Here we will learn how to insert and delete text in Emacs in mobile, cut and paste, load and save the file.. We also talks to some of us to read into a new file for useful functions.
Insert and delete text:. .
In Emacs in insert and delete text as we enter the text in the printer on the same simple, we simply enter the text you want to enter our. this input mode is and we see in Vim's input is not the same, because we want to insert in the Vim mode for entering text, while in Emacs does not like this.
In Emacs, we can have several different ways to delete text. . The simplest way is to press the Backspace key or Delete key. . In most of the Emacs installation Backspace deletes the previous character and the Delete one character will be deleted. . If such a method can not remove the characters, we can use the Cd (delete-char) to delete characters. .
Breaking: automatically when you enter.
When we enter text in Emacs, until the end of a line, Emacs does not disconnect the line for us, instead he will show to the next line and the next line, we can continue to enter. . In this tag to the symbol will appear in a text of the final one. . But we can make the following way Emacs can automatically line break. . We press Mx and then enter the aotu-fill-mode. .
In the move: in Emacs.
In Emacs, there are several ways we can to move it. . We can use the arrow keys to small to move in Emacs, we can page-up, page-down to jump between the pages. .
If our little party keys may not work, we also can use the following methods to move:.
Forward one character: Cf (forward-char). .
Backward one character: C-b (backward-char).
Up line: Cp (previous-line). .
Down line: C-n (next-line).
Scroll forward one: Cv (scroll-up). .
Scroll backwards one page: M-v (scroll-down).
Added at the end of the buffer zone a blank line:. .
When we have to buffer the last row of the time we would like to how to make Emacs? there are two possibilities: one is to add a row and moves the line; the second is the ring hints are not allowed to.. we may, in accordance with our personal preferences to select a solution:.
If we choose to join a new line, we can be the following line to join us. . Emacs file:. .
(setq next-line-add-newlines t)。.
If we are to choose the ring, we can join the following line of configuration file:. .
(seq next-line-add-newlines nil)。.
Emacs provides us with a lot of ways we can to move them. . We do not need to know immediately all of these methods, it is important that we have to know they exist. . When we need him, we can use. .
We can use C-a (beginning-of-line) moves to the beginning of a line, use C-e (end-of-line) to move to the end of a line. These are not easy to remember, but when we are familiar with, I will not feel hard.
We can also forward the word as a unit or backward. . This way than by character move faster, we can easily remember these keys: Ctrl + Right (forward-word) move to the right, Ctrl + left (backward-word) to the left. .
We can also use the following keystrokes to move:.
Forward one: Me (forward-sentence). .
Backward one sentence: M-a (backward-sentence).
Forward a: M-) (forward-paragraph). .
Back piece: M-{(backward-paragraph).
Move one: Cx] (forward-page). .
To the page: C-x [(backward-page).
To learn more about this feature, as well as sentence, paragraph or page description of the end, we can enter the Ch f (describe-function) and then enter the function name. .
We have two functions can return to the matching brace, respectively called forward-sexp, backward-sexp. This program is much more useful. we can they bind to the Meta-Meta-right-left and.. in order to do this we can add the following two lines to join our .emacs file:.. ".
(Global-set-key [(meta left)] 'backward-sexp). .
(global-set-key [(meta right)] 'forward-sexp)。.
Sometimes we can specify the number back to the specified line. . This can goto-line command in XEmacs, we can be done by Mg, while in Emacs, we also want to do this would be the following sentence to us. . Emacs file:. .
(global-set-key [(meta g)] 'goto-line)。.
If we compare the disorder or the window is the window to the cursor into the center, we can press the Cl (recenter). . This will redraw our window and the cursor in the middle of the window in the buffer without changing his position. .
Cut, copy, paste:.
We have to cut or marked copy of the region, we can use the mouse or keyboard. .
The following examples we can learn how to use the mouse on the branded zone and the zone is replicated to the shear adhesive plate (in Emacs called kill-ring):.
A mouse over the text we have to mark the beginning. .
2 press the left mouse button while pulling the mouse until we want to copy to the end of the text.
3 Release the mouse. .
4 If we want to copy it to the glue plate shears, that is not removed from the buffer, and select the Edit menu and select copy. If we are to be cut to the Clipboard, it is removed from the buffer, you can go to the Edit menu, choose cut.
Of course, if we operate in Emacs, Linux in the copy mode is applicable. .
The following example enables us to learn how to mark and copy area text:.
1 Place the cursor in the text we have to choose the beginning. .
2 press CTRL + Spacebar, the lower portion of the buffer will display text mark.
We have to choose 3 to the end of the text. .
4.
If we want to copy to the clipboard, we can press Mw (kill-ring-save), if we are to cut, we can press Cw (kill-region). .
And we most frequently approach is to use the mouse to mark text area and then use the keyboard to cut or copy to.. Although at first it seems these keyboard binding comparison difficult to remember, but we also are trying to do this, because such an approach will make it possible for us to interact with Emacs more convenient and fast.
We can use the mouse or keyboard to paste the text. . If we simply use the mouse to paste the text in our local press the mouse button. . To use the keyboard, we have to put the cursor where we want to paste the text and then press the Cy. .
Emacs not only saves the last choice and will save previous choice of some text.. This makes us the choice of some old put into our buffer.. to paste an old text selection, we can press C-y, this will be the first choice, paste the text into a buffer. then we pressed M-y (yank-pop), which will use the second text select Insert our buffer. next M-y can use older text selection to replace.
If we press the other between Cy and My keys, we can not get some more old text chosen. .
If we are using the GNU.
, Select and paste in the following. . Yet it is not possible in XEmacs. .
In addition to command C-w (kill-region), together with some of the command to delete the text in the buffer and places it in the Clipboard. the most common one command is C-k (kill-line), he will be starting at the current cursor until the end of the text to remove the Bank and placed in the Clipboard. we can press the key several times, so that you can remove multiple lines of text and add it to Clipboard. so if we pasted text, all rows will be done as a whole.
We also talked about Cd command before you can delete the next character. . So the other two of the more useful command is Md (kill-word) deleted a word, and M-DEL to delete the previous word (backward-kill-word). . These two commands can be deleted in the text into the clipboard. .
Another relatively simple insert method is inserted into a folder. we can do by C-x I..
Edit the file:. .
In Emacs to edit a file, the easiest way is when we start with our Emacs to edit the file name as a parameter when our Emacs is running, we can mount a C-x C-f.
Emacs buffer will be the current path as the beginning of our path. . The reason is that in most of the time, we want to open the file with our current edited file in the same folder. . If we want to find the file in another folder, we can edit the given path. .
Double slash (//) indicate that Emacs will ignore the contents of the current point and the contents of the remaining rows are understood as from the file system path of the root. par/~/that ignores the contents of the current point and the line the rest of the content as we present the main directory of the directory path. sometimes we want to open a file in another folder, so that the way it is much more useful.
If the file is not specified in our hard disk, Emacs would understand it to mean we have to edit the new file name. . Therefore, a new file and open the file does not exist is the same. . When we open a file does not exist, Emacs will display information through the minibuffer to prompt us this is a new file. .
The following may be we will open a non-existent file causes:.
1 We want to edit a new file. .
2 we have entered an incorrect file name, that is, we want to edit another file.
In the latter case, we should use the command Cx k (kill-buffer) to kill the document open for the new buffer, and then open the file we want to edit. . A better way that we can press Cx Cv (find-alternate-file), this method will also complete the above two steps. .
Here we should pay attention to is the mount in Emacs or open a file called finding a file., this is due to historical reasons. .. so loaded files command is load-file find-file instead.
To save the buffer, we can simply use Cx Cs (save-buffer). . This will be the current buffer in Emacs will save the content to our original loaded file. . If the current buffer is not a document with a matched load, meaning that if we want to see when we start the initial Emacs buffer to write the contents of a file, Emacs will ask the file name. .
Maybe there are times when we will need to read a file and want to send it as a different file name to save it, then C-x.
Can not meet our requirements, because this command will save us the buffer we read the paper and will not seek another file name. . In such circumstances we can use Cx Cw (write-file), Emacs will ask such a file name and contents of the buffer into another file. . If we are editing a we do not read from a file into a buffer, we can also use this method to save our work. .In other words we open our Emacs, and then enter a number of content, we can use this method to save the input content.. when we complete our editorial work, we can pass C-x C-c (save-buffers-kill-emacs). If our buffer in some of our content is not saved, Emacs will ask us whether you want to save the content.
A variety of file command:. .
In this part we will learn how to edit a file on a remote robot and how to edit a single compressed file.. If we are in a hurry, we can skip this section, but we must go back and look at the contents of this one, because here there are some very useful information.
Emacs allows us to edit the file on the remote machine, perhaps we will think of the following two points:. .
1 we want to use some special syntax to tell Emacs file location.
2 When we want to load or save the file, we make Emacs connected to the remote host. .
From another host into the file, we would like to complete the following two things:.
A file where the host name. .
2 in the user name on this host.
Then Emacs uses the FTP connection to download the file we want to edit. .
Here we have to note is that if we want to use this feature we have to allow the FTP connection to the remote host.
To make Emacs load the file in other host, we can simply use what we already knew in our local open file command. . We have learned a Cx Cf (find-file), and Cx Cv (find-alternate-file). . As the file name, we have to specify the remote host at the user name, we can use the following syntax:. .
/usr@host:filename。.
The composition of this statement are: slash, user name, mark @, host name, a colon, the file name. .
For example if we want to load the linux root identity. .homenet host/etc/passwd file we can input:.
/ Root @ linux. . Homenet: / etc / passwd. .
If we are on a remote host user name and user name on the current machine, we can omit usrnme @. for example, we have to edit the host linux. .homenet. directory, we can .tcshrc file to do this:.
/ Linux. . Homenet: ~ /. . Tcshrc. .
Here we should pay attention to is the ~ represents our on a remote host of the user's home directory.
When Emacs connection to the remote host later, minibuffer will display the password to us. .
Emacs can also edit the compressed file or document, say a .gz .Z,.!,.,. .zip .tar,.,., .arc. .zoo .lzh file name extension of the file.. This can be in our disk space relatively lower case to avoid the extracted file.
A library called jka-compr Emacs can edit the compressed files to add functionality, this feature can be transparent (Transparent) read and write compressed by the gzip or compress the file. . Here a transparent means that in fact we did not notice this is a compressed file. .
Emacs can be recognized by the cabinet file must be a .gz .Z,.!,. .tgz extension. last extension of the file is to use tar archive, and gzip compressed files used.
When we loaded a compressed file, Emacs file before to show us a simple decompression. . When we save the file, he will be hard to write this file when compressed. . So for us it is transparent. . To add this feature, we have to us. . Emacs file to add the following few:. .
(require 'jka-compr)。.
(Jka-compr-install). .
If we do not use XEmacs, then we can not join the second row.
When we load an archive file, Emacs will show this to our list of files in the archive file. . Tar archive file is called tar-mode of the library to handle, and Zip, Arc, Lzf, Zoo archive is called the arc-mode of the library to deal with. . This means that setting the two archive files have a number of different interfaces. .
When the cursor is on a file into a carriage return when we knocked, this file will be loaded into the buffer, then we can edit the file.. when we save it, the archive is updated automatically.
But on the tar archive file for this is not entirely correct, to update the tar file, we need to save the tar archive file contains a buffer. .
In the menu there are many different functions can handle these archive files: we from this archive to copy a file or to the archive file is to copy the files, rename files or change file permissions, etc..
Document template:. .
One of the major Emacs's philosophy is that we should put our time spend, rather trivial change task (One of the main philosophies of Emacs is that you should spend your time instead of being a genius doing trivial monotonous tasks!). If we use the Emacs can keep this in mind, we find that we have to do Emacs keystrokes can be less or not need a keyboard to complete the work. .
An example of this is to create a new file.. when we create a new file, most of our first few minutes are spent on insert some text, the text is the last time we create a similar file insert, for example, we created an HTML document.
On a solution to this problem is to make Emacs insert a template. . This template to write C programs according to whether we, HTML document or a letter written to her grandmother vary. . More than that, HTML files and other settings in the template file is a different template. . Our personal home page of the HTML file may be different from what we designed for our files. . Or a process template is different from another. .
When we create a new file, Emacs will vary depending on the extension of the file to find the appropriate template. that is, when we create an .html file test., Emacs will find a named TEMPLATE. .html. template .tpl. and if we create is a .txt file letter., Emacs will find the named TEMPLATE. .txt. template .tpl.
When looking for a template, Emacs first in a new file under the directory where to find, if Emacs is not found, Emacs will be under a subdirectory named Templates to find. . If still not found, Emacs will be named in the parent directory and look under the Templates subdirectory. . Emacs in this way until we find the top of the user's home directory. . If Emacs is still not found, Emacs will we have set the template may have been the place to find. .
For example, if we create a ~/work/Emacs-project/note. .txt file and all of our standard template is located in the directory ~/lib/template directory. .Emacs will in the following ways to find it:.
1. . ~ / Work / Emacs-project / TEMPLATE. . Txt. . Tpl. .
2。.~/work/Emacs-project/Templates/TEMPLATE。.txt。.tpl。.
3. . ~ / Work / TEMPLATE. . Txt. . Tpl. .
4。.~/work/Templates/TEMPLATE。.txt。.tpl。.
5. . ~ / TEMPLATE. . Txt. . Tpl. .
6。.~/Templates/TEMPLATE。.txt。.tpl。.
7. . ~ / Lib / templates / TEMPLATE. . Txt. . Tpl. .
Maybe we will find it very strange that way, but this way because of the following reasons is quite important:.
1. . By Templates in the current directory and subdirectories to find, we are sometimes hidden in a subdirectory of our templates, because we do not want these templates and other mixed paper. . For saying that we do not have to do this. .
2 through this path to find it, we may be in a subdirectory or a directory, find the special template. for example, perhaps we have a directory named Letters, in this directory holds all our correspondence.. in this directory, maybe we will put a common template, this template will insert some similar words Dear., as well as the current date.. in a Letter of subdirectory we might store some write to us by a boyfriend or girlfriend letter.. this template will insert some similar words of Yours forever.
3 Adoption of the final standard template directory to find, we will find all of the generic template. .
The template can contain the standard row (stand-ins) consisting of the text.. these rows may be replaced by another or when the text is based on this template to create a new file in a buffer.. standard line format (> > > letter <),例如>> P > <。.>
<设置当我们的新建一个文档时位于缓冲区中的这一点,>>> A <<. .
<可以插入我们的邮件地址.
下面列出一些不需用户定义的代码:
代码 例子 描述
文件和目录类:
(>>>DIR <) ~/letters/ 文件名部分目录。. ~/letters/="">
(>>> FILE <<<) Gretchen. . Txt file name not directory. .
(>>>RILE_RAW <) > Gretchen file names with no extensions.
(>>> EILE_EXT <<<) txt file name extension (no comma). .
Category: time and date.
(>>> DATE <<<) 07 Jan 1999. .
20: 17: 29 date and time.
(>>> ISO_DATE <<<) 1999-01-07 ISO 8601 date. .
Category: System information.
(>>> AUTHOR <<<) blackie @ ifad. . Dk full Email address. .
(>>>LOGIN_NAME <) blackie 登陆名。. blackie="">
(>>> HOST_ADDRE <<<) ifad. . Dk hostname. .
(>>>USER_NAMEE <) > Jesper user's real name.
Location type:. .
(>>>POINT <) 这个设置点,当然只有这个点可以进行设置。.>
(>>> MARKT <<<) set the marker, only the tag can be set. .
(>>>1<) (="">>>9<)。.>
10 possible locations. . To get to any of these locations, we can press Cx j (jump-to-register). .
An example template:.
Odense (I <<<). .
Dear (>P <) 。.>
Our record number: (> 1 <<<). .
Cheers (>U <) 。.>
In our template, we can insert ask questions. . Therefore, in our previous example, we may want to suggest we need to insert the name after the Dear. . Such as the following template:. .
Odense (>>>I <) 。.>
Dear (>>> name <<<). .
(>>>P <) 。.>
Our record number: (>>> number <<<). .
Cheers (>>>U <) 。.>
> TEMPLATE-DEFINITION-SECTION <<. .
("name" "What is the name of the customer? ") 。.
("Number" "What is the record number?"). .
To make Emacs asks us questions, we need to insert a line to indicate the start of the definition section.. in this line of text is used to define the problem, so we must be careful not to insert the text without syntax.
Each issue is associated with a word. . The word is the input text as standard. .
So that when we open a new file, Emacs will ask questions to us, and our answer will be inserted into the appropriate place.
