2018-1-31 Linux Learning Notes

Source: Internet
Author: User
Tags auth system log rsync dmesg

10.32/10.33 rsync via service sync

This approach can be understood as the first to establish a rsync server on the remote host, configure the various applications of rsync on the server, and then this machine as a client of rsync to connect to the remote rsync server.

    1. Establish and configure the rsync configuration file/etc/rsyncd.conf
      Rsyncd.conf Sample Example
      port=873//default port is 873
      Log File=/var/log/rsync.log
      PID File=/var/run/rsyncd.pid
      address=192.168.133.130
      [Test]
      Path=/root/rsync
      Use Chroot=true
      Max Connections=4
      Read Only=no
      List=true
      Uid=root
      Gid=root
      Auth Users=test
      Secrets file=/etc/rsyncd.passwd
      Hosts allow=192.168.133.132 1.1.1.1 2.2.2.2 192.168.133.0/24
    • rsyncd.conf configuration file in detail
      Port: Specifies on which port to start the RSYNCD service, the default is Port 873.
      Log file: Specifies the log files.
      PID File: Specifies the PID files that are involved in process management operations such as starting and stopping services.
      Address: Specifies the IP that initiates the RSYNCD service. If your machine has multiple IPs, you can specify that one of the RSYNCD services be started, and if you do not specify this parameter, the default is to start on all IPs.
      []: Specifies the module name, inside the content customization.
      Path: Specifies the path where the data is stored.
      Use chroot True|false: Represents the first chroot to the directory specified by the path parameter before transferring the file. The reason for this is to implement additional security protections, but the disadvantage is that you need to roots permissions, You cannot back up a directory file that points to an external symbolic connection. By default, the
      Chroot value is true, and it is recommended that you set it to False if you have soft connection files in your data.
      Max connections: Specifies the maximum number of connections, which defaults to 0, which means there is no limit.
      Read Only Ture|false: If true, you cannot upload to the path specified by the module.
      List: Indicates whether the module is listed when the user queries the available modules on the server, set to True is listed, and false is hidden.
      Uid/gid: Specifies which user/group is transferred when the file is transferred.
      Auth Users: Specifies the user name to use when transferring.
      Secrets File: Specifies the password files, which, together with the parameters above, do not use password authentication if they are not specified. Note that the password file's permissions must be 600. Format: Username: Password
      hosts allow: Represents the host that is allowed to connect to the module. can be IP or network segment, if more than one, the middle with a space separated.
    1. Edit Secrets file, after saving to give 600 permissions, if the permissions are not correct, can not complete synchronization.
      When the Auth users and Secrets file are set, the client connection server also needs to use the user name password, if you want to bring the password on the command line, you can set a password file.
      RSYNC-AVL [email protected]::test/test1//tmp/test8/--password-file=/etc/pass
      Where/etc/pass content is a password, the permissions should be changed to 600.

    2. Start the RSYNCD service
      Rsync--daemon
      Once started, you can check the log and see if the port is started:
      [Email protected] ~]# Cat/var/log/rsync.log
      [Email protected] ~]# NETSTAT-LNP |grep 873
      TCP 0 0 0.0.0.0:873 0.0.0.0: LISTEN 12066/rsync
      TCP 0 0::: 873::
      : LISTEN 12066/rsync

    3. Test on a different machine
      RSYNC-AVL [Email protected]::test/test1//tmp/test8/
10.34 Linux system logs

The log records a variety of things that happen on a daily basis, and you can check the cause of the error or the traces of an attacker's presence when the attack occurred. The main functions of the log are: auditing and monitoring, monitoring the system status in real time, monitoring and tracking intruders, etc.
Common Log files:
(1)/var/log/messages

    • The core system log files contain boot messages at system startup, as well as other status messages when the system is running, IO errors, Network errors and other system errors are recorded in this file. In addition, logs such as a person's identity switch to root and user-defined software (Apache) are listed here. Typically,/var/log/messages is the first file to be viewed when troubleshooting.
    • Because a lot of things are recorded in this log, in order to avoid the log file becomes very large, the system has a log polling mechanism, each week to switch a
      Log, become message.xxxxxxxx, message.xxxxxxxx, ... messages.xxxxxxxx Together with messages there are altogether 5 such log files. The xxxxxxxx here is the file generated in the format of the date. This is achieved through the control of the Logrotate tool, and its configuration file is/etc/logrotate.conf.

    • Note : Do not modify this configuration file if there is no special requirement.

(2) DMESG command, display the system boot information (stored in memory), if a hardware problem (such as a network card) with this command is also visible. Dmesg-c can erase the contents of the record.
(3)/VAR/LOG/DMESG, System startup log, and DMESG command okay.
(4) Last command, view log in to Linux history, call the file/var/log/wtmp (binary file, cannot be viewed with cat).
(5) LASTB command, check the user login failed, the corresponding file is/var/log/btmp
(6)/var/log/secure record verification and authorization information, such as SSH login system success or failure, will be the relevant information recorded in this

A log.

Logrotate Reference:
https://my.oschina.net/u/2000675/blog/908189

10.35 Screen Tool

Sometimes, we may have a need to execute a command or script, but it takes hours or even days. In order to avoid accidental interruption of the tasks performed, there are two ways to prevent this from happening.
1. Using Nohup
Format: Nohup Command &
The direct addition of a ' & ' is thrown into the background, but when exiting the terminal it is possible that the script will also exit, and add Nohup in front

There is no problem, the role of Nohup is to run the command without hanging up.

2. Use screen
Screen is a virtual terminal that is a window manager that can multiplex a physical terminal across multiple processes. The concept of Session in screen allows users to create multiple screen windows in a one screen session. In each of the screen windows, it is like manipulating a real SSH connection window.
1) Open a session, enter the screen command directly and enter, go to the Screens session window
2) View the screen session that is already open screen-ls
3) Exit Screen session
CTRL a key and then press D to exit the virtual terminal, just exit, and not end. Enter Ctrl +d or enter exit.
4) After exiting, you also want to log in to a screen session again, using Sreen-r [screen number], such as Screen-r ID
5) Screen-s aming//Custom one screen virtual terminal name is Aming

2018-1-31 Linux Learning Notes

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.