10.32/10.33 rsync via service sync
This approach can be understood as the first to establish a rsync server on the remote host, configure the various applications of rsync on the server, and then this machine as a client of rsync to connect to the remote rsync server.
- Establish and configure the rsync configuration file/etc/rsyncd.conf
Rsyncd.conf Sample Example
port=873//default port is 873
Log File=/var/log/rsync.log
PID File=/var/run/rsyncd.pid
address=192.168.133.130
[Test]
Path=/root/rsync
Use Chroot=true
Max Connections=4
Read Only=no
List=true
Uid=root
Gid=root
Auth Users=test
Secrets file=/etc/rsyncd.passwd
Hosts allow=192.168.133.132 1.1.1.1 2.2.2.2 192.168.133.0/24
- rsyncd.conf configuration file in detail
Port: Specifies on which port to start the RSYNCD service, the default is Port 873.
Log file: Specifies the log files.
PID File: Specifies the PID files that are involved in process management operations such as starting and stopping services.
Address: Specifies the IP that initiates the RSYNCD service. If your machine has multiple IPs, you can specify that one of the RSYNCD services be started, and if you do not specify this parameter, the default is to start on all IPs.
[]: Specifies the module name, inside the content customization.
Path: Specifies the path where the data is stored.
Use chroot True|false: Represents the first chroot to the directory specified by the path parameter before transferring the file. The reason for this is to implement additional security protections, but the disadvantage is that you need to roots permissions, You cannot back up a directory file that points to an external symbolic connection. By default, the
Chroot value is true, and it is recommended that you set it to False if you have soft connection files in your data.
Max connections: Specifies the maximum number of connections, which defaults to 0, which means there is no limit.
Read Only Ture|false: If true, you cannot upload to the path specified by the module.
List: Indicates whether the module is listed when the user queries the available modules on the server, set to True is listed, and false is hidden.
Uid/gid: Specifies which user/group is transferred when the file is transferred.
Auth Users: Specifies the user name to use when transferring.
Secrets File: Specifies the password files, which, together with the parameters above, do not use password authentication if they are not specified. Note that the password file's permissions must be 600. Format: Username: Password
hosts allow: Represents the host that is allowed to connect to the module. can be IP or network segment, if more than one, the middle with a space separated.
Edit Secrets file, after saving to give 600 permissions, if the permissions are not correct, can not complete synchronization.
When the Auth users and Secrets file are set, the client connection server also needs to use the user name password, if you want to bring the password on the command line, you can set a password file.
RSYNC-AVL [email protected]::test/test1//tmp/test8/--password-file=/etc/pass
Where/etc/pass content is a password, the permissions should be changed to 600.
Start the RSYNCD service
Rsync--daemon
Once started, you can check the log and see if the port is started:
[Email protected] ~]# Cat/var/log/rsync.log
[Email protected] ~]# NETSTAT-LNP |grep 873
TCP 0 0 0.0.0.0:873 0.0.0.0: LISTEN 12066/rsync
TCP 0 0::: 873:: : LISTEN 12066/rsync
- Test on a different machine
RSYNC-AVL [Email protected]::test/test1//tmp/test8/
10.34 Linux system logs
The log records a variety of things that happen on a daily basis, and you can check the cause of the error or the traces of an attacker's presence when the attack occurred. The main functions of the log are: auditing and monitoring, monitoring the system status in real time, monitoring and tracking intruders, etc.
Common Log files:
(1)/var/log/messages
- The core system log files contain boot messages at system startup, as well as other status messages when the system is running, IO errors, Network errors and other system errors are recorded in this file. In addition, logs such as a person's identity switch to root and user-defined software (Apache) are listed here. Typically,/var/log/messages is the first file to be viewed when troubleshooting.
Because a lot of things are recorded in this log, in order to avoid the log file becomes very large, the system has a log polling mechanism, each week to switch a
Log, become message.xxxxxxxx, message.xxxxxxxx, ... messages.xxxxxxxx Together with messages there are altogether 5 such log files. The xxxxxxxx here is the file generated in the format of the date. This is achieved through the control of the Logrotate tool, and its configuration file is/etc/logrotate.conf.
- Note : Do not modify this configuration file if there is no special requirement.
(2) DMESG command, display the system boot information (stored in memory), if a hardware problem (such as a network card) with this command is also visible. Dmesg-c can erase the contents of the record.
(3)/VAR/LOG/DMESG, System startup log, and DMESG command okay.
(4) Last command, view log in to Linux history, call the file/var/log/wtmp (binary file, cannot be viewed with cat).
(5) LASTB command, check the user login failed, the corresponding file is/var/log/btmp
(6)/var/log/secure record verification and authorization information, such as SSH login system success or failure, will be the relevant information recorded in this
A log.
Logrotate Reference:
https://my.oschina.net/u/2000675/blog/908189
10.35 Screen Tool
Sometimes, we may have a need to execute a command or script, but it takes hours or even days. In order to avoid accidental interruption of the tasks performed, there are two ways to prevent this from happening.
1. Using Nohup
Format: Nohup Command &
The direct addition of a ' & ' is thrown into the background, but when exiting the terminal it is possible that the script will also exit, and add Nohup in front
There is no problem, the role of Nohup is to run the command without hanging up.
2. Use screen
Screen is a virtual terminal that is a window manager that can multiplex a physical terminal across multiple processes. The concept of Session in screen allows users to create multiple screen windows in a one screen session. In each of the screen windows, it is like manipulating a real SSH connection window.
1) Open a session, enter the screen command directly and enter, go to the Screens session window
2) View the screen session that is already open screen-ls
3) Exit Screen session
CTRL a key and then press D to exit the virtual terminal, just exit, and not end. Enter Ctrl +d or enter exit.
4) After exiting, you also want to log in to a screen session again, using Sreen-r [screen number], such as Screen-r ID
5) Screen-s aming//Custom one screen virtual terminal name is Aming
2018-1-31 Linux Learning Notes