36, rsync through the service synchronization, Linux system logs, screen tools
One, rsync through the service synchronization
This approach can be understood as: Establish an rsync server on the remote host, configure the various applications on the server, and then this machine will be the client to connect to the remote server.
Edit the configuration file before starting the service/etc/rsyncd.conf
Start Service: rsync--daemon
# rsync-av/etc/passwd 192.168.93.130::/tmp/1.txt double colon followed by module name.
Check the network connectivity before you have encountered a previous route, and then check the port.
telnet ip+ Port : Detects if the port is unobstructed.
When the port is not unobstructed, check the iptables and stop the service.
--port: Specify port Name
Configure the Rsync server: Establish and configure the Rsync configuration file on the host.
# vi/etc/rsyncd.conf
port=873 specifies which port to start the Rsync service, default 873.
Log File=/var/log/rsync.log To specify the logging file
Pod file=/var/run/rsync.pid specifies a PID file that is involved in process management operations such as starting and stopping services
address=192.168.93.130 Start the Rsync service IP, if there are multiple IPs on the machine, can be specified by one of the boot, if not specify this parameter, the default on all IP start. The above four belong to the global configuration
[Test] [] Specify the module name, content customization test below is the module configuration
Path=/tmp/rsync the path of data storage
Use chroot=true|false before transferring files, chroot to the directory specified by path. The default value is True, which is set to false when there are soft link files in the data. To do this is to implement additional security , with the drawback that root permissions are required, and that you cannot back up the pointing directory files that point to external symbolic connections. True is qualified, false is not qualified.
Max connections=4 Specifies the maximum number of connections, which by default is 0, which is unlimited.
Read Only=no True|false is read-only and if the server is set to True, it cannot be uploaded to the path specified by the module.
List=true indicates whether the module is listed when the user queries the available modules on the server, True is listed, False is hidden
The Uid=root and GID specify which user/group is transferred when the file is transferred.
Gid=root
Auth users=test Specifies the file name to use when transferring.
Secrets file=/etc/rsyncd.passwd Specifies the password file, along with the above parameters, if not specified, does not use password authentication, the password file permissions must be 600.
Hosts allow=192.168.93.2 represents the host that is allowed to connect to the module, either IP or network segment, if multiple, separated by a space.
The configuration file is divided into two parts: the global configuration and the module configuration, a file with multiple modules, the module name can be customized, the format as above, the module configuration can also be configured as global parameters.
Usage:
# rsync--prot=873 192.168.93.130::
The module name is not added, and when the list is set to True, the available modules can be queried. So you can set false better.
# rsync--prot=873--passwd-file=/etc/rsync_pass.txt [email protected]::test
--passwd-file, specify the password file without entering the password.
Second, Linux system log
Monitoring the status of the system, troubleshooting system failures, etc., can be logged to check the cause of the error, or the attacker's traces. The main function is audit and monitoring, can monitor the system status in real time, monitor and trace the intruder and so on.
(a)/var/log/messages
The total log file of the Linux system, the core system log file.
The system splits the log. Logrotate , &NB Sp , &NB Sp , &NB Sp , &NB Sp , &NB Sp , &NB Sp &NBSp , &NB Sp , &NB Sp , &NB Sp , &NB Sp , &NB Sp , &NB Sp , &NB Sp &NBsp , &NB Sp , &NB Sp
Weekly: Cut once a week
Rotate 4: four reserved
Create: Creating a new file
Dateext: Suffix name
Compress: Whether to compress,. tar.gz format
Determined by/var/run/syslogd.pid this service
(ii) DMESG order
List the hardware-related logs, which are stored in memory. To pay more attention to this command, you can display the boot information of the system, if there is a problem with a hardware, this can also be seen.
/VAR/LOG/DMESG the file is a system-initiated file that is not related to this command.
(iii) Last order
View the correct login history, including reboot
/var/log/wtmp calls this log, which is a binary file that cannot be cat.
And last corresponds to the LASTB, the wrong login log, the corresponding file/var/log/btmp.
When the system is hacked, the Btmp file will have many bars.
Security log:/var/log/secure.
Third, screen tools
When executing a command or writing a script takes too long, in order to avoid a mid-break or other unexpected situation.
(a) Nohup
Nohup Execute COMMAND + log &: So, throw it in the background.
(ii) Screen tools
Screen is a virtual terminal.
Yum install-y Screen
Screen to enter the virtual terminal directly.
CTRL + A, then press D to exit the screen session, which is to throw screen into the background, no end
End Session Press Ctrl+d or enter exit.
If you want to log in again after exiting, you can use the command SCREEN-R [screen number]
If only one session is currently open, the following number can be omitted.
When there is a command that needs to run for a long time, or a script, open a screen session, then run the task, then CTRL + a background and press D to exit the session. This does not affect any operations on the terminal window.
Screen-ls: Viewing a screen session that is already open
Screen-s "Test":-S option, custom name.
Screen-r: Enter the specified terminal.
36, rsync through the service synchronization, Linux system logs, screen tools