Answer to the question of network-transmitted Linux operation and maintenance plane (I.)

title reproduced from:http://2358205.blog.51cto.com/2348205/1687708

Most of them do it themselves, part of the original post of the blogger 's answer

1, Linux system software installation and uninstallation of common methods

①yum Way:

Yum Install
Yum Remove Uninstall (this is not recommended and will uninstall the package to be uninstalled)

②rpm Way

Rpm-i Installation
Rpm-e Unload (Ignore dependency plus--nodeps)

③ Uninstall of compiled installation

The CD command enters the compiled software directory, which is the directory at the time of installation, executes the make uninstall command, or simply deletes the installation directory

2. Remote connection tools commonly used by Windows and Linux have those

command line remote connection: SECURECRT, putty, Xshell, etc.

Graphics remote connection: Linux under Xmanager, vnc,windows under the MSTSC (Remote Desktop), etc.

3. How to modify the IP address, gateway and hostname of Linux

Simple, slightly

4, write scripts to achieve the following functions;
Start a backup every 5 o'clock in the morning.
To back up is/var/mylog all files and directories can be compressed for backup
Backup can be saved to a single device 192, 168, 1, 2 FTP account AAA password BBB
To display the daily backup file with the date tag of the day

cat/server/scripts/backup.sh

#!/bin/bash
Mkdir/backup && Cd/backup
Tar zcf backup_$ (date +%f). Tar.gz/var/mylog
Ftp-n << EOF
Open 192.168.1.1
User AAA BBB
Put backup_$ (date +%f). tar.gz
Close
Bye
Eof

Add a Scheduled task

Crontab-e

XX * * * */bin/bash/server/scripts/backup.sh &>/dev/null

5. Iptables Related Commands

iptables-f                     //Clears all rules, does not process the default rule
iptables-x                     //delete user-defined chains
iptables-z                 Register of     /chain 0
iptables-n                     //Add a custom chain
iptables-x                     //Delete a custom chain
Iptables-l-n                  //Print all rules in number format
Iptables-l-n--line-numbers  //Print all rules in numeric format and display line numbers  

Iptables-a input-p TCP--dport 80-j DROP//Add rule to end of specified chain
Iptables-i input-p TCP--dport 80-j DROP//Add rule to the beginning of the specified chain
Iptables-i INPUT 2-p TCP--dport 80-j DROP//Add rule to the second row of the specified chain
iptables-d input-p TCP--dport 80-j drop//delete specified rule for specified chain
iptables-d INPUT 2//Delete the second rule of the specified chain
Iptables-a input-s 10.0.0.104-j DROP//According to source address ban
Iptables-i input-p ICMP--icmp-type 8-j DROP//Ban Ping pack
Iptables-i input-p icmp-j DROP//Disable all ICMP protocols
Iptables-a INPUT! -P tcp-j ACCEPT//Match all protocols outside the specified protocol
Iptables-a input-s 10.0.0.14-j ACCEPT//Match host Source IP
Iptables-a INPUT! -S 10.0.0.14-j DROP//Match host Source IP
Iptables-a input-s 10.0.0.0/24-j ACCEPT//Matching network segment
Iptables-a input-p UDP--dport 53//matching single port

6. mysql Related questions
How to improve MySQL security level after new installation of MySQL

For:

One

Delete Test database: Drop DB test;
Delete Unused users: Drop user ' root ' @ ':: 1 ';
Drop user ' @ ' centos6-2 ';
Drop user ' @ ' locaohost ';
or delete all, add administrator: Delete from Mysql.user;
Grant all privileges on * * to [email protected] ' localhost ' identified by ' 123456 ' with GRANT option;
Second, the user to set a more complex password and strictly specify the corresponding account access IP (can be specified in the user table in the MySQL library access to the IP address of users, root limit to only allow local login)
Third, open binary query log and slow query log
Iv. MySQL installation directory and data directory permissions control: to the MySQL installation directory Read permissions, to the MySQL log and data directory read and Write permissions

Five, modify the MySQL default port, Linux can be iptables to restrict access to the MySQL port IP address

MySQL master-slave principle, how to configure the file

Master-Slave Synchronization Simple principle:

The main library opens the record Binlog log (the redaction record), obtains the Binlog from the library through the IO thread and the main library communication, and then calls the SQL thread to write to its own database

Configuration steps

1, configure the master MY.CNF
[Mysqld]
Log-bin = Mysql-bin
Server-id = 1
Open Mysqlbinlog and ensure that master and slave Server-id different, slave log-bin can open, when slave need to do other slave master, that is, cascade, need to open log-bin, and increase the log-slave-updates parameter at the same time
Detects if Master has successfully opened Log-bin mysql-uroot-p123456-e "show variables like ' Log_bin '"

2. Add slave connection user on Master
Grant Replication Slave on * * to ' rep ' @ ' 10.10.13.% ' identified by "111";

3, Backup master data, import on slave
[[email protected] tmp] #mysqldump-uroot-p123456-a-b--master-data=1--single-transaction--events | gzip >/tmp/all.sql.gz
[[email protected]/] #scp 10.10.13.91:/tmp/all.sql.gz/tmp
[[email protected]/] #gzip-D/tmp/all.sql.gz
[[email protected]/] #mysql-uroot-p123456-s/mysql/3308/mysql.sock </tmp/all.sql

4. Start slave
Configuring the Slave my.cnf
[Mysqld]
Replicate_wild_ignore_table=mysql.% #不同步mysql库
Restarting the Slave database service
Note, do not configure Binlog-do-db, binlog-ignore-db, replicate-do-db, replicate-ignore-db these four parameters on Master, as they are not imagined reliable, refer to http://yujia2016.blog.51cto.com/59379/1783686

Login Slave:mysql-uroot-p123456-s/mysql/3308/mysql.sock
Change MASTER to
Master_host= ' 10.10.13.91 ',
master_port=3306,
Master_user= ' rep ',
Master_password= ' 111 ',

Start slave; Start slave
Show slave status\g See Slave_io_running:yes and Slave_sql_running:yes, indicating a successful master-slave synchronization configuration

Add a user to MySQL

Syntax: GRANT < permissions > on < libraries >.< tables > to ' users ' @ ' host name ' identified by ' password;


7. Windowns Related Issues
Have you patched the windowns system, and if you have 100 units, what would you do?

If the domain controller is used to distribute patches, if the company does not have a domain environment, you can install 360 Enterprise Edition, each client installs 360 Enterprise Edition client, use 360 Enterprise version of the control center to distribute patches

8. Display all directories under the/test directory

For:

ls-ld/test/*

9, the file/etc/a in addition to the B file in all files compressed package put under/HOME/A, the name is a.gz

Tar zcf/home/a/a.gz/etc/a/*--exclued=b

10. A script gives execute permission commands and options
chmod +x *.sh

4. What does umask 022 mean?

Represents the initial permission to create a file is 644 the initial permission to create a directory is 755

5. How to view all files opened by a process
LSOF-P Process PID

6. Get the packet information of the 80 port on the eth0 NIC

Tcpdump-i eth0 Port 80

7. Delete all files and directories under/a/b
rm-rf/a/b/*

8. Commonly used network management tools (more than 5 kinds)
Ifconfig netstat ss iftop ntop ping traceroute nslookup dig telnet etc.

9. Port number for FTP, HTTPS, SMTP, pops, SSH

FTP Active mode transfer data 20 interaction 21

FTP Passive mode transfer data port random interaction 21

HTTPS 443
SMTP 25
POPs 110
SSH 22

10. How to turn on support memory on Windows Server 2003/2008 3-4g
Right-click on My Computer, select Properties, click on the "Advanced" tab, click "Settings" under "Startup and Recovery" button, click "Edit" button, add a switch "/PAE" (without quotation marks) after the last line of the boot. ini file, then restart the machine after saving By the way, 2008 has a 64-bit system. No need to install 32-bit

11. Please use Iptables to control the 80 port request from 192.168.1.2 Host

Iptables-a input-s 192.168.1.2-p TCP--dport 80-j ACCEPT

12. Use shell script to create a group class, a group of users, user name Stdx x from 01-30, and belong to class group

#!/bin/bash
Groupadd class
For i in ' seq-w 30 '
Do
Useradd Std$o-g Class
Done

13, in the MySQL client query tool, how to get all the current connection process information

Show Full Processlist\g

14. How to delete full database log information

In the MY.CNF [mysqld] section, add: Expire-logs-days=7 (set to automatically clear 7 days of money logs), restart MySQL;
or login, MySQL, execute: Purge binary logs to ' mysql-bin.000003 '; #删除bin-log (before deleting mysql-bin.000003 and not including mysql-bin.000003)
If the MySQL master-slave environment, delete the log, the statement format is as follows:
PURGE {MASTER | BINARY} LOGS to ' Log_name '
PURGE {MASTER | BINARY} LOGS before ' date '

This article is from the "Progress a little every day" blog, be sure to keep this source http://yujia2016.blog.51cto.com/59379/1839571

Answer to the question of network-transmitted Linux operation and maintenance plane (I.)