Learning record 003-Simple system optimization, directory structure

First, the operating system simple optimization
1. Cat/etc/redhat-release//View version number
2./usr/sbin/ntpdate time.nist.gov//Time synchronization, just one synchronization
6.4 Set Automatic Update time every 5 minutes
echo ' #time sync by kaka at 2016-6-22 ' >>/var/spool/cron/root
Echo ' */5 * * * * */usr/sbin/ntpdate time.nist.gov >/dev/null2>&1 ' >>/var/spool/cron/root
Crontab-l
3. Increase the server file descriptor
Law One: vim/etc/security/limits.conf
End of File plus-nofile 65535
Law II:
Echo ' *-nofile 65535 ' >>/etc/security/limits.conf
After tail-l/etc/security/limit.conf//See if Edit is successful
Then restart the login to see the ULIMIT-N//display 65535
Fahsarm
Cat >>/etc/rc.local<<eof
#openfiles
ULIMIT-HSN 65535
#stack size
Ulimit-s 65535
EOF//ulimit-shn Command added to/etc/rc.local for each reboot to take effect
Related blog: http://www.cnblogs.com/wangkangluo1/archive/2012/06/06/2537677.html
4. Character Set
GBK fixed-length double-byte
UTF-8 non-fixed length 1-4 bytes, Chinese is 3 bytes, with more
5.linux kernel parameter file/etc/sysctl.conf optimization sysctl-p effective
Net.ipv4.tcp_fin_timeout #fin_timeout Shorten the connection time
Net.ipv4.tcp_tw_reuse #允许闲置的重连接
Net.ipv4.tcp_tw_recycle #开启TCP连接中TIME-waitsockets Fast Recovery, is the connection to deal with a lot of how to deal with the method
Net.ipv4.tcp_syncookies #防止SYN攻击, enable Syncookies
Net.ipv4.tcp_keepalive_time #TCP会话保持的时间
Net.ipv4.ip_local_port_range #端口范围 44-44545 that's the range.
Net.ipv4.tcp_max_syn_backlog #SYN The default queue length is 1024 to 8192 to increase the number of waits for the network process
Net.ipv4.tcp_max_tw_buckets #time_wait Socket Default 18W We're setting 20000, similar to the meaning of scissors.
Net.ipv4.tcp_synack_retries #
Net.ipv4.tcp_syn_retires
Net.ipv4.tcp_max_orphans
Net.core.somaxconn #系统同时发起TCP连接数的的控制, the default value is 128
Net.core.netdev_max_backlog # How many network queues can be processed concurrently
6. Regular cleanup of Clientqueue directory junk files to prevent full disk space
/var/spool/clientmqueue/sendmail Mail Service mail temporary storage address
Manual cleanup method: Find/var/spool/clientmqueue-type F |xargs RM-RF
Ll/var/spool/clientmqueue |wc-l
Timing Cleanup Method: echo "find/var/spool/clientmqueue/-type F |xargs rm-f" >/server/scripts/del_sys_file.sh
Df-hi//view Inode file
7. What should you do when a hacker attacks you?
Chattr +i/etc/passwd
Chattr +i/etc/shadow
Chattr +i/etc/group
Chattr +i/etc/gshadow
Chattr +i/etc/inittab
After the chattr renamed Mv/usr/bin/chattr/usr/bin/kaka No one knows Kaka may use Lsattr-i can view permissions, but there is no way to do not know how to deal with
8. Try to hide our version, show version >/etc/issue on boot
9. Become a one-click Script

Second, the basic directory structure of Linux
1. The "/" root directory is the starting point (vertex) of all the directories in the Linux system to understand the tree upside down
2. Different directories can distribute different hard disk partitions and different hardware devices
All the devices need to be mounted to use,
MNT Temporary Mount Directory
/dev/sda1
In Linux, the disk itself is not mounted and needs to be mounted on the SDA1
MOUNT/DEV/SDA1/MNT//Temporary mount
Why can I mount it automatically? When on, automatically mounts in/etc/fstab, the first column describes the partition to be mounted
Second column file system mount point third column file system mount type fourth column file system parameters fifth column backup sixth column disk check
The use of the device name (/DEV/SDA) to mount the partition is fixed dead, once the disk slot order has changed, there will be a problem with the name does not correspond. Because this name is going to change.
However, using a label mount does not worry about slot order issues. But keep an eye on your label name. As for UUID, each partition is formatted with a UUID as the unique identification number. Use the UUID to mount the words without worrying about the problem of confusion.
The second column: mount point: The device's mount points, which directory you want to mount.

Column: FileSystem: Format of the disk file system, including Ext2, Ext3, ReiserFS, NFS, VFAT, etc.

Fourth column: Parameters: File System parameters
Async/sync
Set whether to run synchronously, default to Async
Auto/noauto
Whether the file system is actively mounted when the MOUNT-A command is downloaded. Default is Auto
Rw/ro
Whether to mount in read-only or read-write mode
Exec/noexec
Restricting the ability to perform operations within this file system
User/nouser
Whether the user is allowed to mount using the Mount command
Suid/nosuid
Whether to allow the existence of suid
Usrquota
Boot file system supports disk quota mode
Grpquota
Boot file system support for group disk quota mode
Defaults
Colleagues with Rw,suid,dev,exec,auto,nouser,async settings such as default parameters

Fifth column: Can the dump backup command function: Dump is a command used as a backup. Usually the value of this parameter is 0 or 1
0
Rep don't do dump backup
1
Represents a daily dump operation
2
Perform a dump operation that represents an indefinite date

Column Sixth: Whether to verify sector: During power-on, the system defaults to fsck to verify that our system is complete (clean.
0
Do not test
1
First Test (Common root directory selection)
2
Inspection after completion of the 1 level inspection

directory and partition establishment relationship is called mount, df-h can view system mount
3. Such as a QQ game program, the implementation of the program in/usr/bin data files and help in/usr/share
Run and load the service start command under/etc/
Procedures related to 4./release systems
/usr: The program that puts the user
/usr/local users to install their own programs, if using Yum and RPM is not the case
/OPT Storage of third party factory developer program option
5. Directory hierarchy FHS What procedures are defined/decentralized
Second level define/var put what/usr put what

Iii. Catalogue Interpretation
/bin//English binaries storing binary files you can use Ls/bin to see what's inside.
/boot//static files of the boot loader never updated
Directory for the/dev//device files
/etc//host-specific System Configuration binary installation package The default Path service startup command for the storage directory init.d such as boot loaded
Home directory default data storage directory for///normal users
/lib//Shared library and kernel inventory drop-down directory
/lost+found//disk fragment storage generated when the system shuts down unexpectedly
/mnt//mount point for mounting Afilesystem temporarily temporary file system mount points, such as one disc to Linux, mounted under MNT
/OPT//You can choose to install the package here
/proc//kernel and file information operations Cat/proc/meminfo or Cpuinfo or loadavg can see system load information
/root//Super User
/sbin//System binary management, is the root, for 5. X System direct Ifconfig is not set environment variable
/tmp//Temp file directory is a t permission
/usr//secondary hiearchy/usr/local put our own installed software, USR/SRC system source Directory
/var//variable data var/log/messages System log file Spool/cron the configuration file for the scheduled task
Important Sub-directories
/etc/sysconfig/network-scripts/ifcfg-eth0//Network card configuration file
/etc/resolv.conf//dns parsing nameservice IP Address
/etc/hosts//User IP and name of the connection, under Windows input cmd-system32-driver-hosts, the test environment is used by him, or the server between the call
/etc/sysconfig/network//can modify the machine name and network card boot, gateway and other settings
/etc/fstab//Record boot mount file system can also be placed in/etc/rc.local
What runlevel level to choose when/etc/inittab//init
/etc/exports Configuration path for//nfs
/ETC/INIT.D//Many start-up services are here/etc/init.d/sshd
/ETC/XINIT.D//The mode is not very good, first do not understand
/etc/profile//system Global environment variable path
/ETC/PROFILE.D//Loading System program, individual presence

Learning record 003-Simple system optimization, directory structure