Linux Operations Command

Source: Internet
Author: User
Tags gopher

[[Email protected]001~] # uname-a # view kernel/OS/Linux System Information command for CPU information [[email protected]-001~] # Head-n1/etc/issue # View OS version, is the number 1 not the letter L[[email protected]-001~] # cat/proc/Cpuinfo # Linux System Information command to view CPU information [[email protected]-001~] # hostname # View Linux System Information command for computer name [[email protected]-001~] # LSPCI-TV # List all PCI devices [[email protected]-001~] # LSUSB-TV # Lists Linux System Information commands for all USB devices [[email protected]-001~] # lsmod # list loaded kernel modules [[email protected]-001~] # env # View environment variable resources [[email protected]-001~] # free-m # View memory usage and swap usage [[email protected]-001~] # DF-H # View the usage of each partition [[email protected]-001~] # du-sh # View the size of the specified directory [[email protected]-001~] # grep memtotal/proc/Meminfo # View total memory [email protected]-001~] # grep memfree/proc/Meminfo # viewing idle memory [[email protected]-001~] # uptime # View System uptime, number of users, load [email protected]-001~] # cat/proc/loadavg # Viewing system load disks and partitions [email protected]-001~] # Mount | Column-t # View attached partition status [[email protected]-001~] # fdisk-L # View all partitions [[email protected]-001~] # Swapon-S # View all swap partitions [[email protected]-001~] # hdparm-i/dev/HDA # View disk parameters (for IDE devices only) [email protected]-001~] # DMESG |grep IDE # view IDE device detection network at startup [email protected]-001~] # ifconfig # View the properties of all network interfaces [[email protected]-001~] # iptables-L # View firewall settings [[email protected]-001~] # route-N # View routing table [[email protected]-001~] # netstat-LNTP # View all listening ports [email protected]-001~] # netstat-ANTP # View all established connections [[email protected]-001~] # netstat-S # Viewing the network statistics process [[email protected]-001~] # PS-EF # View all processes [[email protected]-001~] # top # Real-time display of process status user [[email protected]-001~] # w # View active users [[email protected]-001~] # ID # view specified user information [[email protected]-001~] # Last # View user log in log [email protected]-001~] # cut-d:-f1/etc/passwd # View All users of the system [email protected]-001~] # cut-d:-f1/etc/Group # View system all groups [[email protected]-001~] # crontab-L # View the current user's scheduled tasks service [email protected]-001~] # chkconfig–list # list all system services [[email protected]-001~] # Chkconfig–list |grep on # Lists all startup system services [[email protected]-001~] # RPM-QA # View all installed packages [email protected]-001~] # cat/proc/Cpuinfo # Linux system commands to view CPU-related parameters [[email protected]-001~] # cat/proc/Partitions # View System Information commands for Linux hard disk and partition information [[email protected]-001~] # cat/proc/Meminfo # Linux system commands to view Linux system memory information [[email protected]-001~] # cat/proc/version # view version, similar to uname-R[[email protected]-001~] # cat/proc/ioports # Viewing device io port [[email protected]-001~] # cat/proc/interrupts # viewing interrupts [[email protected]-001~] # cat/proc/PCI # View information about PCI devices [[email protected]-001~] # cat/proc/Swaps # View information for all swap partitions One, comment out the system does not need users and user groups Note: It is not recommended to delete directly, when you need a user, re-add it will be very troublesome. CP/etc/passwd/etc/Passwdbak #修改之前先备份 VI/etc/passwd #编辑用户, precede with # comment out this line #adm: x:3:4: adm:/var/adm:/sbin/nologin#lp:x:4:7: lp:/var/spool/lpd:/sbin/nologin#sync:x:5:0: sync:/sbin:/bin/sync#shutdown:x:6:0: shutdown:/sbin:/sbin/shutdown#halt:x:7:0: halt:/sbin:/sbin/halt#uucp:x:Ten: -: uucp:/var/spool/uucp:/sbin/nologin#operator: x: One:0:operator:/root:/sbin/nologin#games:x: A: -: games:/usr/games:/sbin/nologin#gopher:x: -: -: gopher:/var/gopher:/sbin/nologin#ftp:x: -: -: FTP user:/var/ftp:/sbin/Nologin #注释掉ftp匿名账号cp/etc/group/etc/Groupbak #修改之前先备份 VI/etc/group #编辑用户组, precede with # comment off this line #adm:x:4: root,adm,daemon#lp:x:7:d aemon,lp#uucp:x: -: uucp#games:x: -: #dip: x: +: Two, shut down the system does not need services service Acpid stop chkconfig acpid off #停止服务, cancel boot boot #电源进阶设定, commonly used on Laptop service AutoFS stop Chkconfi G AutoFS off #停用自动挂载档桉系统与週边装置service bluetooth stop chkconfig bluetooth off #停用Bluetooth蓝芽service cpuspeed stop chk Config cpuspeed off #停用控制CPU速度主要用来省电service cups stop chkconfig cups off #停用 Common UNIX Printing system Support Printer Service ip6tables stop chkconfig ip6tables off #禁止IPv6 If you want to restore a service, you can perform the following operations service Acpid start Chkconfig acpid on third, Prohibit non-root user execution/etc/rc.d/init.d/system commands under the chmod-R the/etc/rc.d/init.d/*Chmod-r 777/etc/rc.d/init.d/* #恢复默认设置 Four, add an immutable attribute to the following file to prevent unauthorized users from gaining permission chattr +i/etc/passwdchattr +i/etc/shadowchattr +i/etc/groupchattr +i/etc/gshadowchattr +i/etc/services #给系统服务端口列表文件加锁 to prevent unauthorized deletion or addition of services Lsattr/etc/passwd/etc/sha Dow/etc/group/etc/gshadow/etc/services #显示文件的属性 Note: After performing the above permissions modification, you cannot add a delete user.   If you want to add delete users, you need to first cancel the above settings, and so on after the user adds the delete completes, then performs the above action chattr-i/etc/passwd #取消权限锁定设置 chattr-i/etc/shadow chattr-i/etc/group Chattr-i/etc/gshadow chattr-i/etc/services #取消系统服务端口列表文件加锁现在可以进行添加删除用户了, after the operation to lock the directory file five, limit the permissions of different files Chattr +a. Bash_hi Story #避免删除. Bash_history or redirected to/dev/nullchattr +i. Bash_historychmod 700/usr/bin Restore chmod 555/u Sr/binchmod 700/bin/ping recovery chmod 4755/bin/pingchmod 700/usr/bin/vim restore chmod 755/usr/bin/vimch MoD 700/bin/netstat recovery chmod 755/bin/netstatchmod 700/usr/bin/tail restore chmod 755/usr/bin/tailchmod 700/usr/bin/less recovery chmod 755/usr/bin/lesschmod 700/usr/bin/head recovery chmod 755/usr/bin/headchmod 700/bin/cat restore chmod 755/bin/catchmod 700/bin/unam E recovery chmod 755/bin/unamechmod 500/bin/ps recovery chmod 755/bin/ps Six, disable the use of Ctrl+alt+del shortcut keys to restart the server Cp/et C/inittab/etc/inittabbakvi/etc/inittab #注释掉下面这一行 #ca::ctrlaltdel:/sbin/shutdown-t3-r Now seven, updating the system with Yum Update does not upgrade the kernel, only Update package due to system and hardware compatibility issues, it is possible to upgrade the kernel after the server does not start normally, this is very scary, no special need, it is recommended not to upgrade the kernel arbitrarily. CP/ETC/YUM.CONF/ETC/YUM.CONFBAK1, modify the Yum configuration file vi/etc/yum.conf at the end of [main] add exclude=kernel*2, directly after the Yum command, add the following parameters: Yum- -exclude=kernel* Update View system version cat/etc/issue view kernel version uname-a Eight, turn off CentOS Automatic Updates chkconfig--list yum-updatesd #显示当前系统状态yum-up                                        DATESD 0: Off 1: Off 2: Enable 3: Enable 4: Enable 5: Enable 6: Turn off service yum-updatesd stop #关闭 turn on parameter for start stop YUM-UPDATESD: [Determine]service yum-updatesd status #查看是否关闭yum-updatesd stopped Chkconfig--level F #禁止开启启动 (System mode 3, 5) Chkconfig yum-updatesd off #禁止开启启动 (all boot modes are all disabled) Chkconfig--list YUM-UPDATESD #显示当前系统状态yum-updatesd 0: Off 1: Off 2: Enable 3: Off 4: Enable 5: Off 6: Turn off nine, turn off redundant virtual consoles we know that switching from the console to the X window, generally using ALT-F7, Why is it? Because the system defines 6 virtual consoles by default, X becomes the 7th one. In fact, many people do not normally need so many virtual consoles, modify/etc/inittab, and comment out the ones you don't need. cp/etc/inittab/etc/inittabbakvi/etc/inittab# Run Gettys in standard Runlevels1:2345:respawn:/sbin/mingetty tty1#2:23 45:respawn:/sbin/mingetty Tty2#3:2345:respawn:/sbin/mingetty tty3#4:2345:respawn:/sbin/mingetty tty4#5:2345: Respawn:/sbin/mingetty Tty5#6:2345:respawn:/sbin/mingetty Tty6 10, Delete MySQL history the SQL command executed by the user after logging in to the database is also recorded in the. mysql_history file of the user directory by MySQL. If the database user modifies the database password with an SQL statement, it is also compromised by the. mysql_history file. So we do not in the shell landing and backup when the password directly after-p, but after the prompt and then enter the database password. In addition to these two files we should also not let it record our operation, just in case. CDCP. bash_history. Bash_historybak #备份cp. Mysql_history mysql_historybakrm. Bash_history mysql_historyln-s L. bash_historyln-s/dev/null. mysql_history 11, modify history command record Cp/etc/profile/etc/profilebakvi/etc/profile find HISTSIZE =1000 to histsize=50 12, Hide server System information By default, when you log in to a Linux system, it will tell you the name, version, kernel version of the Linux distribution,The name of the service device. In order not to let the default information leak out, let's do the following to show it only a "login:" prompt. Delete the/etc/issue and/etc/issue.net two files, or rename the 2 files, the effect is the same. Mv/etc/issue/etc/issuebakmv/etc/issue.net/etc/issue.netbak 13, optimize the Linux kernel parameters cp/etc/sysctl.conf/etc/sysctl.confbakv I/etc/sysctl.conf #在文件末尾添加以下内容net. Ipv4.ip_forward = 1 #修改为1net. core.somaxconn = 262144net.core.netdev_max_backlog = 26 2144net.core.wmem_default = 8388608net.core.rmem_default = 8388608net.core.rmem_max = 16777216net.core.wmem_max = 16777216net.ipv4.netfilter.ip_conntrack_max = 131072net.ipv4.netfilter.ip_conntrack_tcp_timeout_established =  180net.ipv4.route.gc_timeout = 20net.ipv4.ip_conntrack_max = 819200net.ipv4.ip_local_port_range = 10024 65535net.ipv4.tcp_retries2 = 5net.ipv4.tcp_fin_timeout = 30net.ipv4.tcp_syn_retries = 1net.ipv4.tcp_synack_retries = 1net.ipv4.tcp_timestamps = 0net.ipv4.tcp_tw_recycle = 1net.ipv4.tcp_tw_len = 1net.ipv4.tcp_tw_reuse = 1net.ipv4.tcp_ Keepalive_time = 120net.ipv4.tcp_keepalive_probes = 3NET.IPV4.TCP_KEEPALIVE_INTVL = 15net.ipV4.tcp_max_tw_buckets = 36000net.ipv4.tcp_max_orphans = 3276800net.ipv4.tcp_max_syn_backlog = 262144net.ipv4.tcp_ Wmem = 8192 131072 16777216net.ipv4.tcp_rmem = 32768 131072 16777216net.ipv4.tcp_mem = 94500000 915000000 927000000/sbin/s Ysctl-p #使配置立即生效十四, CentOS system optimization cp/etc/profile/etc/profilebak2vi/etc/profile #在文件末尾添加以下内容ulimit-C Unlimiteduli Mit-s unlimitedulimit-shn 65535ulimit-s-C 0export lc_all=csource/etc/profile #使配置立即生效ulimit-a #显示当前的各种用户进程限制十 Five, the server prohibits pingcp/etc/rc.d/rc.local/etc/rc.d/rc.localbakvi/etc/rc.d/rc.local #在文件末尾增加下面这一行echo 1 >/proc/sys/n Et/ipv4/icmp_echo_ignore_all parameter 0 means allow 1 to disallow

Linux Operations Command

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.