orangeの博客

发表于 更新于 分类于 Valine:
本文字数: 13k 阅读时长 ≈ 12 分钟

[toc]

free

检测系统内存Mem和交换空间swap

1
2
3
4
root@raspbian:~# free -h
              total        used        free      shared  buff/cache   available
Mem:          7.7Gi       405Mi       6.8Gi        17Mi       481Mi       7.1Gi
Swap:         1.0Gi          0B       1.0Gi

total:内存总大小

used:已用

free:空闲

available:可用

swap:交换

hdparm

检查磁盘性能,指定-t选项检查磁盘(评估硬盘的读取效率(不经过磁盘cache)),指定-T 平估硬盘快取的读取效率

1
2
3
4
5
6
7
8
9
10
11
12
root@raspbian:~# hdparm -t /dev/mmcblk0

/dev/mmcblk0:
 HDIO_DRIVE_CMD(identify) failed: Invalid argument
 Timing buffered disk reads: 132 MB in  3.02 seconds =  43.65 MB/sec

root@raspbian:~# hdparm -tT /dev/mmcblk0

/dev/mmcblk0:
 Timing cached reads:   1914 MB in  2.00 seconds = 958.37 MB/sec
 HDIO_DRIVE_CMD(identify) failed: Invalid argument
 Timing buffered disk reads: 132 MB in  3.03 seconds =  43.63 MB/sec

查找命令在哪个软件包

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
# 比如说我需要iostat
root@raspbian:~# apt-cache search iostat
dstat - versatile resource statistics tool
ganglia-modules-linux - Ganglia extra modules for Linux (IO, filesystems, multicpu)
ifstat - InterFace STATistics Monitoring
nicstat - print network traffic statistics
pcp-import-iostat2pcp - Tool for importing data from iostat into PCP archive logs
r-cran-epi - GNU R epidemiological analysis
r-cran-epibasix - GNU R Elementary Epidemiological Functions
r-cran-kmi - GNU R Kaplan-Meier Multiple Imputation
r-cran-rms - GNU R regression modeling strategies by Frank Harrell
sysstat - system performance tools for Linux

# 挑一个吧
root@raspbian:~# apt-get install sysstat

iostat

1
2
3
4
5
6
7
8
root@raspbian:~# iostat
Linux 5.10.78-Release-OPENFANS+20211111-v8 (raspbian)   09/04/2022      _aarch64_       (4 CPU)
#cpu使用情况
avg-cpu:  %user   %nice %system %iowait  %steal   %idle
           0.75    0.00    0.45    0.09    0.00   98.71
#磁盘使用情况
Device             tps    kB_read/s    kB_wrtn/s    kB_read    kB_wrtn
mmcblk0           2.71       136.86        24.05    1074327     188817

-c:显示cpu使用情况

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
# 2秒5次列出cpu情况
root@raspbian:~# iostat -c 2 5
Linux 5.10.78-Release-OPENFANS+20211111-v8 (raspbian)   09/04/2022      _aarch64_       (4 CPU)

avg-cpu:  %user   %nice %system %iowait  %steal   %idle
           0.75    0.00    0.44    0.08    0.00   98.73


avg-cpu:  %user   %nice %system %iowait  %steal   %idle
           0.37    0.00    0.25    0.00    0.00   99.38


avg-cpu:  %user   %nice %system %iowait  %steal   %idle
           0.13    0.00    0.13    0.00    0.00   99.75


avg-cpu:  %user   %nice %system %iowait  %steal   %idle
           0.25    0.00    0.12    0.00    0.00   99.62


avg-cpu:  %user   %nice %system %iowait  %steal   %idle
           0.12    0.00    0.38    0.00    0.00   99.50

-d:磁盘使用情况

1
2
3
4
5
6
7
8
9
10
11
12
# 2秒3次
root@raspbian:~# iostat -d 2 3
Linux 5.10.78-Release-OPENFANS+20211111-v8 (raspbian)   09/04/2022      _aarch64_       (4 CPU)

Device             tps    kB_read/s    kB_wrtn/s    kB_read    kB_wrtn
mmcblk0           2.53       124.41        22.50    1074327     194285

Device             tps    kB_read/s    kB_wrtn/s    kB_read    kB_wrtn
mmcblk0           3.00         0.00        16.00          0         32

Device             tps    kB_read/s    kB_wrtn/s    kB_read    kB_wrtn
mmcblk0           1.00         0.00        36.00          0         72

-x:指定磁盘设备名称

1
2
3
4
5
6
7
8
9
10
11
12
# 指定/dev/mmcblk0磁盘设备2秒3次
root@raspbian:~# iostat -dx /dev/mmcblk0 2 3
Linux 5.10.78-Release-OPENFANS+20211111-v8 (raspbian)   09/04/2022      _aarch64_       (4 CPU)

Device            r/s     w/s     rkB/s     wkB/s   rrqm/s   wrqm/s  %rrqm  %wrqm r_await w_await aqu-sz rareq-sz wareq-sz  svctm  %util
mmcblk0          1.45    1.00    118.12     21.71     0.77     1.31  34.61  56.73    5.45   10.22   0.02    81.67    21.76   2.42   0.59

Device            r/s     w/s     rkB/s     wkB/s   rrqm/s   wrqm/s  %rrqm  %wrqm r_await w_await aqu-sz rareq-sz wareq-sz  svctm  %util
mmcblk0          0.00    0.00      0.00      0.00     0.00     0.00   0.00   0.00    0.00    0.00   0.00     0.00     0.00   0.00   0.00

Device            r/s     w/s     rkB/s     wkB/s   rrqm/s   wrqm/s  %rrqm  %wrqm r_await w_await aqu-sz rareq-sz wareq-sz  svctm  %util
mmcblk0          0.00    7.50      0.00     34.00     0.00     1.00   0.00  11.76    0.00    7.00   0.05     0.00     4.53   0.80   0.60

sar

1
2
3
4
5
6
7
8
9
10
root@raspbian:~# sar -u 2 5 
Linux 5.10.78-Release-OPENFANS+20211111-v8 (raspbian)   09/04/2022      _aarch64_       (4 CPU)

10:32:27 AM     CPU     %user     %nice   %system   %iowait    %steal     %idle
10:32:29 AM     all      1.38      0.00      1.00      0.00      0.00     97.62
10:32:31 AM     all      7.50      0.00      1.38      0.00      0.00     91.12
10:32:33 AM     all      0.25      0.00      0.87      0.00      0.00     98.88
10:32:35 AM     all      0.25      0.00      0.00      0.00      0.00     99.75
10:32:37 AM     all      0.50      0.00      0.13      0.00      0.00     99.37
Average:        all      1.97      0.00      0.67      0.00      0.00     97.35

lsof

查看端口服务,-i查看对应端口服务

1
2
3
4
5
6
root@raspbian:~# lsof -i:22
COMMAND   PID USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
sshd      834 root    3u  IPv4  26704      0t0  TCP *:ssh (LISTEN)
sshd      834 root    4u  IPv6  26706      0t0  TCP *:ssh (LISTEN)
BT-Panel 1147 root   13u  IPv4  43447      0t0  TCP raspbian:11716->raspbian:ssh (ESTABLISHED)
sshd     4694 root    3u  IPv4  42753      0t0  TCP raspbian:ssh->raspbian:11716 (ESTABLISHED)

netstat

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
root@raspbian:~# netstat 
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State      
tcp        0      6 10.71.10.25:8101        10.68.65.140:5937       ESTABLISHED
tcp        0    176 raspbian:ssh            raspbian:11716          ESTABLISHED
tcp      160      0 raspbian:11716          raspbian:ssh            ESTABLISHED
Active UNIX domain sockets (w/o servers)
Proto RefCnt Flags       Type       State         I-Node   Path
unix  2      [ ]         DGRAM                    43560    /run/user/0/systemd/notify
unix  3      [ ]         DGRAM                    15265    /run/systemd/notify
unix  16     [ ]         DGRAM                    15276    /run/systemd/journal/dev-log
unix  2      [ ]         DGRAM                    15282    /run/systemd/journal/syslog
unix  7      [ ]         DGRAM                    15291    /run/systemd/journal/socket
unix  2      [ ]         DGRAM                    24174    @00001
unix  3      [ ]         STREAM     CONNECTED     22269    
unix  2      [ ]         DGRAM                    27827    
unix  2      [ ]         DGRAM                    22165    
unix  3      [ ]         STREAM     CONNECTED     21099    /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     22163    
unix  2      [ ]         DGRAM                    22143    
unix  2      [ ]         DGRAM                    22139    
unix  3      [ ]         STREAM     CONNECTED     22433    
unix  3      [ ]         STREAM     CONNECTED     22432    
unix  3      [ ]         STREAM     CONNECTED     19284    /run/systemd/journal/stdout
unix  3      [ ]         STREAM     CONNECTED     26018    /run/systemd/journal/stdout
unix  3      [ ]         STREAM     CONNECTED     26017    
unix  2      [ ]         DGRAM                    25873    
unix  3      [ ]         STREAM     CONNECTED     25871    
unix  3      [ ]         STREAM     CONNECTED     25870    
unix  3      [ ]         STREAM     CONNECTED     18705    /run/systemd/journal/stdout
unix  3      [ ]         STREAM     CONNECTED     27250    /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     25862    
unix  3      [ ]         STREAM     CONNECTED     30216    /run/containerd/containerd.sock.ttrpc
unix  3      [ ]         STREAM     CONNECTED     32039    
unix  3      [ ]         STREAM     CONNECTED     18236    /run/systemd/journal/stdout
unix  3      [ ]         STREAM     CONNECTED     29646    /run/containerd/containerd.sock.ttrpc
unix  3      [ ]         STREAM     CONNECTED     20201    
unix  3      [ ]         STREAM     CONNECTED     32038    
unix  3      [ ]         STREAM     CONNECTED     20289    
unix  3      [ ]         STREAM     CONNECTED     29570    /run/containerd/s/efda43ab145a8b986f0fd3455c3b2956d5def686d2807c67031ad6563f9958db
unix  3      [ ]         STREAM     CONNECTED     31928    
unix  3      [ ]         STREAM     CONNECTED     24063    /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     20541    
unix  3      [ ]         STREAM     CONNECTED     27836    
unix  2      [ ]         DGRAM                    16406    
unix  3      [ ]         STREAM     CONNECTED     20777    
unix  3      [ ]         STREAM     CONNECTED     43564    
unix  3      [ ]         STREAM     CONNECTED     21400    
unix  3      [ ]         STREAM     CONNECTED     20542    
unix  2      [ ]         DGRAM                    14168    
unix  3      [ ]         STREAM     CONNECTED     21401    
unix  2      [ ]         DGRAM                    18426    
unix  3      [ ]         STREAM     CONNECTED     44613    /run/systemd/journal/stdout
unix  2      [ ]         DGRAM                    18148    
unix  2      [ ]         DGRAM                    43546    
unix  3      [ ]         STREAM     CONNECTED     24181    /run/systemd/journal/stdout
unix  3      [ ]         STREAM     CONNECTED     18312    
unix  3      [ ]         STREAM     CONNECTED     18430    
unix  2      [ ]         DGRAM                    41797    
unix  3      [ ]         STREAM     CONNECTED     28070    
unix  3      [ ]         STREAM     CONNECTED     18313    /run/systemd/journal/stdout
unix  3      [ ]         STREAM     CONNECTED     21097    /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     17383    /run/systemd/journal/stdout
unix  3      [ ]         DGRAM                    15267    
unix  3      [ ]         STREAM     CONNECTED     25700    
unix  3      [ ]         STREAM     CONNECTED     43538    
unix  3      [ ]         STREAM     CONNECTED     17927    
unix  3      [ ]         STREAM     CONNECTED     25701    /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     41806    /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     18147    
unix  3      [ ]         STREAM     CONNECTED     16734    
unix  3      [ ]         STREAM     CONNECTED     20214    /run/systemd/journal/stdout
unix  3      [ ]         DGRAM                    15266    
unix  3      [ ]         STREAM     CONNECTED     14309    /run/systemd/journal/stdout
unix  3      [ ]         DGRAM                    43561    
unix  3      [ ]         STREAM     CONNECTED     27733    
unix  2      [ ]         DGRAM                    16736    
unix  3      [ ]         STREAM     CONNECTED     26790    /var/run/dbus/system_bus_socket
unix  3      [ ]         DGRAM                    16739    
unix  2      [ ]         DGRAM                    43549    
unix  2      [ ]         STREAM     CONNECTED     41786    
unix  3      [ ]         STREAM     CONNECTED     25802    
unix  3      [ ]         DGRAM                    16740    
unix  3      [ ]         DGRAM                    43562    
unix  3      [ ]         STREAM     CONNECTED     26994    /run/systemd/journal/stdout
unix  2      [ ]         DGRAM                    20539    
unix  3      [ ]         STREAM     CONNECTED     20421    
unix  3      [ ]         STREAM     CONNECTED     21092    
unix  3      [ ]         STREAM     CONNECTED     18951    
unix  2      [ ]         DGRAM                    23682    
unix  2      [ ]         DGRAM                    20376    
unix  3      [ ]         STREAM     CONNECTED     26990    
unix  3      [ ]         STREAM     CONNECTED     21100    /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     18774    
unix  2      [ ]         DGRAM                    23957    
unix  3      [ ]         STREAM     CONNECTED     26995    /run/systemd/journal/stdout
unix  3      [ ]         STREAM     CONNECTED     21091    
unix  3      [ ]         STREAM     CONNECTED     22616    
unix  3      [ ]         STREAM     CONNECTED     21096    /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     18237    /run/systemd/journal/stdout
unix  3      [ ]         STREAM     CONNECTED     25678    /run/systemd/journal/stdout
unix  3      [ ]         STREAM     CONNECTED     21101    /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     29575    
unix  3      [ ]         STREAM     CONNECTED     21083    
unix  3      [ ]         STREAM     CONNECTED     20213    /run/systemd/journal/stdout
unix  3      [ ]         STREAM     CONNECTED     24486    
unix  3      [ ]         STREAM     CONNECTED     20428    
unix  2      [ ]         DGRAM                    21055    
unix  3      [ ]         STREAM     CONNECTED     28819    /run/containerd/containerd.sock
unix  3      [ ]         STREAM     CONNECTED     21098    /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     21056    
unix  3      [ ]         STREAM     CONNECTED     18933    
unix  3      [ ]         STREAM     CONNECTED     23569    
unix  3      [ ]         STREAM     CONNECTED     21035    /run/systemd/journal/stdout
unix  3      [ ]         STREAM     CONNECTED     21095    /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     22801    /run/systemd/journal/stdout
unix  2      [ ]         DGRAM                    21054    
unix  3      [ ]         STREAM     CONNECTED     21093    /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     19104    /run/systemd/journal/stdout
unix  3      [ ]         STREAM     CONNECTED     28821    
unix  3      [ ]         STREAM     CONNECTED     21034    
unix  3      [ ]         STREAM     CONNECTED     21094    /var/run/dbus/system_bus_socket
unix  3      [ ]         STREAM     CONNECTED     28525    /run/containerd/containerd.sock
unix  2      [ ]         DGRAM                    19014    
unix  3      [ ]         STREAM     CONNECTED     20929    /run/systemd/journal/stdout
unix  3      [ ]         STREAM     CONNECTED     23753    /run/systemd/journal/stdout
unix  3      [ ]         STREAM     CONNECTED     31073    /run/containerd/s/f173b4c37ec27fe764ea6843063c75576d07f7ac21d51986b75d8e816f41033e
unix  3      [ ]         STREAM     CONNECTED     18929    
unix  3      [ ]         STREAM     CONNECTED     24056    
unix  3      [ ]         STREAM     CONNECTED     26698    
unix  3      [ ]         STREAM     CONNECTED     20778    /run/systemd/journal/stdout
unix  3      [ ]         STREAM     CONNECTED     18853    
unix  2      [ ]         DGRAM                    23961    
unix  2      [ ]         DGRAM                    18992    
unix  3      [ ]         STREAM     CONNECTED     20853

top、htop

1
root@raspbian:~# top
1
root@raspbian:~# htop

last

last可用查看用户登录系统的记录,包括用户名、登录的远程名称或者ip地址以及登录时间。

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
root@raspbian:~# last
root     pts/0        127.0.0.1        Sun Sep  4 09:43   still logged in
root     pts/0        127.0.0.1        Sun Sep  4 09:16 - 09:36  (00:20)
reboot   system boot  5.10.78-Release- Thu Jan  1 08:00   still running
root     pts/0        10.8.3.28        Sat Sep  3 10:07 - 10:07  (00:00)
root     pts/0        127.0.0.1        Sat Sep  3 09:13 - 09:15  (00:01)
reboot   system boot  5.10.78-Release- Thu Jan  1 08:00   still running
root     pts/0        10.8.3.28        Fri Sep  2 13:17 - crash (-19237+05:17)
root     pts/1        127.0.0.1        Thu Sep  1 10:42 - 10:51  (00:08)
root     pts/0        10.8.3.28        Thu Sep  1 10:10 - 13:45  (03:35)
root     pts/1        10.71.22.140     Thu Sep  1 08:55 - 09:33  (00:38)
root     pts/1        10.71.22.140     Thu Sep  1 08:40 - 08:54  (00:14)
root     pts/0        10.71.22.140     Thu Sep  1 08:38 - 09:33  (00:55)
reboot   system boot  5.10.78-Release- Thu Jan  1 08:00   still running
root     pts/0        10.8.3.28        Wed Aug 31 23:58 - crash (-19235+15:58)
root     pts/1        10.8.3.28        Wed Aug 31 23:13 - crash (-19235+15:13)
root     pts/0        127.0.0.1        Wed Aug 31 23:11 - 23:50  (00:38)
root     pts/0        127.0.0.1        Wed Aug 31 23:06 - 23:11  (00:04)
root     pts/0        127.0.0.1        Wed Aug 31 23:03 - 23:06  (00:02)
root     pts/0        127.0.0.1        Wed Aug 31 23:02 - 23:02  (00:00)
root     pts/0        127.0.0.1        Wed Aug 31 23:00 - 23:02  (00:02)
root     pts/0        127.0.0.1        Wed Aug 31 22:57 - 22:58  (00:01)
root     pts/0        127.0.0.1        Wed Aug 31 22:54 - 22:56  (00:02)
root     pts/0        127.0.0.1        Wed Aug 31 22:31 - 22:52  (00:21)
root     pts/0        10.73.159.18     Wed Aug 31 14:28 - 14:29  (00:00)
root     pts/0        10.73.159.18     Wed Aug 31 14:28 - 14:28  (00:00)
root     pts/0        10.73.159.18     Wed Aug 31 14:19 - 14:19  (00:00)
root     pts/0        10.73.159.18     Wed Aug 31 14:19 - 14:19  (00:00)
root     pts/0        10.73.159.18     Wed Aug 31 14:16 - 14:19  (00:02)
reboot   system boot  5.10.78-Release- Thu Jan  1 08:00   still running
root     pts/0        10.73.159.18     Wed Aug 31 14:14 - down   (00:00)
root     pts/0        10.73.159.18     Wed Aug 31 14:13 - 14:14  (00:00)
root     pts/0        10.73.159.18     Wed Aug 31 14:10 - 14:13  (00:02)
root     pts/0        127.0.0.1        Tue Aug 30 22:26 - 14:10  (15:43)
root     pts/0        127.0.0.1        Tue Aug 30 20:46 - 22:26  (01:39)
root     pts/0        127.0.0.1        Tue Aug 30 20:42 - 20:45  (00:02)
root     pts/2        10.67.44.114     Tue Aug 30 20:11 - 20:13  (00:01)
root     pts/2        127.0.0.1        Tue Aug 30 20:09 - 20:10  (00:01)
root     pts/0        127.0.0.1        Tue Aug 30 18:33 - 20:31  (01:58)
root     pts/0        127.0.0.1        Tue Aug 30 17:31 - 18:33  (01:01)
root     pts/0        127.0.0.1        Tue Aug 30 16:49 - 16:58  (00:09)
root     pts/0        127.0.0.1        Tue Aug 30 15:57 - 16:27  (00:30)
root     pts/0        127.0.0.1        Tue Aug 30 14:56 - 15:06  (00:10)
root     pts/0        127.0.0.1        Tue Aug 30 14:48 - 14:51  (00:02)
root     pts/0        127.0.0.1        Tue Aug 30 14:36 - 14:44  (00:08)
root     pts/0        127.0.0.1        Tue Aug 30 14:21 - 14:24  (00:02)
root     pts/0        127.0.0.1        Tue Aug 30 13:34 - 14:20  (00:45)
root     pts/0        127.0.0.1        Tue Aug 30 13:13 - 13:14  (00:00)
root     pts/0        127.0.0.1        Tue Aug 30 12:43 - 13:13  (00:29)
root     pts/0        127.0.0.1        Tue Aug 30 12:31 - 12:39  (00:08)
reboot   system boot  5.10.78-Release- Thu Jan  1 08:00 - 14:14 (19235+06:14)
root     pts/1        127.0.0.1        Tue Aug 30 12:12 - down   (00:17)
root     pts/1        127.0.0.1        Tue Aug 30 12:12 - 12:12  (00:00)
root     pts/0        127.0.0.1        Tue Aug 30 12:10 - down   (00:19)
reboot   system boot  5.10.78-Release- Thu Jan  1 08:00 - 12:30 (19234+04:30)
root     pts/0        127.0.0.1        Mon Aug 29 08:57 - 10:01  (01:04)
root     pts/0        127.0.0.1        Mon Aug 29 08:49 - 08:57  (00:08)
root     pts/0        127.0.0.1        Mon Aug 29 08:16 - 08:17  (00:01)
root     pts/0        127.0.0.1        Mon Aug 29 08:16 - 08:16  (00:00)
reboot   system boot  5.10.78-Release- Thu Jan  1 08:00 - 12:30 (19234+04:30)
root     pts/0        10.8.3.28        Sun Aug 28 21:53 - 22:10  (00:17)
root     pts/0        10.8.3.28        Sun Aug 28 20:17 - 21:44  (01:27)
root     pts/0        10.8.3.28        Sun Aug 28 20:12 - 20:12  (00:00)
reboot   system boot  5.10.78-Release- Thu Jan  1 08:00 - 12:30 (19234+04:30)
root     pts/0        192.168.1.100    Sun Aug 28 13:27 - crash (-19232+05:27)
pi       pts/0        192.168.1.100    Sun Aug 28 01:10 - 01:15  (00:04)
root     pts/1        127.0.0.1        Sun Aug 28 00:45 - 00:45  (00:00)
root     pts/1        127.0.0.1        Sun Aug 28 00:45 - 00:45  (00:00)
pi       pts/0        192.168.1.100    Sun Aug 28 00:30 - 01:09  (00:38)
reboot   system boot  5.10.78-Release- Thu Jan  1 08:00 - 12:30 (19234+04:30)
reboot   system boot  5.10.78-Release- Thu Jan  1 08:00 - 18:13 (17941+10:13)
reboot   system boot  5.10.78-Release- Thu Jan  1 08:00 - 18:12 (17941+10:12)

wtmp begins Thu Jan  1 08:00:03 1970

ulimit

Too many open files是Linux系统中常见的错误,从字面意思上看就是说程序打开的文件数过多,不过这里的files不单是文件的意思,也包括打开的通讯链接(比如socket),正在监听的端口等等,所以有时候也可以叫做句柄(handle),这个错误通常也可以叫做句柄数超出系统限制。引起的原因就是进程在某个时刻打开了超过系统限制的文件数量以及通讯链接数。

通过命令ulimit -a可以查看当前系统设置的最大句柄数是多少

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
core file size          (blocks, -c) 0
data seg size           (kbytes, -d) unlimited
scheduling priority             (-e) 0
file size               (blocks, -f) unlimited
pending signals                 (-i) 31767
max locked memory       (kbytes, -l) 64
max memory size         (kbytes, -m) unlimited
open files                      (-n) 1024
pipe size            (512 bytes, -p) 8
POSIX message queues     (bytes, -q) 819200
real-time priority              (-r) 0
stack size              (kbytes, -s) 8192
cpu time               (seconds, -t) unlimited
max user processes              (-u) 31767
virtual memory          (kbytes, -v) unlimited
file locks                      (-x) unlimited

可以看到,open files的配置是1024,可以通过如下命令将open files增加

1
ulimit -n 65535

这种修改方式可以临时把文件打开数量增加到65535,但是系统重启后这个配置会失效。

还有一种方式是修改系统的配置文件,以Ubuntu为例,配置文件默认在

1
/etc/security/limits.conf

在这个配置文件中增加

1
2
* soft nofile 65535
* hard nofile 65535

发表于 更新于 分类于 Valine:
本文字数: 6k 阅读时长 ≈ 5 分钟

[toc]

安全控制

一.重置root密码

Centos7 与之前的版本不同,当忘记 root 密码,并采用 GRUB2 为启动器时,将无法通过单用户模式重 置 root 密码

1
# 1.启动系统,并在GRUB2启动屏显时,按下 e 键进入编辑模式

image-20220525143741425

1
# 2.按e后,看到如下画面:

image-20220525143824081

1
# 3.找到 linux16 开头的行,按 end 键跳转到最后,空格后,输入 rd.break

image-20220525144314955

1
# 4.按 ctrl+x 进入紧急救援模式

image-20220525144530907

1
2
3
4
5
6
7
8
9
10
11
12
# 5.重新挂载系统分区,输入
mount -o remount,rw /sysroot
# 6.再输入
chroot /sysroot
# 改变根
# 7.当前目录变为根目录,即可更改密码
echo 123456 | passwd --stdin root
# 8.如果之前系统启用了 SElinux,则必须运行
touch /.autorelabel
否则将无法正常启动系统
# 9.输入 exit 退出
# 10.输入 reboot 重新启动

image-20220525145647885

1
# 登录测试,密码123456更新成功

image-20220525150014292

二.强密码修改安全性

矛与盾

方法一

  • 为 GRUB2 菜单加上防编辑密码,以防止恶意者像如上一样修改 root 密码
1
2
3
4
5
# 1.用 grub2-mkpasswd-pbkdf2 命令生成加密口令
[root@localhost ~]# grub2-mkpasswd-pbkdf2 
输入口令:                # 不是root密码
Reenter password: 
PBKDF2 hash of your password is grub.pbkdf2.sha512.10000.D167D00E2EB2403C60A1F73D67E8E09ED1D0BD871ECC04D15AC815C9E1FCC178D4BC2B05FA4A1DEA67FBC1DD29CEF48EF662E1D5DB8C16AAB4F27FC353815FF5.43D49742A39635DE65BF5631802EB4041E38E65A05AB8AD6F498538873FA241599DE784CE0CF63E4E3FE68DC0FE635251A74EBC53C62239480AE558D68BA77D3

然后

1
2
3
4
5
6
[root@localhost ~]# vim /etc/grub.d/00_header 
# 在最后位置写入这个脚本命令
cat <<EOF
set superusers="root"   # 这个是账号,可以随心填,但是要记住它和上面的密码
password_pbkdf2 root grub.pbkdf2.sha512.10000.D167D00E2EB2403C60A1F73D67E8E09ED1D0BD871ECC04D15AC815C9E1FCC178D4BC2B05FA4A1DEA67FBC1DD29CEF48EF662E1D5DB8C16AAB4F27FC353815FF5.43D49742A39635DE65BF5631802EB4041E38E65A05AB8AD6F498538873FA241599DE784CE0CF63E4E3FE68DC0FE635251A74EBC53C62239480AE558D68BA77D3
EOF

重新生成grub2

1
2
3
4
5
6
7
8
9
[root@localhost ~]# grub2-mkconfig -o /boot/grub2/grub.cfg 
Generating grub configuration file ...
Found linux image: /boot/vmlinuz-3.10.0-1160.66.1.el7.x86_64
Found initrd image: /boot/initramfs-3.10.0-1160.66.1.el7.x86_64.img
Found linux image: /boot/vmlinuz-3.10.0-1160.el7.x86_64
Found initrd image: /boot/initramfs-3.10.0-1160.el7.x86_64.img
Found linux image: /boot/vmlinuz-0-rescue-dbecb3d028cd4f5db6753a52b01ffd86
Found initrd image: /boot/initramfs-0-rescue-dbecb3d028cd4f5db6753a52b01ffd86.img
done

方法二

1
2
3
4
[root@localhost ~]# vim /boot/grub2/grub.cfg
set superusers="root"
password_pbkdf2 root grub.pbkdf2.sha512.10000.D167D00E2EB2403C60A1F73D67E8E09ED1D0BD871ECC04D15AC815C9E1FCC178D4BC2B05FA4A1DEA67FBC1DD29CEF48EF662E1D5DB8C16AAB4F27FC353815FF5.43D49742A39635DE65BF5631802EB4041E38E65A05AB8AD6F498538873FA241599DE784CE0CF63E4E3FE68DC0FE635251A74EBC53C62239480AE558D68BA77D3
### END /etc/grub.d/00_header # 在这个文件上面写入以上参数,也可以达到一样效果。。。我是傻x

进入grub2

1
# 再次进入 GRUB2 页面,发现需要输入账户名与密码

image-20220525155917825

image-20220525155936054

image-20220525160014769

三.破坏MBR

  • MBR

    • master boot record
    • 主引导记录,也叫主引导扇区
    • 硬盘的 0 柱面,0 磁头,1 扇区称为主引导扇区
    • 其中 446 Byte 是 bootloader,64 Byte 是 partition table,剩下的 2 Byte 是 magic number
    • 一般破坏的是bootloader

    Linux是文件型的操作系统,所有的信息和数据都以文件形式保存于系统中,但是并不是所有的数据,主 引导记录就不是以文件的形式保存,无法进行备份,只能通过 dd 命令备份

  • 先进行备份,再破坏

    • 使用 dd 命令,将 sda 的 MBR 进行备份
    • 用 zero设备生成 446 字节的 “0” 写入 MBR
    • 重启后发现系统已坏
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
[root@localhost ~]# fdisk -l

磁盘 /dev/sda:107.4 GB, 107374182400 字节,209715200 个扇区
Units = 扇区 of 1 * 512 = 512 bytes
扇区大小(逻辑/物理):512 字节 / 512 字节
I/O 大小(最小/最佳):512 字节 / 512 字节
磁盘标签类型:dos
磁盘标识符:0x000b88c2

   设备 Boot      Start         End      Blocks   Id  System
/dev/sda1   *        2048     2099199     1048576   83  Linux
/dev/sda2         2099200   209715199   103808000   8e  Linux LVM

磁盘 /dev/mapper/centos-root:53.7 GB, 53687091200 字节,104857600 个扇区
Units = 扇区 of 1 * 512 = 512 bytes
扇区大小(逻辑/物理):512 字节 / 512 字节
I/O 大小(最小/最佳):512 字节 / 512 字节


磁盘 /dev/mapper/centos-swap:4160 MB, 4160749568 字节,8126464 个扇区
Units = 扇区 of 1 * 512 = 512 bytes
扇区大小(逻辑/物理):512 字节 / 512 字节
I/O 大小(最小/最佳):512 字节 / 512 字节


磁盘 /dev/mapper/centos-home:48.4 GB, 48444211200 字节,94617600 个扇区
Units = 扇区 of 1 * 512 = 512 bytes
扇区大小(逻辑/物理):512 字节 / 512 字节
I/O 大小(最小/最佳):512 字节 / 512 字节

[root@localhost ~]# dd if=/dev/sda of=/root/mbr.bak count=1 bs=512
记录了1+0 的读入
记录了1+0 的写出
512字节(512 B)已复制,0.000344858 秒,1.5 MB/秒
[root@localhost ~]# dd if=/dev/zero of=/dev/sda count=1 bs=446
记录了1+0 的读入
记录了1+0 的写出
446字节(446 B)已复制,0.000186601 秒,2.4 MB/秒

  • if=/dev/sda
    • interface 输入接口
  • of=/root/mbr.bak
    • outerface 输出接口
  • count=1
    • 写一块
  • bs=512
    • 将整个扇区选中

  • Unix/Linux将每一个设备都当成一个文件,放在/dev目录

    • 这些文件有的对应着一个真实存在的物理设备

    • 有的则代表一个虚拟设备,提供一些特定的功能

  • /dev/null

    • “空”设备,也有人称它为黑洞

    • 任何输入到这个“设备”的数据都将被直接丢弃

    • 最常用的用法是把不需要的输出重定向到这个文件

  • /dev/zero

    • “零”设备,可以无限的提供空字符(0x00,ASCII代码NUL)

    • 常用来生成一个特定大小的文件

1
[root@localhost ~]# dd if=/dev/zero of=/swapfile bs=1M count=4096 status=progress #创建4G的交换空间 大小根据需要自定

这也是我喜欢用交换文件而不是交换分区的一个特点之一_方便

四.修复MBR

1
2
[root@localhost ~]# reboot
# 重启后,发现无法正常启动

image-20220525174104226

  • 连接光盘,重启后进入系统安装光盘,在光盘引导界面选择 Troubleshooting

image-20220525190633165

  • 选择救援模式 Rescue a Centos system

image-20220525190612467

  • 输入1,选择Continue,以 rw 模式挂载分区

image-20220525190742957

  • 回车,进入救援模式

image-20220525190905564

  • grub2-install 命令重建 Bootloader,随后 sync 写入硬盘,reboot 重启系统
1
2
3
4
5
sh-4.2# chroot /mnt/sysimage
sh-4.2# grub2-install /dev/sda
sh-4.2# sync
sh-4.2# exit
sh-4.2# reboot
  • 重启后,可正常进入开机引导

image-20220525191143114

五. 修复GRUB

**若grub配置文件丢失,开机会直接进入 grub 界面,显示为 grub> **

由于 grub2 的文件极其复杂,所以一定要做好备份

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
[root@localhost ~]# fdisk -l

磁盘 /dev/sda:107.4 GB, 107374182400 字节,209715200 个扇区
Units = 扇区 of 1 * 512 = 512 bytes
扇区大小(逻辑/物理):512 字节 / 512 字节
I/O 大小(最小/最佳):512 字节 / 512 字节
磁盘标签类型:dos
磁盘标识符:0x00000000

   设备 Boot      Start         End      Blocks   Id  System
/dev/sda1   *        2048     2099199     1048576   83  Linux
/dev/sda2         2099200   209715199   103808000   8e  Linux LVM

磁盘 /dev/mapper/centos-root:53.7 GB, 53687091200 字节,104857600 个扇区
Units = 扇区 of 1 * 512 = 512 bytes
扇区大小(逻辑/物理):512 字节 / 512 字节
I/O 大小(最小/最佳):512 字节 / 512 字节


磁盘 /dev/mapper/centos-swap:4160 MB, 4160749568 字节,8126464 个扇区
Units = 扇区 of 1 * 512 = 512 bytes
扇区大小(逻辑/物理):512 字节 / 512 字节
I/O 大小(最小/最佳):512 字节 / 512 字节


磁盘 /dev/mapper/centos-home:48.4 GB, 48444211200 字节,94617600 个扇区
Units = 扇区 of 1 * 512 = 512 bytes
扇区大小(逻辑/物理):512 字节 / 512 字节
I/O 大小(最小/最佳):512 字节 / 512 字节

[root@localhost ~]# lsblk
NAME            MAJ:MIN RM  SIZE RO TYPE MOUNTPOINT
sda               8:0    0  100G  0 disk 
├─sda1            8:1    0    1G  0 part /boot
└─sda2            8:2    0   99G  0 part 
  ├─centos-root 253:0    0   50G  0 lvm  /
  ├─centos-swap 253:1    0  3.9G  0 lvm  [SWAP]
  └─centos-home 253:2    0 45.1G  0 lvm  /home
sr0              11:0    1  4.4G  0 rom  /run/media/root/CentOS 7 x86_64

1
2
3
4
5
6
7
8
9
10
# 先备份,再破坏
[root@localhost ~]# mkdir grub2.bak
[root@localhost ~]# chmod 600 grub2.bak/
[root@localhost ~]# cp -rp /boot/grub2/* ./grub2.bak/
[root@localhost ~]# ls grub2.bak/
device.map fonts grub.cfg grubenv i386-pc locale
# 破坏
[root@localhost ~]# rm /boot/grub2/grub.cfg
rm:是否删除普通文件 "/boot/grub2/grub.cfg"?y
[root@localhost ~]# reboot

image-20220525191903755

  • 重启后,进入 “ grub> ” 状态,输入以下命令设置启动参数
1
2
3
4
5
6
7
8
9
grub> insmod xfs
# 第0块磁盘的第1个分区
grub> set root='hd0,1'
# 内核文件
# mapper是逻辑卷组
grub> linux16 /vmlinuz-3.10.0-229.el7.x86_64
root=/dev/mapper/centos-root
grub> initrd16 /initramfs-3.10.0-229.el7.x86_64.img
grub> boot

恢复grub

1
2
[root@localhost ~]# cp ./grub2.bak/grub.cfg /boot/grub2/
[root@localhost ~]# reboot