Şöyle yaparız
gpsmon /dev/ttyS0
gpsmon /dev/ttyS0
...this tool is focused on querying the database of installed packages, and can output information in particular format(-f option plus -W action).Şöyle yaparız.
$ dpkg-query -W -f='PACK:${Package}\nARCH:${Architecture}\nSTAT:${Status}\n---\n' libc6
PACK:libc6
ARCH:amd64
STAT:install ok installed
---
PACK:libc6
ARCH:i386
STAT:install ok installed
---
-L seçeneğidpkg-query -L dia-shapes
-S seçeneği-S, --search filename-search-pattern...
Search for packages that own files corresponding to the given
pattern. Standard shell wildcard characters can be used in the
pattern, where asterisk (*) and question mark (?) will match a
slash, and blackslash (\) will be used as an escape character.
If the first character in the filename-search-pattern is none of
‘*[?/’ then it will be considered a substring match and will be
implicitly surrounded by ‘*’ (as in *filename-search-pattern*).
If the subsequent string contains any of ‘*[?\’, then it will
handled like a glob pattern, otherwise any trailing ‘/’ or ‘/.’
will be removed and a literal path lookup will be performed.
This command will not list extra files created by maintainer
scripts, nor will it list alternatives.
Şöyle yaparızdpkg-query -S .shape
zdump -v right/UTC
Çıktı olarak şunu alırız23:59:60 en son leap second'ın olduğu tarihtir.right/UTC Tue Jun 30 23:59:60 2015 UT = Tue Jun 30 23:59:60 2015 UTC isdst=0 gmtoff=0 right/UTC Wed Jul 1 00:00:00 2015 UT = Wed Jul 1 00:00:00 2015 UTC isdst=0 gmtoff=0
Thu Nov 17 19:50:43 2016 UTC
Host Machine-[Ubuntu 16.04][185.82.xx.xx]
- Container1 [10.0.8.9]
- Container2 [10.0.8.100]
- Container3 [10.0.8.101]
- Container4 [10.0.8.102]
The container history started 1979 with Unix V7 Chroot and continued, 2000 FreeBSD Jails, 2001 Linux VServer, 2004 Solaris Containers, 2005 Open VZ, 2006 Process Containers, 2008 LXC, etc.
Container technology was first introduced in 2001 through Jacques Gélinas’s Linux-VServer project. This early form of container technology underwent several redesigns such as the addition of cgroup functionality that allows the limitation and prioritization of resources (CPU, memory, block I/O, network) without the need for starting any virtual machines; and also the namespace isolation functionality that allows for the complete isolation of an application’s view of the operating environment, including process trees, networking, user IDs and mounted file systems and namespaces (source: Resource management: Linux kernel Namespaces and cgroups).
In 2008, IBM engineers added a layer of userspace tooling to make the technology more palatable to developers. In 2014, the LXC 1.0 release further addressed LXC security concerns by leveraging existing Linux technologies such as seccomp and SELinux to control and protect against DoS attacks from malicious code-breaking out of containers.
Launched in 2013, Docker was initially based on LXC and added user-friendly tools to attract developers looking for alternatives to bulky VMs. Eventually, Docker diverged from LXC by developing its own containerized architecture.
LXD has been described as the next-generation system container. It enhances system-level containerization with a REST API that can connect to the LXC libraries. Written in Go, it creates a system daemon that apps access through a UNIX socket via HTTPS further expanding the possibilities of distributed systems portability. LXD builds on top of LXC and extends its capabilities through the kernel rather than sitting independent of the OS. It acts much like a VM with a hypervisor, but without the resource overhead.
wpa_supplicant -iwlan0 -Dnl80211 -c/etc/wpa_supplicant.conf
ALL: 192.168.1.2
ALL: example.org
Bu dosyanın kardeşi hosts.allow dosyasıdır.# /etc/hosts.allow: list of hosts that are allowed to access the system. # See the manual pages hosts_access(5) and hosts_options(5). # # Example: ALL: LOCAL @some_netgroup # ALL: .foobar.edu EXCEPT terminalserver.foobar.edu # # If you're going to protect the portmapper use the name "rpcbind" for the # daemon name. See rpcbind(8) and rpc.mountd(8) for further information. # ALL: 192.168.1.2Bu dosyanın kardeşi hosts.deny dosyasıdır.
tcpmss match options:
[!] --mss value[:value] Match TCP MSS range.
(only valid for TCP SYN or SYN/ACK packets)
gzip file && zcat file.gz | tail -n +300000001 | gzip > newFile.gz
/etc/network/interfaces
İskeleti şöyledir.# The loopback network interface
auto lo
iface lo inet loopback
# The eth0 network interface
auto eth0
iface eth0 inet dhcp
static ipauto eth0
iface eth0 inet static
address 192.168.1.100
gateway 192.168.1.1
netmask 255.255.255.0
#include <sys/stat.h>
#include <sys/types.h>
int main () {
mkdir("/tmp/mkdir-test", 0777);
return 0;
}
stat yaparsak çıktı olarak şunu alırız.# stat /tmp/mkdir-test
...
Access: (0755/drwxr-xr-x) Uid: ( 0/ root) Gid: ( 0/ root)
...
Çözüm 1 - umask çağrısımode_t old_mask = umask(0);
mkdir("/tmp/mkdir-test", 0777);
umask(old_mask);
Çözüm 2 - chmod çağrısıconst char *dirname = "/tmp/mkdir-test";
if (mkdir(dirname, 0777) == 0)
chmod(dirname, 0777);
# df -h /dev/shm/
Filesystem Size Used Avail Use% Mounted on
tmpfs 1.1G 732K 1.1G 1% /dev/shm
- ip route komutuip command is more versatile and more efficient than ifconfig because it uses netlink sockets rather than ioctl system calls.
ifconfig eth0 192.168.0.1 netmask 255.255.255.0down seçeneği
ifconfig eth0 down
Benzer şeyi ip komutu ile şöyle yaparızip link set eth0 down
sudo ifconfig wlan0 down
sudo iwconfig wlan0 mode monitor
sudo ifconfig wlan0 up
ifconfig wlan0 up
System Locale: LANG=en_GB.UTF-8
LC_NUMERIC=sv_SE.UTF-8
LC_TIME=sv_SE.UTF-8
LC_MONETARY=sv_SE.UTF-8
LC_PAPER=sv_SE.UTF-8
LC_MEASUREMENT=sv_SE.UTF-8
VC Keymap: us
X11 Layout:us
chkconfig --add iptables
--del seçeneğichkconfig --del iptables
chkconfig --list
on seçeneği
chkconfig servisadı on
Örnek
chkconfig ntpd on
Since kernel 2.6.24, the kernel supports associating capability sets with an executable file using setcap(8). The file capability sets are stored in an extended attribute (see setxattr(2)) named security.capability.
... CAP_NET_BIND_SERVICE which is about binding to a privileged port (<1024).
Nowadays, users are recommended to set CAP_NET_BIND_SERVICE on the server binary and avoid root altogether
The Linux kernel tuning parameter net.ipv4.ip_unprivileged_port_start defines which ports are privileged. All ports between 0 and net.ipv4.ip_unprivileged_port_start are privileged.Privileged ports can only used by processes either started by the root user or with root privileges or by processes that are assigned the capability CAP_NET_BIND_SERVICE with for example sudo setcap cap_net_bind_service=ep /path/bin/applicationAll other ports are unprivileged and can be used by any user, as longs the ports are not already in use.
sudo /sbin/setcap 'cap_net_bind_service=ep' /usr/lib/jvm/java-8-openjdk/jre/bin/java
setcap 'cap_net_bind_service=+ep' /path/to/program
setcap cap_net_raw=eip myapp
sudo setcap cap_sys_chroot+ep /usr/sbin/chroot
setcap cap_sys_nice
myapp
This does not depend on systemd (unlike hostnamectl which requires systemd-hostnamed) or any other non-standard tools, and often (especially in shellscript-init systems) is how the initial hostname was set in the first place.Örnek
hostname NEWNAME
Şu komutlara denk gelir.sysctl kernel.hostname=NEWNAME
echo NEWNAME > /proc/sys/kernel/hostname
-f seçeneğihostname -f
Çıktı olarak şunu alırızacelya
Eğer hata varsa şunu çıktı olarak şunu alırız.hostname: Name or service not known
Örnekhostname --fqdn
hostname: Name or service not known
-s seçeneği
case $(hostname -s) in
kafka[0-9]*|mngkafka[0-9]*)
/tmp/run.sh
esac
vmstat -s
16305800 total memory
16217112 used memory
9117400 active memory
6689116 inactive memory
88688 free memory
151280 buffer memory
vmstat -w 1$ vmstat -w 1
--procs-- ... ---swap-- -----io---- -system-- --------cpu--------
r b ... si so bi bo in cs us sy id wa st
8 0 ... 0 0 159 116 1049 520 31 10 58 0 0
Sütun başlıklarındaki harflerin açıklaması şöyler : Processes running or waiting for runtime. If this number is consistently higher than the number of CPUs, then you have saturized the CPU. Take a look at the cpu column for details.us : Percentage of time spent executing user space instructions. High number here means an application is over-utilizing the CPU.sy : Percentage of time spent executing system / kernel space instructions. Typically this number should be lower than 20%. A high number here could indicate issues in the kernel or more likely in a driver.wa : Time spent waiting for I/O. A consistently high number here indicate an issue with an I/O device. Take a look a the disk I/O analysis later in the follow up article.st : Percentage of time stolen from the CPU. This happens in environments with virtual machines where one machine is stealing CPU cycles from the other. If that happens, you may have a noisy neighbor issue and — depending on your infrastructure — you could move the VM to another physical host.