Linux note0x00

  • 2017-12-24
  • 37
  • 0

File

x: get in dir. r: browse dir.

File Special Authorization

  1. SUID
    • chmod u+s bin

    • For binary file

    • Equal: (tempUser) execute file

  2. SGID

    • chmod g+s dir

    • For binary file

    • Equal: (tempGroup) execute file

    • IF u create a file, the file will be belong to u,

    but not for sgid, it belongs to sgid directory which it located on.

  3. SBIT

    • chmod -R o+t dir

    • Make sure user only can delete their files

    • Others x authorization(The third x) will be t or T

Hidden attribute

  1. Chattr command

    • chattr +a file
    OptionDescribtion
    i无法对文件进行修改;若对目录设置了该参数,则仅能修改其中的子文件内容而不能新建或删除文件
    a仅允许补充(追加)内容,无法覆盖/删除内容(Append Only)
    S文件内容在变更后立即同步到硬盘(sync)
    s彻底从硬盘中删除,不可恢复(用0填充原文件所在硬盘区域)
    A不再修改这个文件或目录的最后访问时间(atime)
    b不再修改文件或目录的存取时间
    D检查压缩文件中的错误
    d使用dump命令备份时忽略本文件/目录
    c默认将文件或目录进行压缩
    u当删除该文件后依然保留其在硬盘中的数据,方便日后恢复
    t让文件系统支持尾部合并(tail-merging)
    x可以直接访问压缩文件中的内容
  2. Lsattr command
    • lsattr file

Access File Control Table

ACL: The file inherit parent directoryby default.

  1. Setfacl command
    • setfacl -Rm u:username:rwx /dir

    • serfacl -b /dir delete the acl

    • The last symbol of drwxrwxrwx. will be + instead of .

  2. Getfacl command

    • getfacl dir

User

  1. SU SUDO
    • su - user important -
  2. Option command
    ArgsUsage
    -h列出帮助信息
    -l列出当前用户可执行的命令
    -u用户名或UID值 以指定的用户身份执行命令
    -k清空密码的有效时间,下次执行sudo时需要再次进行密码验证
    -b在后台执行指定的命令
    -p更改询问密码的提示语
    • Explanation :
      • limit user execute command

      • record every user executed command

      • config(/etc/sudoers) provide concentrated user management, authoization and so on.

  3. visudo

    • Forbidden multi users edit sudoers

    • Syntax check style

    • Use whereis command to find location

    • Edit the visudo 99 line: whoCouldUse AllowedHost=(Identifier) commandList

    • NoPasswd config: whoCouldUse AllowedHost=NOPASSWD: commandList

Storage structure and disk partition

FHS

  • Structure

FHS

dirNameTheFiles
/boot开机所需文件—内核、开机菜单以及所需配置文件等
/dev以文件形式存放任何设备与接口
/etc配置文件
/home用户主目录
/bin存放单用户模式下还可以操作的命令
/lib开机时用到的函数库,以及 |/bin与/sbin下面的命令要调用的函数
/sbin开机过程中需要的命令
/media用于挂载设备文件的目录
/opt放置第三方的软件
/root系统管理员的家目录
/srv一些网络服务的数据文件目录
/tmp任何人均可使用的“共享”临时目录
/proc虚拟文件系统,例如系统内核、进程、外部设备及网络状态等
/usr/local用户自行安装的软件
/usr/sbinLinux系统开机时不会使用到的软件 |/命令/脚本
/usr/share帮助与说明文件,也可放置共享文件
/var主要存放经常变化的文件,如日志
/lost+found当文件系统发生错误时,将一些丢失的文件片段存放在这里

Physics device name rules

udev manage service will monitor kernal signal to manage /dev directory dev file as daemon process.

Note issue:

  • /dev/sd{a-z} not depend on slot, but kernal recognize sequence.

  • sda[0-9] not order but could be manully

The first sector is the most important one.

[byte] 446:Master Boot Recorder, 64(16*4):partition, 2:end symbol

File system and data information

Ext3: log system. Track to recover or fix the crash issue.

Ext4: support: 1EB, batch blocks effectively

XFS: support: 18EB, advantage special after crash

  • partition, formatting file system, mount then could be used.
  1. every file occupies undepend inode table(128 byte)
    • authorization

    • owner and group

    • size

    • ctime (create, last edit)

    • atime (last access)

    • mtime file edited

    • SUID, SGID, SBIT

    • point (file real data address)

  2. file real content saved in block, there will be a master block to note and connect others slaver block

inode default size: 128B(Ext3), block size: 4KB

VFS

  1. Mount hard dev

    Mount:The process associated dev or partition's data with an existed dir, when user wanna to use them.

  • a option: mount all file system defined from /etc/fstab

  • t option: assign file system type

example: mount /dev/sdb2 /backup lose effect when restart system, umount /dev/sdb2

real ex: devFile mountDir type authorization selfInspect priority

# /etc/fstab

FieldUsage
devFileUUID, devPath+devName
mountDirmount directory, should be created before mount
typeExt3, xfs, swap, iso9660(CD) and so on
Authorizationdefaults:rw, suid, exec, auto, nouser, async
selfInspection1: self-check disk when power on
priorityif selfInspection is 1, could be used

Add disk dev

  1. Fdisk command

    Type fdisk /dev/sdb

    • p: disk dev partition info(size, sectors)

    • n: add new partition

      • p new; e, extend

      • Main partition number: 1~4(default 1)

      • start position: default, sys will calc it

      • size: +2G 2GB disk partition

      • p check above, type w: really create it

    Type partprobe to synchro partitions info to kernal(Or restart sys)

    Mkfs command

    • mkfs tab twice will get command files like mkfs.type

    • mkfs.xfs /dev/sdb1

    Mout it mount /dev/sdb1 /aimDir/(real need /etc/fstab) and check df -h

  2. Du command, check file usage size

Add swap partition

Swap partition: 1.5~2 times than real physics memory

Usage: Stoage uncommonly using memory data to make memory more active for serving process well.

Quota to limit

  1. xfs_quota [args] size fileSys
  • c: args config command

  • x: expert mode

example: xfs_quota -x -c 'limit bsoft=3m bhard=6m isoft=3 ihard=6 tom' /boot disk hard & soft, file hard & soft

Hard & Symbolic link

  1. ln command

-s: symbolic link(default hard link)

评论

还没有任何评论,你来说两句吧

正在获取,请稍候...
00:00/00:00