rsync通过服务同步
1.编辑配置文件:
[root@weixing01 ~]# cat /etc/rsyncd.conf
port=873
log file=/var/log/rsync.log
pid file=/var/run/rsyncd.pid
address=192.168.188.130
[test]
path=/root/rsync
use chroot=true
max connections=4
read only=no
list=true
uid=root
gid=root
auth users=test
secrets file=/etc/rsyncd.passwd
hosts allow=192.168.188.132
2.上面配置含义:
3.telnet查看端口是否通:
[root@weixing01 ~]# telnet 192.168.188.130 873
Trying 192.168.188.130...
Connected to 192.168.188.130.
Escape character is '^]'.
@RSYNCD: 30.0
^]
telnet> quit
Connection closed.
4.使用服务传输文件:
[root@weixing01 ~]# rsync -avP /tmp/weixing01.txt 192.168.188.130::test/weixing02.txt
sending incremental file list
weixing01.txt
0 100% 0.00kB/s 0:00:00 (xfer#1, to-check=0/1)
sent 73 bytes received 27 bytes 18.18 bytes/sec
total size is 0 speedup is 0.00
[root@weixing01 ~]# rsync -avP 192.168.188.130::test/weixing02.txt /tmp/123.txt
receiving incremental file list
weixing02.txt
0 100% 0.00kB/s 0:00:00 (xfer#1, to-check=0/1)
sent 45 bytes received 104 bytes 298.00 bytes/sec
total size is 0 speedup is 0.00
[root@weixing01 ~]# ls /tmp
123.txt
1.cap
systemd-private-2ae3d953b8524f5b90c20118d3d6a250-chronyd.service-dejMvO
systemd-private-2ae3d953b8524f5b90c20118d3d6a250-vgauthd.service-CAioZR
systemd-private-2ae3d953b8524f5b90c20118d3d6a250-vmtoolsd.service-ZvA7wV
weixing01.txt
5.指定端口:
[root@weixing01 ~]# rsync -avP --port 8730 /tmp/weixing01.txt 192.168.188.130::test/weixing02.txt
sending incremental file list
sent 34 bytes received 8 bytes 84.00 bytes/sec
total size is 0 speedup is 0.00
6.设置密码后传输:
[root@weixing01 ~]# rsync -avP --port 8730 /tmp/weixing01.txt [email protected]::test/weixing02.txt
Password:
sending incremental file list
sent 34 bytes received 8 bytes 12.00 bytes/sec
total size is 0 speedup is 0.00
7.免密传输:
首先客户端需要设置一个密码文件
[root@weixing01 ~]# vim /etc/rsync.passwd
[root@weixing01 ~]# chmod 600 !$
chmod 600 /etc/rsync.passwd
密码与服务端一致,但是只写密码[root@weixing01 ~]# rsync -avP --port 8730 --password-file=/etc/rsync.passwd /tmp/weixing01.txt [email protected]::test/weixing02.txt
sending incremental file list
sent 34 bytes received 8 bytes 84.00 bytes/sec
total size is 0 speedup is 0.00
linux系统日志
1.系统日志路径:
[root@weixing01 ~]# ls /var/log/messages
/var/log/messages
[root@weixing01 ~]# less !$
less /var/log/messages
[root@weixing01 ~]# du -sh !$
du -sh /var/log/messages
1.5M /var/log/messages
2.切割日志:路径
[root@weixing01 ~]# cat /etc/logrotate.conf
# see "man logrotate" for details
# rotate log files weekly
weekly
# keep 4 weeks worth of backlogs
rotate 4
# create new (empty) log files after rotating old ones
create
# use date as a suffix of the rotated file
dateext
# uncomment this if you want your log files compressed
#compress
# RPM packages drop log rotation information into this directory
include /etc/logrotate.d
# no packages own wtmp and btmp -- we'll rotate them here
/var/log/wtmp {
monthly
create 0664 root utmp
minsize 1M
rotate 1
}
/var/log/btmp {
missingok
monthly
create 0600 root utmp
rotate 1
}
# system-specific logs may be also be configured here.
[root@weixing01 ~]# ls /var/log/messages*
/var/log/messages /var/log/messages-20171228
/var/log/messages-20171213 /var/log/messages-20180123
/var/log/messages-20171218
3.logrotate.d
[root@weixing01 ~]# cat /etc/logrotate.d/syslog
/var/log/cron
/var/log/maillog
/var/log/messages
/var/log/secure
/var/log/spooler
{
missingok
sharedscripts
postrotate
/bin/kill -HUP `cat /var/run/syslogd.pid 2> /dev/null` 2> /dev/null || true
endscript
}
4.dmesg:硬件的日志,保存在内存中:
[ 4.650726] alg: No test for __gcm-aes-aesni (__driver-gcm-aes-aesni)
[ 4.653963] alg: No test for crc32 (crc32-pclmul)
[ 5.230630] XFS (sda1): Ending clean mount
[ 5.360699] type=1305 audit(1517448006.219:3): audit_pid=496 old=0 auid=4294967295 ses=4294967295 res=1
[ 9.281932] NET: Registered protocol family 40
[ 21.120492] ip6_tables: (C) 2000-2006 Netfilter Core Team
[ 21.306956] Ebtables v2.0 registered
[ 21.375248] nf_conntrack version 0.5.0 (7810 buckets, 31240 max)
[ 21.530528] bridge: filtering via arp/ip/ip6tables is no longer available by default. Update your scripts to load br_netfilter if you need this.
[ 21.649640] Netfilter messages via NETLINK v0.30.
[ 21.688130] ip_set: protocol 6
[ 21.896976] IPv6: ADDRCONF(NETDEV_UP): ens33: link is not ready
[ 21.934852] e1000: ens33 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[ 21.971180] IPv6: ADDRCONF(NETDEV_UP): ens37: link is not ready
[ 21.975799] e1000: ens37 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[root@weixing01 ~]# dmesg
5.系统启动日志,与dmesg无关:
[root@weixing01 ~]# ls /var/log/dmesg
/var/log/dmesg
[root@weixing01 ~]# less /var/log/dmesg
6.登录成功日志:last
[root@weixing01 ~]# last
root pts/0 192.168.188.1 Thu Feb 1 09:20 still logged in
reboot system boot 3.10.0-693.el7.x Thu Feb 1 09:20 - 09:38 (00:18)
root pts/0 192.168.188.1 Wed Jan 31 21:51 - down (01:20)
reboot system boot 3.10.0-693.el7.x Wed Jan 31 21:51 - 23:12 (01:21)
root pts/0 192.168.188.1 Mon Jan 29 22:21 - crash (1+23:29)
reboot system boot 3.10.0-693.el7.x Mon Jan 29 22:20 - 23:12 (2+00:51)
root pts/0 192.168.188.1 Fri Jan 26 22:00 - crash (3+00:20)
reboot system boot 3.10.0-693.el7.x Fri Jan 26 21:58 - 23:12 (5+01:14)
root pts/1 192.168.188.1 Thu Jan 25 23:01 - crash (22:56)
root tty1 Thu Jan 25 23:00 - 23:35 (00:34)
root pts/0 192.168.188.1 Thu Jan 25 22:01 - 23:14 (01:13)
reboot system boot 3.10.0-693.el7.x Thu Jan 25 21:59 - 23:12 (6+01:12)
root pts/0 192.168.188.1 Thu Jan 25 21:26 - crash (00:33)
reboot system boot 3.10.0-693.el7.x Thu Jan 25 18:56 - 23:12 (6+04:16)
root tty1 Wed Jan 24 22:32 - 00:49 (02:16)
root pts/0 192.168.188.1 Wed Jan 24 22:28 - crash (20:27)
reboot system boot 3.10.0-693.el7.x Wed Jan 24 22:26 - 23:12 (7+00:45)
root pts/1 192.168.188.1 Tue Jan 23 22:31 - 22:36 (00:04)
root pts/0 192.168.188.1 Tue Jan 23 21:01 - down (01:40)
reboot system boot 3.10.0-693.el7.x Tue Jan 23 21:00 - 22:42 (01:42)
root pts/0 192.168.188.1 Mon Jan 22 21:08 - down (01:12)
reboot system boot 3.10.0-693.el7.x Mon Jan 22 21:01 - 22:20 (01:19)
root pts/0 192.168.188.1 Mon Jan 15 21:49 - down (01:05)
reboot system boot 3.10.0-693.el7.x Mon Jan 15 21:46 - 22:55 (01:08)
root pts/0 192.168.188.1 Fri Jan 12 21:20 - crash (3+00:26)
reboot system boot 3.10.0-693.el7.x Fri Jan 12 21:19 - 22:55 (3+01:35)
root pts/0 192.168.188.1 Wed Jan 10 21:24 - crash (1+23:54)
reboot system boot 3.10.0-693.el7.x Wed Jan 10 21:24 - 22:55 (5+01:30)
root pts/0 192.168.188.1 Wed Jan 10 21:17 - crash (00:06)
reboot system boot 3.10.0-693.el7.x Wed Jan 10 21:17 - 22:55 (5+01:37)
root pts/0 192.168.188.1 Wed Jan 10 21:12 - down (00:03)
reboot system boot 3.10.0-693.el7.x Wed Jan 10 21:12 - 21:16 (00:04)
root pts/0 192.168.188.1 Mon Jan 8 21:23 - down (00:45)
reboot system boot 3.10.0-693.el7.x Mon Jan 8 21:23 - 22:08 (00:45)
root pts/0 192.168.188.1 Sat Jan 6 23:22 - crash (1+22:00)
reboot system boot 3.10.0-693.el7.x Sat Jan 6 23:22 - 22:08 (1+22:46)
root pts/0 192.168.188.1 Fri Jan 5 21:57 - crash (1+01:24)
reboot system boot 3.10.0-693.el7.x Fri Jan 5 21:54 - 22:08 (3+00:14)
reboot system boot 3.10.0-693.el7.x Thu Jan 4 21:17 - 22:08 (4+00:51)
root pts/0 192.168.188.1 Fri Dec 29 17:21 - down (01:47)
reboot system boot 3.10.0-693.el7.x Fri Dec 29 17:21 - 19:09 (01:47)
root pts/1 192.168.188.1 Thu Dec 28 22:33 - crash (18:47)
root pts/0 192.168.188.1 Thu Dec 28 19:00 - crash (22:20)
reboot system boot 3.10.0-693.el7.x Thu Dec 28 19:00 - 19:09 (1+00:09)
root pts/0 192.168.188.1 Thu Dec 28 18:38 - crash (00:22)
reboot system boot 3.10.0-693.el7.x Thu Dec 28 18:37 - 19:09 (1+00:31)
root pts/2 192.168.188.1 Thu Dec 28 01:02 - 01:02 (00:00)
weixing0 pts/2 192.168.188.1 Thu Dec 28 00:58 - 01:00 (00:01)
root pts/1 192.168.188.1 Thu Dec 28 00:43 - down (00:19)
root pts/0 192.168.188.1 Wed Dec 27 23:33 - down (01:29)
reboot system boot 3.10.0-693.el7.x Wed Dec 27 23:32 - 01:02 (01:30)
root pts/0 192.168.188.1 Tue Dec 26 22:24 - 22:29 (00:04)
root pts/0 192.168.188.1 Tue Dec 26 21:16 - 22:24 (01:07)
reboot system boot 3.10.0-693.el7.x Tue Dec 26 21:16 - 22:29 (01:12)
root pts/0 192.168.188.1 Mon Dec 25 15:46 - crash (1+05:29)
root tty1 Mon Dec 25 15:40 - 22:26 (06:45)
reboot system boot 3.10.0-693.el7.x Mon Dec 25 15:40 - 22:29 (1+06:48)
root tty1 Mon Dec 25 15:39 - crash (00:00)
root pts/0 192.168.188.1 Mon Dec 25 15:34 - 15:39 (00:05)
reboot system boot 3.10.0-693.el7.x Mon Dec 25 15:31 - 22:29 (1+06:57)调用文件
[root@weixing01 ~]# ls /var/log/wtmp
/var/log/wtmp
7.lastb:查看登录失败的用户
[root@weixing01 ~]# lastb
btmp begins Wed Jan 24 22:26:45 2018
[root@weixing01 ~]# ls /var/log/btmp
/var/log/btmp
8.安全日志:
[root@weixing01 ~]# ls /var/log/secure
/var/log/secure
[root@weixing01 ~]# less !$
less /var/log/secure
Jan 23 22:19:06 weix01 groupadd[4187]: group added to /etc/group: name=tcpdump, GID=72
Jan 23 22:19:06 weix01 groupadd[4187]: group added to /etc/gshadow: name=tcpdump
Jan 23 22:19:06 weix01 groupadd[4187]: new group: name=tcpdump, GID=72
Jan 23 22:19:07 weix01 useradd[4191]: new user: name=tcpdump, UID=72, GID=72, home=/, shell=/sbin/nologin
Jan 23 22:31:20 weix01 sshd[4235]: Accepted publickey for root from 192.168.188.1 port 52513 ssh2: RSA SHA256:dTfFpbejYbAy4JT9kIVb2IDlJWuCLOGqPCTP+3ktM0E
Jan 23 22:31:21 weix01 sshd[4235]: pam_unix(sshd:session): session opened for user root by (uid=0)
Jan 23 22:35:18 weix01 groupadd[4327]: group added to /etc/group: name=tss, GID=59
Jan 23 22:35:18 weix01 groupadd[4327]: group added to /etc/gshadow: name=tss
Jan 23 22:35:18 weix01 groupadd[4327]: new group: name=tss, GID=59
Jan 23 22:35:18 weix01 useradd[4332]: new user: name=tss, UID=59, GID=59, home=/dev/null, shell=/sbin/nologin
Jan 23 22:35:19 weix01 groupadd[4355]: group added to /etc/group: name=wireshark, GID=995
Jan 23 22:35:19 weix01 groupadd[4355]: group added to /etc/gshadow: nascreen工具
