- 10.32/10.33 rsync通过服务同步 - 10.34 linux系统日志 - 10.35 screen工具 - 扩展 1. Linux日志文件总管logrotate http://linux.cn/article-4126-1.html 2. xargs用法详解 http://blog.csdn.net/zhangfn2011/article/details/6776925 # 10.32 rsync通过服务来同步 上 - rsync通过服务的方式同步 - 要编辑配置文件/etc/rsyncd.conf - 启动服务rsync --daemon - 格式:rsync -av test1/192.168.133.130::module/dir/ - rsyncd.conf样例 ``` port=873 log file=/var/log/rsync.log pid file=/var/run/rsyncd.pid address=192.168.202.130 [test] path=/root/rsync use chroot=true max connections=4 read only=no list=true uid=root gid=root auth users=test secrets file=/etc/rsyncd.passwd hosts allow=192.168.202.132 ``` - 先打开vi /etc/rsyncd.conf编辑配置文件 ``` [root@aminglinux-001 ~]# vi /etc/rsyncd.conf # /etc/rsyncd: configuration file for rsync daemon mode # See rsyncd.conf man page for more options. # configuration example: # uid = nobody # gid = nobody # use chroot = yes # max connections = 4 # pid file = /var/run/rsyncd.pid # exclude = lost+found/ # transfer logging = yes # timeout = 900 # ignore nonreadable = yes # dont compress = *.gz *.tgz *.zip *.z *.Z *.rpm *.deb *.bz2 # [ftp] # path = /home/ftp # comment = ftp export area ~ ~ "/etc/rsyncd.conf" 20L, 458C ``` -把上面的样例放进去 ``` [root@aminglinux-001 ~]# vi /etc/rsyncd.conf # use chroot = yes # max connections = 4 # pid file = /var/run/rsyncd.pid # exclude = lost+found/ # transfer logging = yes # timeout = 900 # ignore nonreadable = yes # dont compress = *.gz *.tgz *.zip *.z *.Z *.rpm *.deb *.bz2 # [ftp] # path = /home/ftp # comment = ftp export area port=873 log file=/var/log/rsync.log pid file=/var/run/rsyncd.pid address=192.168.202.130 [test] path=/root/rsync use chroot=true max connections=4 read only=no list=true uid=root gid=root auth users=test secrets file=/etc/rsyncd.passwd hosts allow=192.168.202.132 -- INSERT -- [root@aminglinux-001 ~]# vi /etc/rsyncd.conf ``` -启动服务rsync --daemon ``` [root@aminglinux-001 ~]# rsync --daemon [root@aminglinux-001 ~]# ps aux |grep rsync (检测一下看下有没有启动服务) root 2927 0.0 0.0 114644 556 ? Ss 22:26 0:00 rsync --daemon root 2929 0.0 0.0 112664 972 pts/0 R+ 22:26 0:00 grep --color=auto rsync [root@aminglinux-001 ~]# netstat -lntp (检查下监听的端口) Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1085/sshd tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1523/master tcp 0 0 192.168.202.130:873 0.0.0.0:* LISTEN 2927/rsync tcp6 0 0 :::22 :::* LISTEN 1085/sshd tcp6 0 0 ::1:25 :::* LISTEN 1523/master [root@aminglinux-001 ~]# ``` - /root/rsync/ 这样的路径,不要放在root 下,权限不好把握 ``` [root@aminglinux-001 ~]# vim /etc/rsyncd.conf # /etc/rsyncd: configuration file for rsync daemon mode # See rsyncd.conf man page for more options. # configuration example: # uid = nobody # gid = nobody # use chroot = yes # max connections = 4 # pid file = /var/run/rsyncd.pid # exclude = lost+found/ # transfer logging = yes # timeout = 900 # ignore nonreadable = yes # dont compress = *.gz *.tgz *.zip *.z *.Z *.rpm *.deb *.bz2 # [ftp] # path = /home/ftp # comment = ftp export area port=873 log file=/var/log/rsync.log pid file=/var/run/rsyncd.pid address=192.168.202.130 [test] path=/tmp/rsync use chroot=true :wq ``` - 把path=/root/rsync/ 改为path=/tmp/rsync/ ,然后创建一下这个目录/tmp/rsync/ 把权限改为777,为了方便测试 ``` [root@aminglinux-001 ~]# vim /etc/rsyncd.conf [root@aminglinux-001 ~]# mkdir /tmp/rsync [root@aminglinux-001 ~]# chmod 777 /tmp/rsync [root@aminglinux-001 ~]# ``` -在终端2 上 同步一个文件过去 - rsync -avP /tmp/aming.txt 192.168.202.130::test/aming-02.txt - 命令解释:在终端2上把/tmp/aming.txt 文件同步到 (192.168.202.130)终端1的test(/tmp/rsync/)目录下,并且改名aming-02.txt ``` [root@aminglinux-02 ~]# rsync -avP /tmp/aming.txt 192.168.202.130::test/aming-02.txt rsync: failed to connect to 192.168.202.130 (192.168.202.130): No route to host (113) rsync error: error in socket IO (code 10) at clientserver.c(122) [sender=3.0.9] [root@aminglinux-02 ~]# ``` -这里报错了,我们先来看下网络是否是通的,ping下,可以,再试下telnet ``` [root@aminglinux-02 ~]# ping 192.168.202.130 PING 192.168.202.130 (192.168.202.130) 56(84) bytes of data. 64 bytes from 192.168.202.130: icmp_seq=1 ttl=64 time=0.421 ms 64 bytes from 192.168.202.130: icmp_seq=2 ttl=64 time=0.410 ms 64 bytes from 192.168.202.130: icmp_seq=3 ttl=64 time=0.449 ms ^C --- 192.168.202.130 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2001ms rtt min/avg/max/mdev = 0.410/0.426/0.449/0.028 ms [root@aminglinux-02 ~]# telnet 192.168.202.130 873 -bash: telnet: 未找到命令 [root@aminglinux-02 ~]# ``` - 再看下是否是端口有问题,看下telnet 命令没有,安装一下,telnet 192.168.202.130 873 , - telnet ip 端口 这个是检测一个端口是否通的一个命令 ``` [root@aminglinux-02 ~]# yum install -y telnet 已加载插件:fastestmirror 已安装: telnet.x86_64 1:0.17-60.el7 完毕! [root@aminglinux-02 ~]# [root@aminglinux-02 ~]# telnet 192.168.202.130 873 Trying 192.168.202.130... telnet: connect to address 192.168.202.130: No route to host [root@aminglinux-02 ~]# ``` - telnet 这样说明这个端口不通的,有问题,检查下是否是iptables的问题 ``` [root@aminglinux-02 ~]# iptables -nvL Chain INPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 450 112K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED 1 80 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0 152 42932 INPUT_direct all -- * * 0.0.0.0/0 0.0.0.0/0 152 42932 INPUT_ZONES_SOURCE all -- * * 0.0.0.0/0 0.0.0.0/0 152 42932 INPUT_ZONES all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID 151 42880 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED 0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0 0 0 FORWARD_direct all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 FORWARD_IN_ZONES_SOURCE all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 FORWARD_IN_ZONES all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 FORWARD_OUT_ZONES_SOURCE all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 FORWARD_OUT_ZONES all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID 0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited Chain OUTPUT (policy ACCEPT 22 packets, 2088 bytes) pkts bytes target prot opt in out source destination 435 42068 OUTPUT_direct all -- * * 0.0.0.0/0 0.0.0.0/0 Chain FORWARD_IN_ZONES (1 references) pkts bytes target prot opt in out source destination 0 0 FWDI_public all -- ens37 * 0.0.0.0/0 0.0.0.0/0 [goto] 0 0 FWDI_public all -- ens33 * 0.0.0.0/0 0.0.0.0/0 [goto] 0 0 FWDI_public all -- + * 0.0.0.0/0 0.0.0.0/0 [goto] Chain FORWARD_IN_ZONES_SOURCE (1 references) pkts bytes target prot opt in out source destination Chain FORWARD_OUT_ZONES (1 references) pkts bytes target prot opt in out source destination 0 0 FWDO_public all -- * ens37 0.0.0.0/0 0.0.0.0/0 [goto] 0 0 FWDO_public all -- * ens33 0.0.0.0/0 0.0.0.0/0 [goto] 0 0 FWDO_public all -- * + 0.0.0.0/0 0.0.0.0/0 [goto] Chain FORWARD_OUT_ZONES_SOURCE (1 references) pkts bytes target prot opt in out source destination Chain FORWARD_direct (1 references) pkts bytes target prot opt in out source destination Chain FWDI_public (3 references) pkts bytes target prot opt in out source destination 0 0 FWDI_public_log all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 FWDI_public_deny all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 FWDI_public_allow all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 Chain FWDI_public_allow (1 references) pkts bytes target prot opt in out source destination Chain FWDI_public_deny (1 references) pkts bytes target prot opt in out source destination Chain FWDI_public_log (1 references) pkts bytes target prot opt in out source destination Chain FWDO_public (3 references) pkts bytes target prot opt in out source destination 0 0 FWDO_public_log all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 FWDO_public_deny all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 FWDO_public_allow all -- * * 0.0.0.0/0 0.0.0.0/0 Chain FWDO_public_allow (1 references) pkts bytes target prot opt in out source destination Chain FWDO_public_deny (1 references) pkts bytes target prot opt in out source destination Chain FWDO_public_log (1 references) pkts bytes target prot opt in out source destination Chain INPUT_ZONES (1 references) pkts bytes target prot opt in out source destination 0 0 IN_public all -- ens37 * 0.0.0.0/0 0.0.0.0/0 [goto] 32 3572 IN_public all -- ens33 * 0.0.0.0/0 0.0.0.0/0 [goto] 120 39360 IN_public all -- + * 0.0.0.0/0 0.0.0.0/0 [goto] Chain INPUT_ZONES_SOURCE (1 references) pkts bytes target prot opt in out source destination Chain INPUT_direct (1 references) pkts bytes target prot opt in out source destination Chain IN_public (3 references) pkts bytes target prot opt in out source destination 152 42932 IN_public_log all -- * * 0.0.0.0/0 0.0.0.0/0 152 42932 IN_public_deny all -- * * 0.0.0.0/0 0.0.0.0/0 152 42932 IN_public_allow all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 Chain IN_public_allow (1 references) pkts bytes target prot opt in out source destination 1 52 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 ctstate NEW Chain IN_public_deny (1 references) pkts bytes target prot opt in out source destination Chain IN_public_log (1 references) pkts bytes target prot opt in out source destination Chain OUTPUT_direct (1 references) pkts bytes target prot opt in out source destination [root@aminglinux-02 ~]# ``` -果然是iptables里面的规则导致,现在需要把firewalld 服务给停掉 使用命令systemctl stop firewalld 把firewalld服务停掉,现在规则没有了 ``` [root@aminglinux-02 ~]# systemctl stop firewalld [root@aminglinux-02 ~]# iptables -nvL Chain INPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination [root@aminglinux-02 ~]# ``` - 终端1 那里也要看下, ``` [root@aminglinux-001 ~]# iptables -nvL Chain INPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 859 72158 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED 1 80 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0 192 51825 INPUT_direct all -- * * 0.0.0.0/0 0.0.0.0/0 192 51825 INPUT_ZONES_SOURCE all -- * * 0.0.0.0/0 0.0.0.0/0 192 51825 INPUT_ZONES all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID 190 51689 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED 0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0 0 0 FORWARD_direct all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 FORWARD_IN_ZONES_SOURCE all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 FORWARD_IN_ZONES all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 FORWARD_OUT_ZONES_SOURCE all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 FORWARD_OUT_ZONES all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID 0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited Chain OUTPUT (policy ACCEPT 15 packets, 1328 bytes) pkts bytes target prot opt in out source destination 757 78611 OUTPUT_direct all -- * * 0.0.0.0/0 0.0.0.0/0 Chain FORWARD_IN_ZONES (1 references) pkts bytes target prot opt in out source destination 0 0 FWDI_work all -- ens37 * 0.0.0.0/0 0.0.0.0/0 [goto] 0 0 FWDI_work all -- ens33 * 0.0.0.0/0 0.0.0.0/0 [goto] 0 0 FWDI_work all -- + * 0.0.0.0/0 0.0.0.0/0 [goto] Chain FORWARD_IN_ZONES_SOURCE (1 references) pkts bytes target prot opt in out source destination Chain FORWARD_OUT_ZONES (1 references) pkts bytes target prot opt in out source destination 0 0 FWDO_work all -- * ens37 0.0.0.0/0 0.0.0.0/0 [goto] 0 0 FWDO_work all -- * ens33 0.0.0.0/0 0.0.0.0/0 [goto] 0 0 FWDO_work all -- * + 0.0.0.0/0 0.0.0.0/0 [goto] Chain FORWARD_OUT_ZONES_SOURCE (1 references) pkts bytes target prot opt in out source destination Chain FORWARD_direct (1 references) pkts bytes target prot opt in out source destination Chain FWDI_work (3 references) pkts bytes target prot opt in out source destination 0 0 FWDI_work_log all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 FWDI_work_deny all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 FWDI_work_allow all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 Chain FWDI_work_allow (1 references) pkts bytes target prot opt in out source destination Chain FWDI_work_deny (1 references) pkts bytes target prot opt in out source destination Chain FWDI_work_log (1 references) pkts bytes target prot opt in out source destination Chain FWDO_work (3 references) pkts bytes target prot opt in out source destination 0 0 FWDO_work_log all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 FWDO_work_deny all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 FWDO_work_allow all -- * * 0.0.0.0/0 0.0.0.0/0 Chain FWDO_work_allow (1 references) pkts bytes target prot opt in out source destination Chain FWDO_work_deny (1 references) pkts bytes target prot opt in out source destination Chain FWDO_work_log (1 references) pkts bytes target prot opt in out source destination Chain INPUT_ZONES (1 references) pkts bytes target prot opt in out source destination 0 0 IN_work all -- ens37 * 0.0.0.0/0 0.0.0.0/0 [goto] 57 7545 IN_work all -- ens33 * 0.0.0.0/0 0.0.0.0/0 [goto] 135 44280 IN_work all -- + * 0.0.0.0/0 0.0.0.0/0 [goto] Chain INPUT_ZONES_SOURCE (1 references) pkts bytes target prot opt in out source destination Chain INPUT_direct (1 references) pkts bytes target prot opt in out source destination Chain IN_work (3 references) pkts bytes target prot opt in out source destination 192 51825 IN_work_log all -- * * 0.0.0.0/0 0.0.0.0/0 192 51825 IN_work_deny all -- * * 0.0.0.0/0 0.0.0.0/0 192 51825 IN_work_allow all -- * * 0.0.0.0/0 0.0.0.0/0 1 84 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 Chain IN_work_allow (1 references) pkts bytes target prot opt in out source destination 1 52 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 ctstate NEW 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:1121 ctstate NEW Chain IN_work_deny (1 references) pkts bytes target prot opt in out source destination Chain IN_work_log (1 references) pkts bytes target prot opt in out source destination Chain OUTPUT_direct (1 references) pkts bytes target prot opt in out source destination [root@aminglinux-001 ~]# ``` - 所以我们也需要把firewalld 服务 给停掉 ``` [root@aminglinux-001 ~]# systemctl stop firewalld [root@aminglinux-001 ~]# iptables -nvL Chain INPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination [root@aminglinux-001 ~]# ``` - 再去终端2上面重新试下telnet ip 端口 ``` [root@aminglinux-02 ~]# telnet 192.168.202.130 873 Trying 192.168.202.130... Connected to 192.168.202.130. Escape character is '^]'. @RSYNCD: 30.0 (显示到这里说明通了) [root@aminglinux-02 ~]# telnet 192.168.202.130 873 Trying 192.168.202.130... Connected to 192.168.202.130. Escape character is '^]'. @RSYNCD: 30.0 ^] (退出来用ctrl + ]) 然后quit telnet> quit Connection closed. [root@aminglinux-02 ~]# ``` - 再来运行这个命令, ``` Connection closed. [root@aminglinux-02 ~]# rsync -avP /tmp/aming.txt 192.168.202.130::test/aming-02.txt Password: ``` - 提示输入密码, - 再去终端1 修改配置文件,把密码那里注释掉 ``` [root@aminglinux-001 ~]# vim /etc/rsyncd.conf # /etc/rsyncd: configuration file for rsync daemon mode # See rsyncd.conf man page for more options. # configuration example: # uid = nobody # gid = nobody # use chroot = yes # max connections = 4 # pid file = /var/run/rsyncd.pid # exclude = lost+found/ # transfer logging = yes # timeout = 900 # ignore nonreadable = yes # dont compress = *.gz *.tgz *.zip *.z *.Z *.rpm *.deb *.bz2 # [ftp] # path = /home/ftp # comment = ftp export area port=873 log file=/var/log/rsync.log pid file=/var/run/rsyncd.pid address=192.168.202.130 [test] path=/tmp/rsync use chroot=true max connections=4 read only=no list=true uid=root gid=root #auth users=test #secrets file=/etc/rsyncd.passwd hosts allow=192.168.202.132 -- 插入 -- ``` - 再来终端2 看下 成功了 ``` [root@aminglinux-02 ~]# rsync -avP /tmp/aming.txt 192.168.202.130::test/aming-02.txt sending incremental file list aming.txt 1397 100% 0.00kB/s 0:00:00 (xfer#1, to-check=0/1) sent 1470 bytes received 27 bytes 998.00 bytes/sec total size is 1397 speedup is 0.93 [root@aminglinux-02 ~]# ``` - 来检查下终端1 /tmp/rsync/ 里面有aing-02.txt文件 ``` [root@aminglinux-001 ~]# ls /tmp/rsync/ aming-02.txt [root@aminglinux-001 ~]# ``` - 反过来我们也可以把这个文件拉下来,拉到这台机器上来 也可以 ``` [root@aminglinux-02 ~]# rsync -avP 192.168.202.130::test/aming-02.txt /tmp/123.txt receiving incremental file list aming-02.txt 1397 100% 1.33MB/s 0:00:00 (xfer#1, to-check=0/1) sent 45 bytes received 1504 bytes 3098.00 bytes/sec total size is 1397 speedup is 0.90 [root@aminglinux-02 ~]# ``` - 下面来看下这些配置文件的里面 含义是什么 - rsyncd.conf配置文件详解 - port:指定在哪个端口启动rsyncd服务,默认是873端口。也可以改下端口 把873端口改为8730 ``` [root@aminglinux-001 ~]# vim /etc/rsyncd.conf # uid = nobody # gid = nobody # use chroot = yes # max connections = 4 # pid file = /var/run/rsyncd.pid # exclude = lost+found/ # transfer logging = yes # timeout = 900 # ignore nonreadable = yes # dont compress = *.gz *.tgz *.zip *.z *.Z *.rpm *.deb *.bz2 # [ftp] # path = /home/ftp # comment = ftp export area port=8730 log file=/var/log/rsync.log pid file=/var/run/rsyncd.pid address=192.168.202.130 [test] path=/tmp/rsync use chroot=true max connections=4 read only=no list=true uid=root gid=root #auth users=test #secrets file=/etc/rsyncd.passwd hosts allow=192.168.202.132 -- 插入 -- ``` - 看下他的日志文件 /var/log/rsync.log ``` [root@aminglinux-001 ~]# vim /etc/rsyncd.conf [root@aminglinux-001 ~]# cat /var/log/rsync.log 2017/09/14 22:26:50 [2927] rsyncd version 3.0.9 starting, listening on port 873 2017/09/14 22:56:55 [3172] name lookup failed for 192.168.202.132: Name or service not known 2017/09/14 22:56:55 [3172] connect from UNKNOWN (192.168.202.132) 2017/09/14 23:26:30 [3172] rsync: connection unexpectedly closed (0 bytes received so far) [Receiver] 2017/09/14 23:26:30 [3172] rsync error: error in rsync protocol data stream (code 12) at io.c(605) [Receiver=3.0.9] 2017/09/14 23:50:03 [3395] name lookup failed for 192.168.202.132: Name or service not known 2017/09/14 23:50:03 [3395] connect from UNKNOWN (192.168.202.132) 2017/09/14 23:50:09 [3395] auth failed on module test from unknown (192.168.202.132): unauthorized user 2017/09/14 23:50:51 [3402] name lookup failed for 192.168.202.132: Name or service not known 2017/09/14 23:50:51 [3402] connect from UNKNOWN (192.168.202.132) 2017/09/14 23:53:27 [3402] auth failed on module test from unknown (192.168.202.132): unauthorized user 2017/09/14 23:53:30 [3414] name lookup failed for 192.168.202.132: Name or service not known 2017/09/14 23:53:30 [3414] connect from UNKNOWN (192.168.202.132) 2017/09/14 15:53:30 [3414] rsync to test/aming-02.txt from unknown (192.168.202.132) 2017/09/14 15:53:30 [3414] receiving file list 2017/09/14 15:53:30 [3414] sent 54 bytes received 1489 bytes total size 1397 2017/09/14 23:56:16 [3424] name lookup failed for 192.168.202.132: Name or service not known 2017/09/14 23:56:16 [3424] connect from UNKNOWN (192.168.202.132) 2017/09/14 15:56:16 [3424] rsync on test/aming-02.txt from unknown (192.168.202.132) 2017/09/14 15:56:16 [3424] building file list 2017/09/14 15:56:16 [3424] sent 1519 bytes received 46 bytes total size 1397 [root@aminglinux-001 ~]# ``` - log file:指定日志文件。 - pid file:指定pid文件,这个文件的作用涉及服务的启动、停止等进程管理操作。 - address:指定启动rsyncd服务的IP。假如你的机器有多个IP,就可以指定由其中一个启动rsyncd服务,如果不指定该参数,默认是在全部IP上启动。 []:指定模块名(刚刚用的test),里面内容自定义。 - path:指定数据存放的路径。(我们指定了/tmp/rsync) - use chroot true|false:表示在传输文件前首先chroot到path参数所指定的目录下。这样做的原因是实现额外的安全防护,但缺点是需要以roots权限,并且不能备份指向外部的符号连接所指向的目录文件。默认情况下chroot值为true,如果你的数据当中有软连接文件,阿铭建议你设置成false。 - 实例 - 创建一个软链接文件12.txt 在rsync 下面 ``` [root@aminglinux-001 ~]# cd /tmp/rsync/ [root@aminglinux-001 rsync]# ls aming-02.txt [root@aminglinux-001 rsync]# ln -s /etc/passwd ./12.txt [root@aminglinux-001 rsync]# ls -l 总用量 4 lrwxrwxrwx 1 root root 11 9月 15 00:04 12.txt -> /etc/passwd -rw-r--r-- 1 root root 1397 9月 3 14:37 aming-02.txt [root@aminglinux-001 rsync]# ``` - 在终端2下 ``` [root@aminglinux-02 ~]# rsync -avP 192.168.202.130::test/ /tmp/test/ receiving incremental file list ./ 12.txt -> /etc/passwd sent 32 bytes received 115 bytes 294.00 bytes/sec total size is 1408 speedup is 9.58 [root@aminglinux-02 ~]# [root@aminglinux-02 ~]# ls -l /tmp/test 总用量 4 lrwxrwxrwx. 1 root root 11 9月 15 00:04 12.txt -> /etc/passwd -rw-r--r--. 1 root root 1397 9月 3 14:37 aming-02.txt [root@aminglinux-02 ~]# ``` - 这是没问题的,同步完成了 - 先把 tem/test 里面文件删掉, 再来同步 ``` [root@aminglinux-02 ~]# rm -rf /tmp/test [root@aminglinux-02 ~]# rsync -avLP 192.168.202.130::test/ /tmp/test/ receiving incremental file list symlink has no referent: "/12.txt" (in test) created directory /tmp/test ./ aming-02.txt 1397 100% 1.33MB/s 0:00:00 (xfer#1, to-check=0/2) sent 48 bytes received 1572 bytes 3240.00 bytes/sec total size is 1397 speedup is 0.86 rsync error: some files/attrs were not transferred (see previous errors) (code 23) at main.c(1518) [generator=3.0.9] [root@aminglinux-02 ~]# ``` - 现在报错了,没有同步,那我们来看看日志 ``` [root@aminglinux-001 rsync]# cat /var/log/rsync.log 2017/09/14 22:26:50 [2927] rsyncd version 3.0.9 starting, listening on port 873 2017/09/14 22:56:55 [3172] name lookup failed for 192.168.202.132: Name or service not known 2017/09/14 22:56:55 [3172] connect from UNKNOWN (192.168.202.132) 2017/09/14 23:26:30 [3172] rsync: connection unexpectedly closed (0 bytes received so far) [Receiver] 2017/09/14 23:26:30 [3172] rsync error: error in rsync protocol data stream (code 12) at io.c(605) [Receiver=3.0.9] 2017/09/14 23:50:03 [3395] name lookup failed for 192.168.202.132: Name or service not known 2017/09/14 23:50:03 [3395] connect from UNKNOWN (192.168.202.132) 2017/09/14 23:50:09 [3395] auth failed on module test from unknown (192.168.202.132): unauthorized user 2017/09/14 23:50:51 [3402] name lookup failed for 192.168.202.132: Name or service not known 2017/09/14 23:50:51 [3402] connect from UNKNOWN (192.168.202.132) 2017/09/14 23:53:27 [3402] auth failed on module test from unknown (192.168.202.132): unauthorized user 2017/09/14 23:53:30 [3414] name lookup failed for 192.168.202.132: Name or service not known 2017/09/14 23:53:30 [3414] connect from UNKNOWN (192.168.202.132) 2017/09/14 15:53:30 [3414] rsync to test/aming-02.txt from unknown (192.168.202.132) 2017/09/14 15:53:30 [3414] receiving file list 2017/09/14 15:53:30 [3414] sent 54 bytes received 1489 bytes total size 1397 2017/09/14 23:56:16 [3424] name lookup failed for 192.168.202.132: Name or service not known 2017/09/14 23:56:16 [3424] connect from UNKNOWN (192.168.202.132) 2017/09/14 15:56:16 [3424] rsync on test/aming-02.txt from unknown (192.168.202.132) 2017/09/14 15:56:16 [3424] building file list 2017/09/14 15:56:16 [3424] sent 1519 bytes received 46 bytes total size 1397 2017/09/15 00:06:19 [3494] name lookup failed for 192.168.202.132: Name or service not known 2017/09/15 00:06:19 [3494] connect from UNKNOWN (192.168.202.132) 2017/09/14 16:06:19 [3494] rsync on test/aming-02.txt from unknown (192.168.202.132) 2017/09/14 16:06:19 [3494] building file list 2017/09/14 16:06:19 [3494] sent 1519 bytes received 46 bytes total size 1397 2017/09/15 00:08:04 [3496] name lookup failed for 192.168.202.132: Name or service not known 2017/09/15 00:08:04 [3496] connect from UNKNOWN (192.168.202.132) 2017/09/14 16:08:04 [3496] rsync on test/ from unknown (192.168.202.132) 2017/09/14 16:08:04 [3496] building file list 2017/09/14 16:08:04 [3496] sent 130 bytes received 33 bytes total size 1408 2017/09/15 00:12:06 [3509] name lookup failed for 192.168.202.132: Name or service not known 2017/09/15 00:12:06 [3509] connect from UNKNOWN (192.168.202.132) 2017/09/14 16:12:06 [3509] rsync on test/ from unknown (192.168.202.132) 2017/09/14 16:12:06 [3509] building file list 2017/09/14 16:12:06 [3509] symlink has no referent: "/12.txt" (in test) [root@aminglinux-001 rsync]# ``` - 2017/09/14 16:12:06 [3509] symlink has no referent: "/12.txt" (in test) - 去终端2上 没有同步过来,只有一个aming-02.txt, ``` [root@aminglinux-02 ~]# ls -l /tmp/test/ 总用量 4 -rw-r--r--. 1 root root 1397 9月 3 14:37 aming-02.txt [root@aminglinux-02 ~]# ``` - 为什么没同步过来,就是因为这个文件 这里use chroot=true 了 ``` [root@aminglinux-001 rsync]# cat /etc/rsyncd.conf # /etc/rsyncd: configuration file for rsync daemon mode # See rsyncd.conf man page for more options. # configuration example: # uid = nobody # gid = nobody # use chroot = yes # max connections = 4 # pid file = /var/run/rsyncd.pid # exclude = lost+found/ # transfer logging = yes # timeout = 900 # ignore nonreadable = yes # dont compress = *.gz *.tgz *.zip *.z *.Z *.rpm *.deb *.bz2 # [ftp] # path = /home/ftp # comment = ftp export area port=8730 log file=/var/log/rsync.log pid file=/var/run/rsyncd.pid address=192.168.202.130 [test] path=/tmp/rsync use chroot=true max connections=4 read only=no list=true uid=root gid=root #auth users=test #secrets file=/etc/rsyncd.passwd hosts allow=192.168.202.132 [root@aminglinux-001 rsync]# ``` - 把上面 use chroot=true 改成 chroot=false ``` [root@aminglinux-001 rsync]# vim /etc/rsyncd.conf # /etc/rsyncd: configuration file for rsync daemon mode # See rsyncd.conf man page for more options. # configuration example: # uid = nobody # gid = nobody # use chroot = yes # max connections = 4 # pid file = /var/run/rsyncd.pid # exclude = lost+found/ # transfer logging = yes # timeout = 900 # ignore nonreadable = yes # dont compress = *.gz *.tgz *.zip *.z *.Z *.rpm *.deb *.bz2 # [ftp] # path = /home/ftp # comment = ftp export area port=8730 log file=/var/log/rsync.log pid file=/var/run/rsyncd.pid address=192.168.202.130 [test] path=/tmp/rsync use chroot=false -- 插入 -- ``` - 改好了之后,chroot 是不需要重启服务的 ,端口是不会变得 ``` [root@aminglinux-001 rsync]# netstat -lnpt Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1085/sshd tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1523/master tcp 0 0 192.168.202.130:873 0.0.0.0:* LISTEN 2927/rsync tcp6 0 0 :::22 :::* LISTEN 1085/sshd tcp6 0 0 ::1:25 :::* LISTEN 1523/master [root@aminglinux-001 rsync]# ``` - 再去终端2 同步下 ``` [root@aminglinux-02 ~]# rsync -avLP 192.168.202.130::test/ /tmp/test/ receiving incremental file list 12.txt 1397 100% 1.33MB/s 0:00:00 (xfer#1, to-check=1/3) sent 45 bytes received 1529 bytes 3148.00 bytes/sec total size is 2794 speedup is 1.78 [root@aminglinux-02 ~]# [root@aminglinux-02 ~]# ls -l /tmp/test/ 总用量 8 -rw-r--r--. 1 root root 1397 9月 3 14:37 12.txt -rw-r--r--. 1 root root 1397 9月 3 14:37 aming-02.txt [root@aminglinux-02 ~]# ``` - 现在12.txt 就同步过来了,就是因为改了那个地方 chroot=false 这就是它的作用 # 10.33 rsync 通过服务同步 下 - 下面我们来重新启动它 ,把端口改一下 ``` [root@aminglinux-001 rsync]# killall rsync rsync: no process found [root@aminglinux-001 rsync]# ps aux |grep rsync root 2356 0.0 0.0 112664 972 pts/0 R+ 22:54 0:00 grep --color=auto rsync [root@aminglinux-001 rsync]# rsync --daemon [root@aminglinux-001 rsync]# !ps ps aux |grep rsync root 2366 0.0 0.0 114644 552 ? Ss 22:54 0:00 rsync --daemon root 2368 0.0 0.0 112664 976 pts/0 R+ 22:55 0:00 grep --color=auto rsync [root@aminglinux-001 rsync]# [root@aminglinux-001 rsync]# !net netstat -lnpt Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1141/sshd tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1560/master tcp 0 0 192.168.202.130:8730 0.0.0.0:* LISTEN 2366/rsync tcp6 0 0 :::22 :::* LISTEN 1141/sshd tcp6 0 0 ::1:25 :::* LISTEN 1560/master [root@aminglinux-001 rsync]# ``` - 现在变成了 8730 - 再去客户端 终端2 下面 同步报错,了,因为873 端口根本就没有开放,所以要制定端口号为8730 ``` [root@aminglinux-02 ~]# rsync -avLP 192.168.202.130::test/ rsync: failed to connect to 192.168.202.130 (192.168.202.130): No route to host (113) rsync error: error in socket IO (code 10) at clientserver.c(122) [Receiver=3.0.9] [root@aminglinux-02 ~]# ``` - --port 8730 制定端口号为8730 - 如果不成功就看下iptables -nvL 查看规则,记得systemctl stop firewalld 服务关掉,服务端客户端都是的 ``` [root@aminglinux-02 ~]# rsync -avLP --port 8730 192.168.202.130::test/ /tmp/test/ receiving incremental file list sent 26 bytes received 89 bytes 230.00 bytes/sec total size is 2794 speedup is 24.30 [root@aminglinux-02 ~]# ``` - max connections:指定最大的连接数,默认是0,即没有限制。 - read only ture|false:如果为true,则不能上传到该模块指定的路径下。 - 后面不跟模块名 ,它就会自动把模块名列出来 ``` [root@aminglinux-02 ~]# rsync --port=8730 192.168.202.130:: test [root@aminglinux-02 ~]# ``` - 打开服务端终端1 vi /etc/rsyncd.conf 把lish=true 改成 false ,list=false 再来看下 ``` [root@aminglinux-001 rsync]# vi /etc/rsyncd.conf # [ftp] # path = /home/ftp # comment = ftp export area port=8730 log file=/var/log/rsync.log pid file=/var/run/rsyncd.pid address=192.168.202.130 [test] path=/tmp/rsync use chroot=false max connections=4 read only=no list=false uid=root gid=root #auth users=test #secrets file=/etc/rsyncd.passwd hosts allow=192.168.202.132 :wq ``` - 再来看下客户端 ,没有了模块名, - 其实这个是一个安全选项,因为如果你要把模块名暴露可见的,如果你也没做其他安全限制,没有限制ip ,那对方就可以跟模块名,在你的文件里面 目录里面写数据,如果是网站上很重要的一个目录,还能够在线上能访问,它就给你上传一个***文件,执行后,你的机器就被黑了,所以可以改成false ``` [root@aminglinux-02 ~]# rsync --port=8730 192.168.202.130:: [root@aminglinux-02 ~]# ``` - list:表示当用户查询该服务器上的可用模块时,该模块是否被列出,设定为true则列出,false则隐藏。 - uid/gid:指定传输文件时以哪个用户/组的身份传输。 - uid gid 都是root ,所以在传输的时候 ,它的身份也是root ``` [root@aminglinux-001 rsync]# ls -l /tmp/rsync/ 总用量 4 lrwxrwxrwx 1 root root 11 9月 15 00:04 12.txt -> /etc/passwd -rw-r--r-- 1 root root 1397 9月 3 14:37 aming-02.txt [root@aminglinux-001 rsync]# ``` - 把它删掉,删完之后重新定义uid gid 改为nobody (这是一个系统权限很小的用户) ``` [root@aminglinux-001 rsync]# vim /etc/rsyncd.conf port=8730 log file=/var/log/rsync.log pid file=/var/run/rsyncd.pid address=192.168.202.130 [test] path=/tmp/rsync use chroot=false max connections=4 read only=no list=false uid=nobody gid=nobody #auth users=test #secrets file=/etc/rsyncd.passwd hosts allow=192.168.202.132 :wq [root@aminglinux-001 rsync]# vim /etc/rsyncd.conf [root@aminglinux-001 rsync]# id nobody uid=99(nobody) gid=99(nobody) 组=99(nobody) [root@aminglinux-001 rsync]# ``` - 再来客户端 终端2 同步下, 提示 Operation not permitted ``` [root@aminglinux-02 ~]# rsync -avP /tmp/test/ --port 8730 192.168.202.130::test/ sending incremental file list ./ rsync: failed to set times on "." (in test): Operation not permitted (1) 12.txt 1397 100% 0.00kB/s 0:00:00 (xfer#1, to-check=1/3) aming-02.txt 1397 100% 1.33MB/s 0:00:00 (xfer#2, to-check=0/3) sent 2941 bytes received 49 bytes 5980.00 bytes/sec total size is 2794 speedup is 0.93 rsync error: some files/attrs were not transferred (see previous errors) (code 23) at main.c(1052) [sender=3.0.9] [root@aminglinux-02 ~]# ``` - Operation not permitted 因为权限不够,nobody 写不了 ``` [root@aminglinux-001 rsync]# id nobody uid=99(nobody) gid=99(nobody) 组=99(nobody) [root@aminglinux-001 rsync]# ls -ld drwxrwxrwx 2 root root 40 9月 15 23:31 . [root@aminglinux-001 rsync]# ``` - 所以还需要改成root ``` [root@aminglinux-001 rsync]# vim /etc/rsyncd.conf port=8730 log file=/var/log/rsync.log pid file=/var/run/rsyncd.pid address=192.168.202.130 [test] path=/tmp/rsync use chroot=false max connections=4 read only=no list=false uid=root gid=root #auth users=test #secrets file=/etc/rsyncd.passwd hosts allow=192.168.202.132 :wq ``` - 再去客户端终端2 更新下,就可以写了 ``` [root@aminglinux-02 ~]# rsync -avP /tmp/test/ --port 8730 192.168.202.130::test/ sending incremental file list ./ sent 67 bytes received 17 bytes 168.00 bytes/sec total size is 2794 speedup is 33.26 [root@aminglinux-02 ~]# [root@aminglinux-001 rsync]# ls -l 总用量 8 -rw-r--r-- 1 root root 1397 9月 3 14:37 12.txt -rw-r--r-- 1 root root 1397 9月 3 14:37 aming-02.txt [root@aminglinux-001 rsync]# ``` - auth users:指定传输时要使用的用户名。 - secrets file:指定密码文件,该参数连同上面的参数如果不指定,则不使用密码验证。注意该密码文件的权限一定要是600。格式:用户名:密码 - 把密码文件注释部分给取消 auth users=test secrets file=/etc/rsyncd.passwd - 密码文件 - 权限改为600 ``` port=8730 log file=/var/log/rsync.log pid file=/var/run/rsyncd.pid address=192.168.202.130 [test] path=/tmp/rsync use chroot=false max connections=4 read only=no list=false uid=root gid=root auth users=test secrets file=/etc/rsyncd.passwd hosts allow=192.168.202.132 :wq [root@aminglinux-001 rsync]# vim /etc/rsyncd.passwd test:aming ~ ~ :wq [root@aminglinux-001 rsync]# chmod 600 /etc/rsyncd.passwd ``` - 再去客户端 终端2 同步下 ``` [root@aminglinux-02 ~]# rsync -avP /tmp/test/ --port 8730 [email protected]::test/ Password: sending incremental file list sent 58 bytes received 8 bytes 18.86 bytes/sec total size is 2794 speedup is 42.33 [root@aminglinux-02 ~]# ``` - 加个文件 ,再来同步 1.txt 同步了 ``` [root@aminglinux-02 ~]# touch /tmp/test/1.txt [root@aminglinux-02 ~]# rsync -avP /tmp/test/ --port 8730 [email protected]::test/ Password: sending incremental file list ./ 1.txt 0 100% 0.00kB/s 0:00:00 (xfer#1, to-check=2/4) sent 114 bytes received 30 bytes 96.00 bytes/sec total size is 2794 speedup is 19.40 [root@aminglinux-02 ~]# ``` - 这个就是在传输的时候 指定用户密码,密码需要手动写,发现手动输入密码 写在脚本里不好,需要和用户打交道,交互的时候可以输入用户名密码,但是写到shell 脚本里, 要备份数据库,每天都要备份,很麻烦, - 所以还有一个办法,在客户端 终端2 也定义一个密码文件 ``` [root@aminglinux-02 ~]# vi /etc/rsync_pass.txt aming ~ :wq ``` - 只写一个密码就行,这个和服务端那个密码文件格式不一样,客户端只写一个密码就行了,权限改成600 ``` [root@aminglinux-02 ~]# chmod 600 /etc/rsync_pass.txt [root@aminglinux-02 ~]# rsync -avP /tmp/test/ --port 8730 --password-file=/etc/rsync_pass.txt [email protected]::test/ sending incremental file list sent 72 bytes received 8 bytes 160.00 bytes/sec total size is 2794 speedup is 34.92 [root@aminglinux-02 ~]# ``` - 看现在是不是没有输入密码,再来创建一个文件,再同步看下2.txt同步了,这样就可以不用输入密码了 ``` [root@aminglinux-02 ~]# touch /tmp/test/2.txt [root@aminglinux-02 ~]# rsync -avP /tmp/test/ --port 8730 --password-file=/etc/rsync_pass.txt [email protected]::test/ sending incremental file list ./ 2.txt 0 100% 0.00kB/s 0:00:00 (xfer#1, to-check=1/5) sent 128 bytes received 30 bytes 316.00 bytes/sec total size is 2794 speedup is 17.68 [root@aminglinux-02 ~]# ``` - [x] 当设置了auth users和secrets file后,客户端连服务端也需要用用户名密码了,若想在命令行中带上密码,可以设定一个密码文件 - rsync -avL [email protected]::test/test1/ /tmp/test8/ --password-file=/etc/pass 其中/etc/pass内容就是一个密码,权限要改为600 - hosts allow:表示被允许连接该模块的主机,可以是IP或者网段,如果是多个,中间用空格隔开。 - 用来定义你允许哪些机器去做同步,推,拉逗号,总得有一个机器连接你,这个选项,就是定义允许谁,哪个机器过来连他,如果是多个ip 那就写空格隔开 hosts allow=192.168.202.130 1.1.1.1 2.2.2.2 页可以写ip段192.168.202.0/24 # 10.34 linux 系统日志 - 很多报错都是需要去查看日志,日志里会有信息,看日志非常的重要 - /var/log/messages ``` [root@aminglinux-001 ~]# ls /var/log/messages /var/log/messages [root@aminglinux-001 ~]# less !$ less /var/log/messages [root@aminglinux-001 ~]# [root@aminglinux-001 ~]# du -sh !$ du -sh /var/log/messages 2.5M /var/log/messages [root@aminglinux-001 ~]# ls /var/log/messages* /var/log/messages /var/log/messages-20170829 /var/log/messages-20170910 /var/log/messages-20170820 /var/log/messages-20170903 ``` - /etc/logrotate.conf 日志切割配置文件 ``` [root@aminglinux-001 ~]# cat /etc/logrotate.conf # see "man logrotate" for details # rotate log files weekly weekly (每周切割一次) # keep 4 weeks worth of backlogs rotate 4 (保留4个) # create new (empty) log files after rotating old ones create (切割完了之后 创建一个新的文件) # use date as a suffix of the rotated file dateext # uncomment this if you want your log files compressed #compress (压缩) # RPM packages drop log rotation information into this directory include /etc/logrotate.d (这个目录下面还有一些配置文件) # no packages own wtmp and btmp -- we'll rotate them here /var/log/wtmp { monthly create 0664 root utmp minsize 1M rotate 1 } /var/log/btmp { missingok monthly create 0600 root utmp (指定权限 ,属主属组) rotate 1 } # system-specific logs may be also be configured here. [root@aminglinux-001 ~]# ``` ``` [root@aminglinux-001 ~]# ls /etc/logrotate.d chrony ppp syslog wpa_supplicant yum [root@aminglinux-001 ~]# cat /etc/logrotate.d/syslog /var/log/cron /var/log/maillog /var/log/messages /var/log/secure /var/log/spooler { missingok sharedscripts postrotate /bin/kill -HUP `cat /var/run/syslogd.pid 2> /dev/null` 2> /dev/null || true endscript } [root@aminglinux-001 ~]# ``` - 参考https://my.oschina.net/u/2000675/blog/908189 - dmesg命令 - 这个命令回车之后 ,会把系统里面的硬件相关的日志列出来,这个日志保存在内存中,并不是一个文件,假如硬盘损坏了,网卡有问题了,都会记录在这里,除了看var/log/messages 还要查看硬件的故障,错误, - 命令dmesg -c 把这些日志先清空掉(再重启系统又会生成这些日志) - /var/log/dmesg 日志文件,这个日志和 命令dmesg 没有关联 - last命令,调用的文件/var/log/wtmp ``` [root@aminglinux-001 ~]# last root pts/1 192.168.202.1 Sat Sep 16 20:19 - 20:19 (00:00) root pts/0 192.168.202.1 Sat Sep 16 20:19 still logged in root tty1 Sat Sep 16 20:18 still logged in reboot system boot 3.10.0-514.el7.x Sat Sep 16 20:14 - 20:40 (00:25) root pts/0 192.168.202.1 Fri Sep 15 22:47 - 00:35 (01:48) root tty1 Fri Sep 15 22:46 - 00:36 (01:49) reboot system boot 3.10.0-514.el7.x Fri Sep 15 22:46 - 00:36 (01:49) root pts/0 192.168.202.1 Thu Sep 14 21:00 - crash (1+01:46) root tty1 Thu Sep 14 20:59 - 00:27 (03:28) reboot system boot 3.10.0-514.el7.x Thu Sep 14 20:51 - 00:36 (1+03:44) [root@aminglinux-001 ~]# ls /var/log/wtmp /var/log/wtmp [root@aminglinux-001 ~]# ``` - lastb命令查看登录失败的用户,对应的文件时/var/log/btmp 这个也是不能直接cat 的,它是一个二进制的文件 ``` [root@aminglinux-001 ~]# ls /var/log/btmp /var/log/btmp [root@aminglinux-001 ~]# ``` - /var/log/secure 安全日志 ``` [root@aminglinux-001 ~]# ls /var/log/secure /var/log/secure [root@aminglinux-001 ~]# ``` - 实验,客户端2 尝试登录 服务端 1 - 1.先设置一个动态查看/var/log/secure/文件 ``` [root@aminglinux-001 ~]# tail -f /var/log/secure Sep 16 20:15:13 aminglinux-001 polkitd[481]: Acquired the name org.freedesktop.PolicyKit1 on the system bus Sep 16 20:15:49 aminglinux-001 sshd[1073]: Server listening on 0.0.0.0 port 22. Sep 16 20:15:49 aminglinux-001 sshd[1073]: Server listening on :: port 22. Sep 16 20:18:51 aminglinux-001 login: pam_unix(login:session): session opened for user root by LOGIN(uid=0) Sep 16 20:18:51 aminglinux-001 login: ROOT LOGIN ON tty1 Sep 16 20:19:09 aminglinux-001 sshd[2317]: Accepted publickey for root from 192.168.202.1 port 49438 ssh2: RSA 62:b0:d7:04:7d:c9:3c:ba:5b:e0:e8:e9:dd:c6:db:7b Sep 16 20:19:09 aminglinux-001 sshd[2317]: pam_unix(sshd:session): session opened for user root by (uid=0) Sep 16 20:19:17 aminglinux-001 sshd[2340]: Accepted publickey for root from 192.168.202.1 port 49439 ssh2: RSA 62:b0:d7:04:7d:c9:3c:ba:5b:e0:e8:e9:dd:c6:db:7b Sep 16 20:19:17 aminglinux-001 sshd[2340]: pam_unix(sshd:session): session opened for user root by (uid=0) Sep 16 20:19:21 aminglinux-001 sshd[2340]: pam_unix(sshd:session): session closed for user root ``` - 2.再去终端2 尝试登录 服务端1 ``` [root@aminglinux-02 ~]# ssh 192.168.202.130 Last login: Sat Sep 16 20:19:17 2017 from 192.168.202.1 ``` - 服务端1 有更新信息 ``` Sep 16 20:51:55 aminglinux-001 sshd[2585]: Accepted publickey for root from 192.168.202.132 port 35894 ssh2: RSA 8f:33:a7:03:62:b6:5a:56:34:42:b4:e9:e9:1a:e1:e8 Sep 16 20:51:55 aminglinux-001 sshd[2585]: pam_unix(sshd:session): session opened for user root by (uid=0) ``` - 这时候把秘钥清掉 ``` [root@aminglinux-001 ~]# vi .ssh/authorized_keys ##aming-02 #ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDK5yZBSsOsWDn3jXFScS6JiYsQGY3kFcd***A1v0+DjeVdKy2SVCCrNWc23HRDxJpoVw88Y67pzj/raU/aSrk1FSYdWoiAaDhqshw+8dJ39qMaMdHkmuBzzHpGNNxCLAGvDPBxA+taPeoUIqElAgd3g/uuhic+anZOVVlIEwBUQV20qmWwzYKYXI3ASL8r5rujE5MVAVtQvrrq/5VHC/0YpGndBtVWUOAte0AnpZyEIDqlBDepvcsno25hk8sONQq4XGl3vI672fgxxDoaWgfgKuiKukftMDZehCURkEqLUD3SJKcKYlvcW04vbQ7N3tNMXxsBYM1SoD5C8zZkY/GX root@aminglinux-0 ~ ~ :wq ``` - 再来看 ``` [root@aminglinux-001 ~]# vi .ssh/authorized_keys [root@aminglinux-001 ~]# tail -f /var/log/secure Sep 16 20:15:49 aminglinux-001 sshd[1073]: Server listening on :: port 22. Sep 16 20:18:51 aminglinux-001 login: pam_unix(login:session): session opened for user root by LOGIN(uid=0) Sep 16 20:18:51 aminglinux-001 login: ROOT LOGIN ON tty1 Sep 16 20:19:09 aminglinux-001 sshd[2317]: Accepted publickey for root from 192.168.202.1 port 49438 ssh2: RSA 62:b0:d7:04:7d:c9:3c:ba:5b:e0:e8:e9:dd:c6:db:7b Sep 16 20:19:09 aminglinux-001 sshd[2317]: pam_unix(sshd:session): session opened for user root by (uid=0) Sep 16 20:19:17 aminglinux-001 sshd[2340]: Accepted publickey for root from 192.168.202.1 port 49439 ssh2: RSA 62:b0:d7:04:7d:c9:3c:ba:5b:e0:e8:e9:dd:c6:db:7b Sep 16 20:19:17 aminglinux-001 sshd[2340]: pam_unix(sshd:session): session opened for user root by (uid=0) Sep 16 20:19:21 aminglinux-001 sshd[2340]: pam_unix(sshd:session): session closed for user root Sep 16 20:51:55 aminglinux-001 sshd[2585]: Accepted publickey for root from 192.168.202.132 port 35894 ssh2: RSA 8f:33:a7:03:62:b6:5a:56:34:42:b4:e9:e9:1a:e1:e8 Sep 16 20:51:55 aminglinux-001 sshd[2585]: pam_unix(sshd:session): session opened for user root by (uid=0) ``` - 再去客户端2 尝试登录服务端1 故意把密码输错 ``` [root@aminglinux-001 ~]# 登出 [root@aminglinux-02 ~]# ssh 192.168.202.130 [email protected]'s password: Permission denied, please try again. [email protected]'s password: 再去服务端1 看下文件,发现多了几行信息 Sep 16 20:57:49 aminglinux-001 sshd[2585]: Received disconnect from 192.168.202.132: 11: disconnected by user Sep 16 20:57:49 aminglinux-001 sshd[2585]: pam_unix(sshd:session): session closed for user root Sep 16 20:58:11 aminglinux-001 sshd[2665]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.202.132 user=root Sep 16 20:58:11 aminglinux-001 sshd[2665]: pam_succeed_if(sshd:auth): requirement "uid >= 1000" not met by user "root" Sep 16 20:58:13 aminglinux-001 sshd[2665]: Failed password for root from 192.168.202.132 port 35898 ssh2 ``` # 10.35 screen 工具 - 虚拟的一个屏幕,可以认为是一个虚拟的终端 - 为了不让一个任务意外中断 - nohup command & - 现在有个需求,执行一个脚本,这个脚本执行时间很长,可能一天一夜,而且这个脚本会输出一些东西出来,意味着这个脚本不能中途中断, 我们登录服务器是网络操作的,如果网络中段, 为了保证一天一夜的脚本不能中断,为了保证中途不出差错,但是我们不敢保证,因为我不可能一天一夜不睡觉, - 有俩个办法,第一个办法 把这个任务丢到后台去,加个日志的输出,虽然没有输出到屏幕上,输出到日志里也可以, - 执行命令 加上 日志 加上& ,(命 令 nohup command & ) 丢到后台去,即使你的终端断开,它依然会在后台执行 - 虽然解决了防止任务中断 的问题,但是没有办法实时查看任务输出的东西,毕竟在后台,是可以写一个日志,但是能不能保证写在屏幕上输出的内容看到呢? - 有没有一种终端 让我们的任务一直执行,随时把这个终端退出,临时放到后台去也可以,随时想调回来也可以,这个工具就是screen , 说白了就是虚拟终端,可以在退出远程终端pts 1 pts0 远程终端之前, 先把这个screen 丢到后台去,随时用 随时调出来 - screen是一个虚拟终端 - 首先安装screen命令, yum install -y screen ``` [root@aminglinux-001 ~]# yum install -y screen 已加载插件:fastestmirror base | 3.6 kB 00:00:00 epel/x86_64/metalink | 6.5 kB 00:00:00 epel | 4.3 kB 00:00:00 已安装: screen.x86_64 0:4.1.0-0.23.20120314git3c2946.el7_2 完毕! [root@aminglinux-001 ~]# ``` - 安装完之后,screen直接回车就进入了虚拟终端 - - ctral a组合键再按d退出虚拟终端,但不是结束 - screen -ls 查看虚拟终端列表 ``` [root@aminglinux-001 ~]# screen [detached from 2822.pts-0.aminglinux-001] [root@aminglinux-001 ~]# screen -ls There is a screen on: 2822.pts-0.aminglinux-001 (Detached) 1 Socket in /var/run/screen/S-root. [root@aminglinux-001 ~]# ``` - 想要回去看下 - screen -r id 进入指定的终端 ``` [root@aminglinux-001 ~]# screen -r 2822 [screen is terminating] [root@aminglinux-001 ~]# screen -ls No Sockets found in /var/run/screen/S-root. [root@aminglinux-001 ~]# ``` - 现在弄三个screen ``` [root@aminglinux-001 ~]# screen [detached from 2854.pts-0.aminglinux-001] [root@aminglinux-001 ~]# screen [detached from 2871.pts-0.aminglinux-001] [root@aminglinux-001 ~]# screen [detached from 2888.pts-0.aminglinux-001] [root@aminglinux-001 ~]# screen -ls There are screens on: 2888.pts-0.aminglinux-001 (Detached) 2871.pts-0.aminglinux-001 (Detached) 2854.pts-0.aminglinux-001 (Detached) 3 Sockets in /var/run/screen/S-root. [root@aminglinux-001 ~]# ``` - 想进其中一个 直接 screen -r id 就可以了,数字不同,后面都一样,太难区分了,不知道哪一个screen 运行了什么东西,实际上可以自定义一个名字 - 命令screen -S aming 自定义一个名字 - screen -r aming 进入得时候 加自定义的名字,也可以加id ``` [root@aminglinux-001 ~]# screen -S "test_screen" [detached from 2942.test_screen] [root@aminglinux-001 ~]# screen -ls There are screens on: 2942.test_screen (Detached) 2888.pts-0.aminglinux-001 (Detached) 2871.pts-0.aminglinux-001 (Detached) 2854.pts-0.aminglinux-001 (Detached) 4 Sockets in /var/run/screen/S-root. [root@aminglinux-001 ~]# [root@aminglinux-001 ~]# sleep 100 [root@aminglinux-001 ~]# ^C [root@aminglinux-001 ~]# ``` - 分别进入screen 使用命令 exit 退出screen ``` [root@aminglinux-001 ~]# screen -r 2942 [screen is terminating] [root@aminglinux-001 ~]# screen -r 2888 [screen is terminating] [root@aminglinux-001 ~]# screen -r 2871 [screen is terminating] [root@aminglinux-001 ~]# screen -r 2854 [screen is terminating] [root@aminglinux-001 ~]# screen -ls No Sockets found in /var/run/screen/S-root. [root@aminglinux-001 ~]# - 扩展 1. Linux日志文件总管logrotate http://linux.cn/article-4126-1.html 2. xargs用法详解 http://blog.csdn.net/zhangfn2011/article/details/6776925