Download Unikey (*.rpm file) từ http://www.unikey.org/linux.php
# rpm -ihv *.rpm
Sau khi cài đặt Unikey, hãy đăng xuất (log out) rồi đăng nhập (login) trở lại. Chạy "unikey", bạn sẽ sử dụng được Unikey ngay lập tức mà không phải làm gì nữa. Nếu không ở trong trường hợp này, hãy thử các bước sau:
- Thêm các dòng sau vào tập tin ~/.bash_profile hoặc ~/.bashrc:
export XMODIFIERS="@im=unikey"
export GTK_IM_MODULE="xim"
- Đăng nhập lại
- Chạy unikey
# unikey
Chú ý:
Sau khi bạn cài đặt Unikey sẽ ảnh hưởng đến môi trường tiếng nhật bạn đang dùng
Jun 25, 2007
Jun 18, 2007
Managing Storage
Managing Storage
Overview of Storage Hardware
Device files
the device files for disk drives appear in the /dev/ directory.
Device type
sd – the device is SCSI-based
hd – the device is ATA-based
The first hard drive on system may appear as hda or sda
Unit
Following the two-letter device type are one or two letters denoting the specific unit
Partition
the partition on the device is represented by number in the end of device name
/dev/hda1 (ATA drive)
/dev/sdad4 (SCSI device)
Mounting file system
Mounting point
Basically, mounting points are where you mount your file systems or devices.
Seeing What is Mounted
Viewing /etc/mtab
# vi /etc/mtab
The /etc/mtab file is meant to be used to display the status of currently-mounted file systems only. It should not be manually modified.
Viewing /proc/mounts
# vi /proc/mounts
(The Proc psuedo file system is a real time, memory resident file system that tracks the processes running on your machine and the state of your system.)
df – command
Lets we know what file systems are currently mounted and the amount of free space on them.
Filesystem 1K-ブロック 使用 使用可 使用% マウント位置
/dev/mapper/VolGroup00-LogVol00
99636632 10652432 83841264 12% /
/dev/sda1 101086 16258 79609 17% /boot
/dev/mapper/VolGroup00-LogVol02
49611460 1517004 45533640 4% /data
tmpfs 511684 0 511684 0% /dev/shm
Network-Accessible Storage Under Linux
NFS (Network File System)
is a file system that may be accessed via a network connection.
The file systems an NFS server makes available to clients is controlled by the configuration file /etc/exports.
SMB (Server Message Block)
is the name for the communications protocol used by various operating systems produced by Microsoft.
Red Hat Linux supports SMB via the Samba server program.
Mounting File systems automatically with /etc/fstab
#vi /etc/fstab
Mornitoring Disk Space
df – command
# df
-h option for understand by human
Automated Monitoring Using diskcheck
Automatically check disk and send email to administrator.
Adding/Removing Storage
Adding Storage
Partitioning
Using the command-line fdisk utility program
Using parted, another command-line utility program
Formatting the partition(s)
# mkfs
Updating /etc/fstab
to automatically mount to system.
Removing Storage
Remove the disk drive's partition from /etc/fstab
Unmount the disk drive's active partitions.
# umount path
Erase the contents of the disk drive.
# badblocks -ws
Disk Quotas
Disk quotas under Red Hat Linux have the following features:
Per-file-system implementation
Per-user space accounting
Per-group space accounting
Tracks disk block usage
Tracks disk inode usage
Hard limits
Soft limits
Grace periods
Physical and Virtual Memory
Storage Access Patterns
Access tends to be sequential
If address N is accessed by the CPU, it it highly likely that address N+1 will be accessed next.
Access tends to be localized
If address X is accessed, it is likely that other addresses surrounding X will also be accessed in the future.
The Storage Spectrum
Storage technologies:
CPU registers
Cache memory
Ram
Hard drives
Off-line backup storage (tape, optical disk, etc.)
Virtual Memory
Virtual memory is a portion of the hard disk that operation system uses to application programs to meet the require exceeds the amount of physical memory available.
Paging occurs when an active process requires more memory than what is accessible in physical memory. Portions of the process are moved to disk so the physical memory can be used for something else.
Swapping is done by the kernel. When memory space is running low the kernel looks for a process that isn't likely to run in the near future. That process is written entirely to disk, and the newly-freed memory is reassigned to another process or job.
Virtual Memory in Redhat Linux
Using free to get a concise overview of memory and swap utilization.
$ free
total used free shared buffers cached
Mem: 1023368 1004148 19220 0 14544 277328
-/+ buffers/cache: 712276 311092
Swap: 2031608 198436 1833172
System has 1G of RAM, about ~1004 MB is actually in use. ~198 MB of swap is in use.
sar [-a] [-A] [-b] [-c] [-d] [-g] [-k] [-m] [-p] [-q] [-r] [-u] [-v] [-w] [-y ] [ -o filename ] t [ n ]
Viewing result of sar -r
09時17分12秒 LINUX RESTART
09時20分02秒 kbmemfree kbmemused %memused kbbuffers kbcached kbswpfree kbswpused %swpused kbswpcad
09時30分02秒 35432 987936 96.54 30024 523368 2031444 164 0.01 0
09時40分01秒 33080 990288 96.77 37776 512900 2031444 164 0.01 0
09時50分01秒 13600 1009768 98.67 45868 516460 2031444 164 0.01 0
10時00分01秒 57096 966272 94.42 52216 469420 2031444 164 0.01 0
平均値: 34802 988566 96.60 41471 505537 2031444 164 0.01 0
kb: Kilobytes of memory allocated to
sar -W
09時17分12秒 LINUX RESTART
09時20分02秒 pswpin/s pswpout/s
09時30分02秒 0.00 0.07
09時40分01秒 0.00 0.00
09時50分01秒 0.00 0.00
10時00分01秒 0.00 0.00
平均値: 0.00 0.02
page swap in per second (pswpin/s)
page swap out per second (pswpout/s)
Jun 13, 2007
Resource Monitoring
All systems have the following resources available:
+ System have problem, can we improve its performence? (system performence monitoring)
+ System run well now, can we keep it later? (monitoring system capacity)
Monitoring Bandwidth
Monitoring Memory
Monitoring Storage
Tools for resource monitoring
free
Display amount of free and used memory in the system
# free
total used free shared buffers cached
Mem: 1023368 966064 57304 0 24704 247628
-/+ buffers/cache: 693732 329636
Swap: 2031608 164 2031444
Mem row: displays the physical memory utilization.
Swap row: displays the utilization of the system swap space.
+/- buffers/cache row: display the amount of physical memory currently devoted to system buffers.
to view it change with time using
#watch free
#watch -n 1 -d free
-n to set delay time, -d to highline the change
top
Display a lot of things.
#top
#gnome-system-monitor
vmstat
To get an overview of process, memory, swap, I/O, system, and CPU activity in one line of numbers:
# vmstat
procs -----------memory---------- ---swap-- -----io---- --system-- -----cpu------
r b swpd free buff cache si so bi bo in cs us sy id wa st
0 0 164 68416 10204 251848 0 0 47 38 1121 1038 8 2 89 1 0
Procs
r: The number of runnable processes waiting for access to the CPU
b: The number of processes in an uninterrupible sleep state
Memory
swpd: The amount of virtual memory used
free: The amount of free memory
buff: The amount of memory used for buffers
cache: The amount of memory used as page cache
Swap
si: The amount of memory swapped in from disk
so: The amount of memory swapped out to disk
IO
bi: Blocks sent to a block device
bo: Blocks received from a block device
System
in: The number of interrupts per second
cs: The number context switches per second
CPU
us: The percentage of the time the CPU ran user-level code
sy: The percentage of the time of CPU ran system-level code
id: The percentage of the time the CPU was idle
wa: The percentage of the time spent running non-kernel code
st: The percentage of the time stolen from a virtual machine
The Sysstat Suite of Resource Monitoring Tools
#yum -y install sysstat.i386
iostat
Display an overview of CPU utilization, along with I/O statistics for one or more disk devices
mpstat
Display more in-depth CPU statistics.
sadc (/usr/lib/sa/sadc), sar generate the reports interactively.
- CPU power
- Bandwidth
- Memory
- Storage
+ System have problem, can we improve its performence? (system performence monitoring)
+ System run well now, can we keep it later? (monitoring system capacity)
- System performence monitoring
- Determine the cause of problem
- Analyze the the data that produced from monitoring, to solve the problem
- Ensure the performence problem has been resolved
- Monitoring system capacity
Monitoring Bandwidth
Monitoring Memory
Monitoring Storage
Tools for resource monitoring
free
Display amount of free and used memory in the system
# free
total used free shared buffers cached
Mem: 1023368 966064 57304 0 24704 247628
-/+ buffers/cache: 693732 329636
Swap: 2031608 164 2031444
Mem row: displays the physical memory utilization.
Swap row: displays the utilization of the system swap space.
+/- buffers/cache row: display the amount of physical memory currently devoted to system buffers.
to view it change with time using
#watch free
#watch -n 1 -d free
-n to set delay time, -d to highline the change
top
Display a lot of things.
#top
#gnome-system-monitor
vmstat
To get an overview of process, memory, swap, I/O, system, and CPU activity in one line of numbers:
# vmstat
procs -----------memory---------- ---swap-- -----io---- --system-- -----cpu------
r b swpd free buff cache si so bi bo in cs us sy id wa st
0 0 164 68416 10204 251848 0 0 47 38 1121 1038 8 2 89 1 0
Procs
r: The number of runnable processes waiting for access to the CPU
b: The number of processes in an uninterrupible sleep state
Memory
swpd: The amount of virtual memory used
free: The amount of free memory
buff: The amount of memory used for buffers
cache: The amount of memory used as page cache
Swap
si: The amount of memory swapped in from disk
so: The amount of memory swapped out to disk
IO
bi: Blocks sent to a block device
bo: Blocks received from a block device
System
in: The number of interrupts per second
cs: The number context switches per second
CPU
us: The percentage of the time the CPU ran user-level code
sy: The percentage of the time of CPU ran system-level code
id: The percentage of the time the CPU was idle
wa: The percentage of the time spent running non-kernel code
st: The percentage of the time stolen from a virtual machine
The Sysstat Suite of Resource Monitoring Tools
#yum -y install sysstat.i386
iostat
Display an overview of CPU utilization, along with I/O statistics for one or more disk devices
mpstat
Display more in-depth CPU statistics.
sadc (/usr/lib/sa/sadc), sar generate the reports interactively.
1. The Philosophy of System Administration
Although the specifics of being a system administrator may change from platform to platform, there are underlying themes that do not.
[Red Hat Linux System Administration Primer book]
- Automate everything
- Document everything
- Communicate as much as possible
- Know your resources
- Know your users
- Know your business
- Security cannot be an afterthought
- Plan ahead
- Expect the unexpected
- crontab(1) and crontab(5) man pages — Command and file format documentation for using cron.
- at(1) man page — Schedule commands and scripts for execution at a later time with this utility.
- bash(1) man page — Learn more about the default shell (and shell script writing) with this documentation.
- perl(1) man page — View pointers to the many man pages that make up perl’s online documentation.
- gedit(1) man page and Help menu entry — Learn how to edit text files with this graphical text editor.
- emacs(1) man page — Information (including instructions for running an online tutorial) on how to use this text editor.
- vim(1) man page — Learn how to use this text-based editor.
- mozilla(1) man page and Help Contents menu entry — Learn how to edit HTML files, read mail, and browse the Web.
- Quanta Handbook menu entry — Learn how to edit HTML files with this graphical HTML editor.
- evolution(1) man page and Help menu entry — Learn how to manage your email with this graphical email client.
- pine(1) man page and ? menu entry — Learn how to manage your email with this text-based email client.
- mutt(1) man page and files in /usr/share/doc/mutt-¤ version — Learn how to manage your email with this text-based email client.
- pam(8) man page and files in /usr/share/doc/pam-¤ version — Learn how authentication takes place under Red Hat Linux.
- tripwire(8) man page — Learn how to configure and run this intrusion detection software.
[Red Hat Linux System Administration Primer book]
Hack 2 Scan for SUID and SGID Programs
Quickly check for potential root-exploitable programs and backdoors.
What is SUID? SUID stands for set user id. When a SUID file executed, the process which runs it is granted access to system resources based on the user who owns the file and not the user who created the process.
What is SGID? SGID stands for set group id. When looking at files SGID they behave much the same as SUID files, and must be executable for it to have any effect.
Scanning systems for SUID and SGID binaries
# find / \( -perm -4000 -o -perm -2000 \) -type f -exec ls -la {} \;
What is SUID? SUID stands for set user id. When a SUID file executed, the process which runs it is granted access to system resources based on the user who owns the file and not the user who created the process.
What is SGID? SGID stands for set group id. When looking at files SGID they behave much the same as SUID files, and must be executable for it to have any effect.
Scanning systems for SUID and SGID binaries
# find / \( -perm -4000 -o -perm -2000 \) -type f -exec ls -la {} \;
Hack 1 Secure Mount Points
Using mount command to mount a new partition
#mount -o ro,nodev,noexec,nosuid partition mountpoint
example
#mount -o ro,nodev,noexec,nosuid /dev/mapper/VolGroup00-LogVol02 /data
-o (option) place any option following here
Consider the minimum permision for each mountpoint.
umount command
#umount /data
#mount -o ro,nodev,noexec,nosuid partition mountpoint
example
#mount -o ro,nodev,noexec,nosuid /dev/mapper/VolGroup00-LogVol02 /data
-o (option) place any option following here
Consider the minimum permision for each mountpoint.
umount command
#umount /data
Subscribe to:
Posts (Atom)