- 10.32/10.33 rsync通过服务同步
- 10.34 linux系统日志
- 10.35 screen工具
- 扩展
1. Linux日志文件总管logrotate http://linux.cn/article-4126-1.html
2. xargs用法详解 http://blog.csdn.net/zhangfn2011/article/details/6776925
# 10.32 rsync通过服务来同步 上
- rsync通过服务的方式同步
- 要编辑配置文件/etc/rsyncd.conf
- 启动服务rsync --daemon
- 格式:rsync -av test1/192.168.133.130::module/dir/
- rsyncd.conf样例
```
port=873
log file=/var/log/rsync.log
pid file=/var/run/rsyncd.pid
address=192.168.202.130
[test]
path=/root/rsync
use chroot=true
max connections=4
read only=no
list=true
uid=root
gid=root
auth users=test
secrets file=/etc/rsyncd.passwd
hosts allow=192.168.202.132
```
- 先打开vi /etc/rsyncd.conf编辑配置文件
```
[root@aminglinux-001 ~]# vi /etc/rsyncd.conf
# /etc/rsyncd: configuration file for rsync daemon mode
# See rsyncd.conf man page for more options.
# configuration example:
# uid = nobody
# gid = nobody
# use chroot = yes
# max connections = 4
# pid file = /var/run/rsyncd.pid
# exclude = lost+found/
# transfer logging = yes
# timeout = 900
# ignore nonreadable = yes
# dont compress = *.gz *.tgz *.zip *.z *.Z *.rpm *.deb *.bz2
# [ftp]
# path = /home/ftp
# comment = ftp export area
~
~
"/etc/rsyncd.conf" 20L, 458C
```
-把上面的样例放进去
```
[root@aminglinux-001 ~]# vi /etc/rsyncd.conf
# use chroot = yes
# max connections = 4
# pid file = /var/run/rsyncd.pid
# exclude = lost+found/
# transfer logging = yes
# timeout = 900
# ignore nonreadable = yes
# dont compress = *.gz *.tgz *.zip *.z *.Z *.rpm *.deb *.bz2
# [ftp]
# path = /home/ftp
# comment = ftp export area
port=873
log file=/var/log/rsync.log
pid file=/var/run/rsyncd.pid
address=192.168.202.130
[test]
path=/root/rsync
use chroot=true
max connections=4
read only=no
list=true
uid=root
gid=root
auth users=test
secrets file=/etc/rsyncd.passwd
hosts allow=192.168.202.132
-- INSERT --
[root@aminglinux-001 ~]# vi /etc/rsyncd.conf
```
-启动服务rsync --daemon
```
[root@aminglinux-001 ~]# rsync --daemon
[root@aminglinux-001 ~]# ps aux |grep rsync (检测一下看下有没有启动服务)
root 2927 0.0 0.0 114644 556 ? Ss 22:26 0:00 rsync --daemon
root 2929 0.0 0.0 112664 972 pts/0 R+ 22:26 0:00 grep --color=auto rsync
[root@aminglinux-001 ~]# netstat -lntp (检查下监听的端口)
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1085/sshd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1523/master
tcp 0 0 192.168.202.130:873 0.0.0.0:* LISTEN 2927/rsync
tcp6 0 0 :::22 :::* LISTEN 1085/sshd
tcp6 0 0 ::1:25 :::* LISTEN 1523/master
[root@aminglinux-001 ~]#
```
- /root/rsync/ 这样的路径,不要放在root 下,权限不好把握
```
[root@aminglinux-001 ~]# vim /etc/rsyncd.conf
# /etc/rsyncd: configuration file for rsync daemon mode
# See rsyncd.conf man page for more options.
# configuration example:
# uid = nobody
# gid = nobody
# use chroot = yes
# max connections = 4
# pid file = /var/run/rsyncd.pid
# exclude = lost+found/
# transfer logging = yes
# timeout = 900
# ignore nonreadable = yes
# dont compress = *.gz *.tgz *.zip *.z *.Z *.rpm *.deb *.bz2
# [ftp]
# path = /home/ftp
# comment = ftp export area
port=873
log file=/var/log/rsync.log
pid file=/var/run/rsyncd.pid
address=192.168.202.130
[test]
path=/tmp/rsync
use chroot=true
:wq
```
- 把path=/root/rsync/ 改为path=/tmp/rsync/ ,然后创建一下这个目录/tmp/rsync/ 把权限改为777,为了方便测试
```
[root@aminglinux-001 ~]# vim /etc/rsyncd.conf
[root@aminglinux-001 ~]# mkdir /tmp/rsync
[root@aminglinux-001 ~]# chmod 777 /tmp/rsync
[root@aminglinux-001 ~]#
```
-在终端2 上 同步一个文件过去
- rsync -avP /tmp/aming.txt 192.168.202.130::test/aming-02.txt
- 命令解释:在终端2上把/tmp/aming.txt 文件同步到 (192.168.202.130)终端1的test(/tmp/rsync/)目录下,并且改名aming-02.txt
```
[root@aminglinux-02 ~]# rsync -avP /tmp/aming.txt 192.168.202.130::test/aming-02.txt
rsync: failed to connect to 192.168.202.130 (192.168.202.130): No route to host (113)
rsync error: error in socket IO (code 10) at clientserver.c(122) [sender=3.0.9]
[root@aminglinux-02 ~]#
```
-这里报错了,我们先来看下网络是否是通的,ping下,可以,再试下telnet
```
[root@aminglinux-02 ~]# ping 192.168.202.130
PING 192.168.202.130 (192.168.202.130) 56(84) bytes of data.
64 bytes from 192.168.202.130: icmp_seq=1 ttl=64 time=0.421 ms
64 bytes from 192.168.202.130: icmp_seq=2 ttl=64 time=0.410 ms
64 bytes from 192.168.202.130: icmp_seq=3 ttl=64 time=0.449 ms
^C
--- 192.168.202.130 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2001ms
rtt min/avg/max/mdev = 0.410/0.426/0.449/0.028 ms
[root@aminglinux-02 ~]# telnet 192.168.202.130 873
-bash: telnet: 未找到命令
[root@aminglinux-02 ~]#
```
- 再看下是否是端口有问题,看下telnet 命令没有,安装一下,telnet 192.168.202.130 873 ,
- telnet ip 端口 这个是检测一个端口是否通的一个命令
```
[root@aminglinux-02 ~]# yum install -y telnet
已加载插件:fastestmirror
已安装:
telnet.x86_64 1:0.17-60.el7
完毕!
[root@aminglinux-02 ~]#
[root@aminglinux-02 ~]# telnet 192.168.202.130 873
Trying 192.168.202.130...
telnet: connect to address 192.168.202.130: No route to host
[root@aminglinux-02 ~]#
```
- telnet 这样说明这个端口不通的,有问题,检查下是否是iptables的问题
```
[root@aminglinux-02 ~]# iptables -nvL
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
450 112K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
1 80 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
152 42932 INPUT_direct all -- * * 0.0.0.0/0 0.0.0.0/0
152 42932 INPUT_ZONES_SOURCE all -- * * 0.0.0.0/0 0.0.0.0/0
152 42932 INPUT_ZONES all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID
151 42880 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
0 0 FORWARD_direct all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FORWARD_IN_ZONES_SOURCE all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FORWARD_IN_ZONES all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FORWARD_OUT_ZONES_SOURCE all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FORWARD_OUT_ZONES all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID
0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT 22 packets, 2088 bytes)
pkts bytes target prot opt in out source destination
435 42068 OUTPUT_direct all -- * * 0.0.0.0/0 0.0.0.0/0
Chain FORWARD_IN_ZONES (1 references)
pkts bytes target prot opt in out source destination
0 0 FWDI_public all -- ens37 * 0.0.0.0/0 0.0.0.0/0 [goto]
0 0 FWDI_public all -- ens33 * 0.0.0.0/0 0.0.0.0/0 [goto]
0 0 FWDI_public all -- + * 0.0.0.0/0 0.0.0.0/0 [goto]
Chain FORWARD_IN_ZONES_SOURCE (1 references)
pkts bytes target prot opt in out source destination
Chain FORWARD_OUT_ZONES (1 references)
pkts bytes target prot opt in out source destination
0 0 FWDO_public all -- * ens37 0.0.0.0/0 0.0.0.0/0 [goto]
0 0 FWDO_public all -- * ens33 0.0.0.0/0 0.0.0.0/0 [goto]
0 0 FWDO_public all -- * + 0.0.0.0/0 0.0.0.0/0 [goto]
Chain FORWARD_OUT_ZONES_SOURCE (1 references)
pkts bytes target prot opt in out source destination
Chain FORWARD_direct (1 references)
pkts bytes target prot opt in out source destination
Chain FWDI_public (3 references)
pkts bytes target prot opt in out source destination
0 0 FWDI_public_log all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FWDI_public_deny all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FWDI_public_allow all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
Chain FWDI_public_allow (1 references)
pkts bytes target prot opt in out source destination
Chain FWDI_public_deny (1 references)
pkts bytes target prot opt in out source destination
Chain FWDI_public_log (1 references)
pkts bytes target prot opt in out source destination
Chain FWDO_public (3 references)
pkts bytes target prot opt in out source destination
0 0 FWDO_public_log all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FWDO_public_deny all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FWDO_public_allow all -- * * 0.0.0.0/0 0.0.0.0/0
Chain FWDO_public_allow (1 references)
pkts bytes target prot opt in out source destination
Chain FWDO_public_deny (1 references)
pkts bytes target prot opt in out source destination
Chain FWDO_public_log (1 references)
pkts bytes target prot opt in out source destination
Chain INPUT_ZONES (1 references)
pkts bytes target prot opt in out source destination
0 0 IN_public all -- ens37 * 0.0.0.0/0 0.0.0.0/0 [goto]
32 3572 IN_public all -- ens33 * 0.0.0.0/0 0.0.0.0/0 [goto]
120 39360 IN_public all -- + * 0.0.0.0/0 0.0.0.0/0 [goto]
Chain INPUT_ZONES_SOURCE (1 references)
pkts bytes target prot opt in out source destination
Chain INPUT_direct (1 references)
pkts bytes target prot opt in out source destination
Chain IN_public (3 references)
pkts bytes target prot opt in out source destination
152 42932 IN_public_log all -- * * 0.0.0.0/0 0.0.0.0/0
152 42932 IN_public_deny all -- * * 0.0.0.0/0 0.0.0.0/0
152 42932 IN_public_allow all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
Chain IN_public_allow (1 references)
pkts bytes target prot opt in out source destination
1 52 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 ctstate NEW
Chain IN_public_deny (1 references)
pkts bytes target prot opt in out source destination
Chain IN_public_log (1 references)
pkts bytes target prot opt in out source destination
Chain OUTPUT_direct (1 references)
pkts bytes target prot opt in out source destination
[root@aminglinux-02 ~]#
```
-果然是iptables里面的规则导致,现在需要把firewalld 服务给停掉 使用命令systemctl stop firewalld 把firewalld服务停掉,现在规则没有了
```
[root@aminglinux-02 ~]# systemctl stop firewalld
[root@aminglinux-02 ~]# iptables -nvL
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
[root@aminglinux-02 ~]#
```
- 终端1 那里也要看下,
```
[root@aminglinux-001 ~]# iptables -nvL
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
859 72158 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
1 80 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
192 51825 INPUT_direct all -- * * 0.0.0.0/0 0.0.0.0/0
192 51825 INPUT_ZONES_SOURCE all -- * * 0.0.0.0/0 0.0.0.0/0
192 51825 INPUT_ZONES all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID
190 51689 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
0 0 FORWARD_direct all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FORWARD_IN_ZONES_SOURCE all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FORWARD_IN_ZONES all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FORWARD_OUT_ZONES_SOURCE all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FORWARD_OUT_ZONES all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID
0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT 15 packets, 1328 bytes)
pkts bytes target prot opt in out source destination
757 78611 OUTPUT_direct all -- * * 0.0.0.0/0 0.0.0.0/0
Chain FORWARD_IN_ZONES (1 references)
pkts bytes target prot opt in out source destination
0 0 FWDI_work all -- ens37 * 0.0.0.0/0 0.0.0.0/0 [goto]
0 0 FWDI_work all -- ens33 * 0.0.0.0/0 0.0.0.0/0 [goto]
0 0 FWDI_work all -- + * 0.0.0.0/0 0.0.0.0/0 [goto]
Chain FORWARD_IN_ZONES_SOURCE (1 references)
pkts bytes target prot opt in out source destination
Chain FORWARD_OUT_ZONES (1 references)
pkts bytes target prot opt in out source destination
0 0 FWDO_work all -- * ens37 0.0.0.0/0 0.0.0.0/0 [goto]
0 0 FWDO_work all -- * ens33 0.0.0.0/0 0.0.0.0/0 [goto]
0 0 FWDO_work all -- * + 0.0.0.0/0 0.0.0.0/0 [goto]
Chain FORWARD_OUT_ZONES_SOURCE (1 references)
pkts bytes target prot opt in out source destination
Chain FORWARD_direct (1 references)
pkts bytes target prot opt in out source destination
Chain FWDI_work (3 references)
pkts bytes target prot opt in out source destination
0 0 FWDI_work_log all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FWDI_work_deny all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FWDI_work_allow all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
Chain FWDI_work_allow (1 references)
pkts bytes target prot opt in out source destination
Chain FWDI_work_deny (1 references)
pkts bytes target prot opt in out source destination
Chain FWDI_work_log (1 references)
pkts bytes target prot opt in out source destination
Chain FWDO_work (3 references)
pkts bytes target prot opt in out source destination
0 0 FWDO_work_log all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FWDO_work_deny all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FWDO_work_allow all -- * * 0.0.0.0/0 0.0.0.0/0
Chain FWDO_work_allow (1 references)
pkts bytes target prot opt in out source destination
Chain FWDO_work_deny (1 references)
pkts bytes target prot opt in out source destination
Chain FWDO_work_log (1 references)
pkts bytes target prot opt in out source destination
Chain INPUT_ZONES (1 references)
pkts bytes target prot opt in out source destination
0 0 IN_work all -- ens37 * 0.0.0.0/0 0.0.0.0/0 [goto]
57 7545 IN_work all -- ens33 * 0.0.0.0/0 0.0.0.0/0 [goto]
135 44280 IN_work all -- + * 0.0.0.0/0 0.0.0.0/0 [goto]
Chain INPUT_ZONES_SOURCE (1 references)
pkts bytes target prot opt in out source destination
Chain INPUT_direct (1 references)
pkts bytes target prot opt in out source destination
Chain IN_work (3 references)
pkts bytes target prot opt in out source destination
192 51825 IN_work_log all -- * * 0.0.0.0/0 0.0.0.0/0
192 51825 IN_work_deny all -- * * 0.0.0.0/0 0.0.0.0/0
192 51825 IN_work_allow all -- * * 0.0.0.0/0 0.0.0.0/0
1 84 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
Chain IN_work_allow (1 references)
pkts bytes target prot opt in out source destination
1 52 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 ctstate NEW
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:1121 ctstate NEW
Chain IN_work_deny (1 references)
pkts bytes target prot opt in out source destination
Chain IN_work_log (1 references)
pkts bytes target prot opt in out source destination
Chain OUTPUT_direct (1 references)
pkts bytes target prot opt in out source destination
[root@aminglinux-001 ~]#
```
- 所以我们也需要把firewalld 服务 给停掉
```
[root@aminglinux-001 ~]# systemctl stop firewalld
[root@aminglinux-001 ~]# iptables -nvL
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
[root@aminglinux-001 ~]#
```
- 再去终端2上面重新试下telnet ip 端口
```
[root@aminglinux-02 ~]# telnet 192.168.202.130 873
Trying 192.168.202.130...
Connected to 192.168.202.130.
Escape character is '^]'.
@RSYNCD: 30.0 (显示到这里说明通了)
[root@aminglinux-02 ~]# telnet 192.168.202.130 873
Trying 192.168.202.130...
Connected to 192.168.202.130.
Escape character is '^]'.
@RSYNCD: 30.0
^] (退出来用ctrl + ]) 然后quit
telnet> quit
Connection closed.
[root@aminglinux-02 ~]#
```
- 再来运行这个命令,
```
Connection closed.
[root@aminglinux-02 ~]# rsync -avP /tmp/aming.txt 192.168.202.130::test/aming-02.txt
Password:
```
- 提示输入密码,
- 再去终端1 修改配置文件,把密码那里注释掉
```
[root@aminglinux-001 ~]# vim /etc/rsyncd.conf
# /etc/rsyncd: configuration file for rsync daemon mode
# See rsyncd.conf man page for more options.
# configuration example:
# uid = nobody
# gid = nobody
# use chroot = yes
# max connections = 4
# pid file = /var/run/rsyncd.pid
# exclude = lost+found/
# transfer logging = yes
# timeout = 900
# ignore nonreadable = yes
# dont compress = *.gz *.tgz *.zip *.z *.Z *.rpm *.deb *.bz2
# [ftp]
# path = /home/ftp
# comment = ftp export area
port=873
log file=/var/log/rsync.log
pid file=/var/run/rsyncd.pid
address=192.168.202.130
[test]
path=/tmp/rsync
use chroot=true
max connections=4
read only=no
list=true
uid=root
gid=root
#auth users=test
#secrets file=/etc/rsyncd.passwd
hosts allow=192.168.202.132
-- 插入 --
```
- 再来终端2 看下 成功了
```
[root@aminglinux-02 ~]# rsync -avP /tmp/aming.txt 192.168.202.130::test/aming-02.txt
sending incremental file list
aming.txt
1397 100% 0.00kB/s 0:00:00 (xfer#1, to-check=0/1)
sent 1470 bytes received 27 bytes 998.00 bytes/sec
total size is 1397 speedup is 0.93
[root@aminglinux-02 ~]#
```
- 来检查下终端1 /tmp/rsync/ 里面有aing-02.txt文件
```
[root@aminglinux-001 ~]# ls /tmp/rsync/
aming-02.txt
[root@aminglinux-001 ~]#
```
- 反过来我们也可以把这个文件拉下来,拉到这台机器上来 也可以
```
[root@aminglinux-02 ~]# rsync -avP 192.168.202.130::test/aming-02.txt /tmp/123.txt
receiving incremental file list
aming-02.txt
1397 100% 1.33MB/s 0:00:00 (xfer#1, to-check=0/1)
sent 45 bytes received 1504 bytes 3098.00 bytes/sec
total size is 1397 speedup is 0.90
[root@aminglinux-02 ~]#
```
- 下面来看下这些配置文件的里面 含义是什么
- rsyncd.conf配置文件详解
- port:指定在哪个端口启动rsyncd服务,默认是873端口。也可以改下端口 把873端口改为8730
```
[root@aminglinux-001 ~]# vim /etc/rsyncd.conf
# uid = nobody
# gid = nobody
# use chroot = yes
# max connections = 4
# pid file = /var/run/rsyncd.pid
# exclude = lost+found/
# transfer logging = yes
# timeout = 900
# ignore nonreadable = yes
# dont compress = *.gz *.tgz *.zip *.z *.Z *.rpm *.deb *.bz2
# [ftp]
# path = /home/ftp
# comment = ftp export area
port=8730
log file=/var/log/rsync.log
pid file=/var/run/rsyncd.pid
address=192.168.202.130
[test]
path=/tmp/rsync
use chroot=true
max connections=4
read only=no
list=true
uid=root
gid=root
#auth users=test
#secrets file=/etc/rsyncd.passwd
hosts allow=192.168.202.132
-- 插入 --
```
- 看下他的日志文件 /var/log/rsync.log
```
[root@aminglinux-001 ~]# vim /etc/rsyncd.conf
[root@aminglinux-001 ~]# cat /var/log/rsync.log
2017/09/14 22:26:50 [2927] rsyncd version 3.0.9 starting, listening on port 873
2017/09/14 22:56:55 [3172] name lookup failed for 192.168.202.132: Name or service not known
2017/09/14 22:56:55 [3172] connect from UNKNOWN (192.168.202.132)
2017/09/14 23:26:30 [3172] rsync: connection unexpectedly closed (0 bytes received so far) [Receiver]
2017/09/14 23:26:30 [3172] rsync error: error in rsync protocol data stream (code 12) at io.c(605) [Receiver=3.0.9]
2017/09/14 23:50:03 [3395] name lookup failed for 192.168.202.132: Name or service not known
2017/09/14 23:50:03 [3395] connect from UNKNOWN (192.168.202.132)
2017/09/14 23:50:09 [3395] auth failed on module test from unknown (192.168.202.132): unauthorized user
2017/09/14 23:50:51 [3402] name lookup failed for 192.168.202.132: Name or service not known
2017/09/14 23:50:51 [3402] connect from UNKNOWN (192.168.202.132)
2017/09/14 23:53:27 [3402] auth failed on module test from unknown (192.168.202.132): unauthorized user
2017/09/14 23:53:30 [3414] name lookup failed for 192.168.202.132: Name or service not known
2017/09/14 23:53:30 [3414] connect from UNKNOWN (192.168.202.132)
2017/09/14 15:53:30 [3414] rsync to test/aming-02.txt from unknown (192.168.202.132)
2017/09/14 15:53:30 [3414] receiving file list
2017/09/14 15:53:30 [3414] sent 54 bytes received 1489 bytes total size 1397
2017/09/14 23:56:16 [3424] name lookup failed for 192.168.202.132: Name or service not known
2017/09/14 23:56:16 [3424] connect from UNKNOWN (192.168.202.132)
2017/09/14 15:56:16 [3424] rsync on test/aming-02.txt from unknown (192.168.202.132)
2017/09/14 15:56:16 [3424] building file list
2017/09/14 15:56:16 [3424] sent 1519 bytes received 46 bytes total size 1397
[root@aminglinux-001 ~]#
```
- log file:指定日志文件。
- pid file:指定pid文件,这个文件的作用涉及服务的启动、停止等进程管理操作。
- address:指定启动rsyncd服务的IP。假如你的机器有多个IP,就可以指定由其中一个启动rsyncd服务,如果不指定该参数,默认是在全部IP上启动。
[]:指定模块名(刚刚用的test),里面内容自定义。
- path:指定数据存放的路径。(我们指定了/tmp/rsync)
- use chroot true|false:表示在传输文件前首先chroot到path参数所指定的目录下。这样做的原因是实现额外的安全防护,但缺点是需要以roots权限,并且不能备份指向外部的符号连接所指向的目录文件。默认情况下chroot值为true,如果你的数据当中有软连接文件,阿铭建议你设置成false。
- 实例
- 创建一个软链接文件12.txt 在rsync 下面
```
[root@aminglinux-001 ~]# cd /tmp/rsync/
[root@aminglinux-001 rsync]# ls
aming-02.txt
[root@aminglinux-001 rsync]# ln -s /etc/passwd ./12.txt
[root@aminglinux-001 rsync]# ls -l
总用量 4
lrwxrwxrwx 1 root root 11 9月 15 00:04 12.txt -> /etc/passwd
-rw-r--r-- 1 root root 1397 9月 3 14:37 aming-02.txt
[root@aminglinux-001 rsync]#
```
- 在终端2下
```
[root@aminglinux-02 ~]# rsync -avP 192.168.202.130::test/ /tmp/test/
receiving incremental file list
./
12.txt -> /etc/passwd
sent 32 bytes received 115 bytes 294.00 bytes/sec
total size is 1408 speedup is 9.58
[root@aminglinux-02 ~]#
[root@aminglinux-02 ~]# ls -l /tmp/test
总用量 4
lrwxrwxrwx. 1 root root 11 9月 15 00:04 12.txt -> /etc/passwd
-rw-r--r--. 1 root root 1397 9月 3 14:37 aming-02.txt
[root@aminglinux-02 ~]#
```
- 这是没问题的,同步完成了
- 先把 tem/test 里面文件删掉, 再来同步
```
[root@aminglinux-02 ~]# rm -rf /tmp/test
[root@aminglinux-02 ~]# rsync -avLP 192.168.202.130::test/ /tmp/test/
receiving incremental file list
symlink has no referent: "/12.txt" (in test)
created directory /tmp/test
./
aming-02.txt
1397 100% 1.33MB/s 0:00:00 (xfer#1, to-check=0/2)
sent 48 bytes received 1572 bytes 3240.00 bytes/sec
total size is 1397 speedup is 0.86
rsync error: some files/attrs were not transferred (see previous errors) (code 23) at main.c(1518) [generator=3.0.9]
[root@aminglinux-02 ~]#
```
- 现在报错了,没有同步,那我们来看看日志
```
[root@aminglinux-001 rsync]# cat /var/log/rsync.log
2017/09/14 22:26:50 [2927] rsyncd version 3.0.9 starting, listening on port 873
2017/09/14 22:56:55 [3172] name lookup failed for 192.168.202.132: Name or service not known
2017/09/14 22:56:55 [3172] connect from UNKNOWN (192.168.202.132)
2017/09/14 23:26:30 [3172] rsync: connection unexpectedly closed (0 bytes received so far) [Receiver]
2017/09/14 23:26:30 [3172] rsync error: error in rsync protocol data stream (code 12) at io.c(605) [Receiver=3.0.9]
2017/09/14 23:50:03 [3395] name lookup failed for 192.168.202.132: Name or service not known
2017/09/14 23:50:03 [3395] connect from UNKNOWN (192.168.202.132)
2017/09/14 23:50:09 [3395] auth failed on module test from unknown (192.168.202.132): unauthorized user
2017/09/14 23:50:51 [3402] name lookup failed for 192.168.202.132: Name or service not known
2017/09/14 23:50:51 [3402] connect from UNKNOWN (192.168.202.132)
2017/09/14 23:53:27 [3402] auth failed on module test from unknown (192.168.202.132): unauthorized user
2017/09/14 23:53:30 [3414] name lookup failed for 192.168.202.132: Name or service not known
2017/09/14 23:53:30 [3414] connect from UNKNOWN (192.168.202.132)
2017/09/14 15:53:30 [3414] rsync to test/aming-02.txt from unknown (192.168.202.132)
2017/09/14 15:53:30 [3414] receiving file list
2017/09/14 15:53:30 [3414] sent 54 bytes received 1489 bytes total size 1397
2017/09/14 23:56:16 [3424] name lookup failed for 192.168.202.132: Name or service not known
2017/09/14 23:56:16 [3424] connect from UNKNOWN (192.168.202.132)
2017/09/14 15:56:16 [3424] rsync on test/aming-02.txt from unknown (192.168.202.132)
2017/09/14 15:56:16 [3424] building file list
2017/09/14 15:56:16 [3424] sent 1519 bytes received 46 bytes total size 1397
2017/09/15 00:06:19 [3494] name lookup failed for 192.168.202.132: Name or service not known
2017/09/15 00:06:19 [3494] connect from UNKNOWN (192.168.202.132)
2017/09/14 16:06:19 [3494] rsync on test/aming-02.txt from unknown (192.168.202.132)
2017/09/14 16:06:19 [3494] building file list
2017/09/14 16:06:19 [3494] sent 1519 bytes received 46 bytes total size 1397
2017/09/15 00:08:04 [3496] name lookup failed for 192.168.202.132: Name or service not known
2017/09/15 00:08:04 [3496] connect from UNKNOWN (192.168.202.132)
2017/09/14 16:08:04 [3496] rsync on test/ from unknown (192.168.202.132)
2017/09/14 16:08:04 [3496] building file list
2017/09/14 16:08:04 [3496] sent 130 bytes received 33 bytes total size 1408
2017/09/15 00:12:06 [3509] name lookup failed for 192.168.202.132: Name or service not known
2017/09/15 00:12:06 [3509] connect from UNKNOWN (192.168.202.132)
2017/09/14 16:12:06 [3509] rsync on test/ from unknown (192.168.202.132)
2017/09/14 16:12:06 [3509] building file list
2017/09/14 16:12:06 [3509] symlink has no referent: "/12.txt" (in test)
[root@aminglinux-001 rsync]#
```
- 2017/09/14 16:12:06 [3509] symlink has no referent: "/12.txt" (in test)
- 去终端2上 没有同步过来,只有一个aming-02.txt,
```
[root@aminglinux-02 ~]# ls -l /tmp/test/
总用量 4
-rw-r--r--. 1 root root 1397 9月 3 14:37 aming-02.txt
[root@aminglinux-02 ~]#
```
- 为什么没同步过来,就是因为这个文件 这里use chroot=true 了
```
[root@aminglinux-001 rsync]# cat /etc/rsyncd.conf
# /etc/rsyncd: configuration file for rsync daemon mode
# See rsyncd.conf man page for more options.
# configuration example:
# uid = nobody
# gid = nobody
# use chroot = yes
# max connections = 4
# pid file = /var/run/rsyncd.pid
# exclude = lost+found/
# transfer logging = yes
# timeout = 900
# ignore nonreadable = yes
# dont compress = *.gz *.tgz *.zip *.z *.Z *.rpm *.deb *.bz2
# [ftp]
# path = /home/ftp
# comment = ftp export area
port=8730
log file=/var/log/rsync.log
pid file=/var/run/rsyncd.pid
address=192.168.202.130
[test]
path=/tmp/rsync
use chroot=true
max connections=4
read only=no
list=true
uid=root
gid=root
#auth users=test
#secrets file=/etc/rsyncd.passwd
hosts allow=192.168.202.132
[root@aminglinux-001 rsync]#
```
- 把上面 use chroot=true 改成 chroot=false
```
[root@aminglinux-001 rsync]# vim /etc/rsyncd.conf
# /etc/rsyncd: configuration file for rsync daemon mode
# See rsyncd.conf man page for more options.
# configuration example:
# uid = nobody
# gid = nobody
# use chroot = yes
# max connections = 4
# pid file = /var/run/rsyncd.pid
# exclude = lost+found/
# transfer logging = yes
# timeout = 900
# ignore nonreadable = yes
# dont compress = *.gz *.tgz *.zip *.z *.Z *.rpm *.deb *.bz2
# [ftp]
# path = /home/ftp
# comment = ftp export area
port=8730
log file=/var/log/rsync.log
pid file=/var/run/rsyncd.pid
address=192.168.202.130
[test]
path=/tmp/rsync
use chroot=false
-- 插入 --
```
- 改好了之后,chroot 是不需要重启服务的 ,端口是不会变得
```
[root@aminglinux-001 rsync]# netstat -lnpt
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1085/sshd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1523/master
tcp 0 0 192.168.202.130:873 0.0.0.0:* LISTEN 2927/rsync
tcp6 0 0 :::22 :::* LISTEN 1085/sshd
tcp6 0 0 ::1:25 :::* LISTEN 1523/master
[root@aminglinux-001 rsync]#
```
- 再去终端2 同步下
```
[root@aminglinux-02 ~]# rsync -avLP 192.168.202.130::test/ /tmp/test/
receiving incremental file list
12.txt
1397 100% 1.33MB/s 0:00:00 (xfer#1, to-check=1/3)
sent 45 bytes received 1529 bytes 3148.00 bytes/sec
total size is 2794 speedup is 1.78
[root@aminglinux-02 ~]#
[root@aminglinux-02 ~]# ls -l /tmp/test/
总用量 8
-rw-r--r--. 1 root root 1397 9月 3 14:37 12.txt
-rw-r--r--. 1 root root 1397 9月 3 14:37 aming-02.txt
[root@aminglinux-02 ~]#
```
- 现在12.txt 就同步过来了,就是因为改了那个地方 chroot=false 这就是它的作用
# 10.33 rsync 通过服务同步 下
- 下面我们来重新启动它 ,把端口改一下
```
[root@aminglinux-001 rsync]# killall rsync
rsync: no process found
[root@aminglinux-001 rsync]# ps aux |grep rsync
root 2356 0.0 0.0 112664 972 pts/0 R+ 22:54 0:00 grep --color=auto rsync
[root@aminglinux-001 rsync]# rsync --daemon
[root@aminglinux-001 rsync]# !ps
ps aux |grep rsync
root 2366 0.0 0.0 114644 552 ? Ss 22:54 0:00 rsync --daemon
root 2368 0.0 0.0 112664 976 pts/0 R+ 22:55 0:00 grep --color=auto rsync
[root@aminglinux-001 rsync]#
[root@aminglinux-001 rsync]# !net
netstat -lnpt
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1141/sshd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1560/master
tcp 0 0 192.168.202.130:8730 0.0.0.0:* LISTEN 2366/rsync
tcp6 0 0 :::22 :::* LISTEN 1141/sshd
tcp6 0 0 ::1:25 :::* LISTEN 1560/master
[root@aminglinux-001 rsync]#
```
- 现在变成了 8730
- 再去客户端 终端2 下面 同步报错,了,因为873 端口根本就没有开放,所以要制定端口号为8730
```
[root@aminglinux-02 ~]# rsync -avLP 192.168.202.130::test/
rsync: failed to connect to 192.168.202.130 (192.168.202.130): No route to host (113)
rsync error: error in socket IO (code 10) at clientserver.c(122) [Receiver=3.0.9]
[root@aminglinux-02 ~]#
```
- --port 8730 制定端口号为8730
- 如果不成功就看下iptables -nvL 查看规则,记得systemctl stop firewalld 服务关掉,服务端客户端都是的
```
[root@aminglinux-02 ~]# rsync -avLP --port 8730 192.168.202.130::test/ /tmp/test/
receiving incremental file list
sent 26 bytes received 89 bytes 230.00 bytes/sec
total size is 2794 speedup is 24.30
[root@aminglinux-02 ~]#
```
- max connections:指定最大的连接数,默认是0,即没有限制。
- read only ture|false:如果为true,则不能上传到该模块指定的路径下。
- 后面不跟模块名 ,它就会自动把模块名列出来
```
[root@aminglinux-02 ~]# rsync --port=8730 192.168.202.130::
test
[root@aminglinux-02 ~]#
```
- 打开服务端终端1 vi /etc/rsyncd.conf 把lish=true 改成 false ,list=false 再来看下
```
[root@aminglinux-001 rsync]# vi /etc/rsyncd.conf
# [ftp]
# path = /home/ftp
# comment = ftp export area
port=8730
log file=/var/log/rsync.log
pid file=/var/run/rsyncd.pid
address=192.168.202.130
[test]
path=/tmp/rsync
use chroot=false
max connections=4
read only=no
list=false
uid=root
gid=root
#auth users=test
#secrets file=/etc/rsyncd.passwd
hosts allow=192.168.202.132
:wq
```
- 再来看下客户端 ,没有了模块名,
- 其实这个是一个安全选项,因为如果你要把模块名暴露可见的,如果你也没做其他安全限制,没有限制ip ,那对方就可以跟模块名,在你的文件里面 目录里面写数据,如果是网站上很重要的一个目录,还能够在线上能访问,它就给你上传一个***文件,执行后,你的机器就被黑了,所以可以改成false
```
[root@aminglinux-02 ~]# rsync --port=8730 192.168.202.130::
[root@aminglinux-02 ~]#
```
- list:表示当用户查询该服务器上的可用模块时,该模块是否被列出,设定为true则列出,false则隐藏。
- uid/gid:指定传输文件时以哪个用户/组的身份传输。
- uid gid 都是root ,所以在传输的时候 ,它的身份也是root
```
[root@aminglinux-001 rsync]# ls -l /tmp/rsync/
总用量 4
lrwxrwxrwx 1 root root 11 9月 15 00:04 12.txt -> /etc/passwd
-rw-r--r-- 1 root root 1397 9月 3 14:37 aming-02.txt
[root@aminglinux-001 rsync]#
```
- 把它删掉,删完之后重新定义uid gid 改为nobody (这是一个系统权限很小的用户)
```
[root@aminglinux-001 rsync]# vim /etc/rsyncd.conf
port=8730
log file=/var/log/rsync.log
pid file=/var/run/rsyncd.pid
address=192.168.202.130
[test]
path=/tmp/rsync
use chroot=false
max connections=4
read only=no
list=false
uid=nobody
gid=nobody
#auth users=test
#secrets file=/etc/rsyncd.passwd
hosts allow=192.168.202.132
:wq
[root@aminglinux-001 rsync]# vim /etc/rsyncd.conf
[root@aminglinux-001 rsync]# id nobody
uid=99(nobody) gid=99(nobody) 组=99(nobody)
[root@aminglinux-001 rsync]#
```
- 再来客户端 终端2 同步下, 提示 Operation not permitted
```
[root@aminglinux-02 ~]# rsync -avP /tmp/test/ --port 8730 192.168.202.130::test/
sending incremental file list
./
rsync: failed to set times on "." (in test): Operation not permitted (1)
12.txt
1397 100% 0.00kB/s 0:00:00 (xfer#1, to-check=1/3)
aming-02.txt
1397 100% 1.33MB/s 0:00:00 (xfer#2, to-check=0/3)
sent 2941 bytes received 49 bytes 5980.00 bytes/sec
total size is 2794 speedup is 0.93
rsync error: some files/attrs were not transferred (see previous errors) (code 23) at main.c(1052) [sender=3.0.9]
[root@aminglinux-02 ~]#
```
- Operation not permitted 因为权限不够,nobody 写不了
```
[root@aminglinux-001 rsync]# id nobody
uid=99(nobody) gid=99(nobody) 组=99(nobody)
[root@aminglinux-001 rsync]# ls -ld
drwxrwxrwx 2 root root 40 9月 15 23:31 .
[root@aminglinux-001 rsync]#
```
- 所以还需要改成root
```
[root@aminglinux-001 rsync]# vim /etc/rsyncd.conf
port=8730
log file=/var/log/rsync.log
pid file=/var/run/rsyncd.pid
address=192.168.202.130
[test]
path=/tmp/rsync
use chroot=false
max connections=4
read only=no
list=false
uid=root
gid=root
#auth users=test
#secrets file=/etc/rsyncd.passwd
hosts allow=192.168.202.132
:wq
```
- 再去客户端终端2 更新下,就可以写了
```
[root@aminglinux-02 ~]# rsync -avP /tmp/test/ --port 8730 192.168.202.130::test/
sending incremental file list
./
sent 67 bytes received 17 bytes 168.00 bytes/sec
total size is 2794 speedup is 33.26
[root@aminglinux-02 ~]#
[root@aminglinux-001 rsync]# ls -l
总用量 8
-rw-r--r-- 1 root root 1397 9月 3 14:37 12.txt
-rw-r--r-- 1 root root 1397 9月 3 14:37 aming-02.txt
[root@aminglinux-001 rsync]#
```
- auth users:指定传输时要使用的用户名。
- secrets file:指定密码文件,该参数连同上面的参数如果不指定,则不使用密码验证。注意该密码文件的权限一定要是600。格式:用户名:密码
- 把密码文件注释部分给取消
auth users=test
secrets file=/etc/rsyncd.passwd
- 密码文件
- 权限改为600
```
port=8730
log file=/var/log/rsync.log
pid file=/var/run/rsyncd.pid
address=192.168.202.130
[test]
path=/tmp/rsync
use chroot=false
max connections=4
read only=no
list=false
uid=root
gid=root
auth users=test
secrets file=/etc/rsyncd.passwd
hosts allow=192.168.202.132
:wq
[root@aminglinux-001 rsync]# vim /etc/rsyncd.passwd
test:aming
~
~
:wq
[root@aminglinux-001 rsync]# chmod 600 /etc/rsyncd.passwd
```
- 再去客户端 终端2 同步下
```
[root@aminglinux-02 ~]# rsync -avP /tmp/test/ --port 8730 test@192.168.202.130::test/
Password:
sending incremental file list
sent 58 bytes received 8 bytes 18.86 bytes/sec
total size is 2794 speedup is 42.33
[root@aminglinux-02 ~]#
```
- 加个文件 ,再来同步 1.txt 同步了
```
[root@aminglinux-02 ~]# touch /tmp/test/1.txt
[root@aminglinux-02 ~]# rsync -avP /tmp/test/ --port 8730 test@192.168.202.130::test/
Password:
sending incremental file list
./
1.txt
0 100% 0.00kB/s 0:00:00 (xfer#1, to-check=2/4)
sent 114 bytes received 30 bytes 96.00 bytes/sec
total size is 2794 speedup is 19.40
[root@aminglinux-02 ~]#
```
- 这个就是在传输的时候 指定用户密码,密码需要手动写,发现手动输入密码 写在脚本里不好,需要和用户打交道,交互的时候可以输入用户名密码,但是写到shell 脚本里, 要备份数据库,每天都要备份,很麻烦,
- 所以还有一个办法,在客户端 终端2 也定义一个密码文件
```
[root@aminglinux-02 ~]# vi /etc/rsync_pass.txt
aming
~
:wq
```
- 只写一个密码就行,这个和服务端那个密码文件格式不一样,客户端只写一个密码就行了,权限改成600
```
[root@aminglinux-02 ~]# chmod 600 /etc/rsync_pass.txt
[root@aminglinux-02 ~]# rsync -avP /tmp/test/ --port 8730 --password-file=/etc/rsync_pass.txt test@192.168.202.130::test/
sending incremental file list
sent 72 bytes received 8 bytes 160.00 bytes/sec
total size is 2794 speedup is 34.92
[root@aminglinux-02 ~]#
```
- 看现在是不是没有输入密码,再来创建一个文件,再同步看下2.txt同步了,这样就可以不用输入密码了
```
[root@aminglinux-02 ~]# touch /tmp/test/2.txt
[root@aminglinux-02 ~]# rsync -avP /tmp/test/ --port 8730 --password-file=/etc/rsync_pass.txt test@192.168.202.130::test/
sending incremental file list
./
2.txt
0 100% 0.00kB/s 0:00:00 (xfer#1, to-check=1/5)
sent 128 bytes received 30 bytes 316.00 bytes/sec
total size is 2794 speedup is 17.68
[root@aminglinux-02 ~]#
```
- [x] 当设置了auth users和secrets file后,客户端连服务端也需要用用户名密码了,若想在命令行中带上密码,可以设定一个密码文件
- rsync -avL test@192.168.133.130::test/test1/ /tmp/test8/ --password-file=/etc/pass
其中/etc/pass内容就是一个密码,权限要改为600
- hosts allow:表示被允许连接该模块的主机,可以是IP或者网段,如果是多个,中间用空格隔开。
- 用来定义你允许哪些机器去做同步,推,拉逗号,总得有一个机器连接你,这个选项,就是定义允许谁,哪个机器过来连他,如果是多个ip 那就写空格隔开 hosts allow=192.168.202.130 1.1.1.1 2.2.2.2 页可以写ip段192.168.202.0/24
# 10.34 linux 系统日志
- 很多报错都是需要去查看日志,日志里会有信息,看日志非常的重要
- /var/log/messages
```
[root@aminglinux-001 ~]# ls /var/log/messages
/var/log/messages
[root@aminglinux-001 ~]# less !$
less /var/log/messages
[root@aminglinux-001 ~]#
[root@aminglinux-001 ~]# du -sh !$
du -sh /var/log/messages
2.5M /var/log/messages
[root@aminglinux-001 ~]# ls /var/log/messages*
/var/log/messages /var/log/messages-20170829 /var/log/messages-20170910
/var/log/messages-20170820 /var/log/messages-20170903
```
- /etc/logrotate.conf 日志切割配置文件
```
[root@aminglinux-001 ~]# cat /etc/logrotate.conf
# see "man logrotate" for details
# rotate log files weekly
weekly (每周切割一次)
# keep 4 weeks worth of backlogs
rotate 4 (保留4个)
# create new (empty) log files after rotating old ones
create (切割完了之后 创建一个新的文件)
# use date as a suffix of the rotated file
dateext
# uncomment this if you want your log files compressed
#compress (压缩)
# RPM packages drop log rotation information into this directory
include /etc/logrotate.d (这个目录下面还有一些配置文件)
# no packages own wtmp and btmp -- we'll rotate them here
/var/log/wtmp {
monthly
create 0664 root utmp
minsize 1M
rotate 1
}
/var/log/btmp {
missingok
monthly
create 0600 root utmp (指定权限 ,属主属组)
rotate 1
}
# system-specific logs may be also be configured here.
[root@aminglinux-001 ~]#
```
```
[root@aminglinux-001 ~]# ls /etc/logrotate.d
chrony ppp syslog wpa_supplicant yum
[root@aminglinux-001 ~]# cat /etc/logrotate.d/syslog
/var/log/cron
/var/log/maillog
/var/log/messages
/var/log/secure
/var/log/spooler
{
missingok
sharedscripts
postrotate
/bin/kill -HUP `cat /var/run/syslogd.pid 2> /dev/null` 2> /dev/null || true
endscript
}
[root@aminglinux-001 ~]#
```
- 参考https://my.oschina.net/u/2000675/blog/908189
- dmesg命令
- 这个命令回车之后 ,会把系统里面的硬件相关的日志列出来,这个日志保存在内存中,并不是一个文件,假如硬盘损坏了,网卡有问题了,都会记录在这里,除了看var/log/messages 还要查看硬件的故障,错误,
- 命令dmesg -c 把这些日志先清空掉(再重启系统又会生成这些日志)
- /var/log/dmesg 日志文件,这个日志和 命令dmesg 没有关联
- last命令,调用的文件/var/log/wtmp
```
[root@aminglinux-001 ~]# last
root pts/1 192.168.202.1 Sat Sep 16 20:19 - 20:19 (00:00)
root pts/0 192.168.202.1 Sat Sep 16 20:19 still logged in
root tty1 Sat Sep 16 20:18 still logged in
reboot system boot 3.10.0-514.el7.x Sat Sep 16 20:14 - 20:40 (00:25)
root pts/0 192.168.202.1 Fri Sep 15 22:47 - 00:35 (01:48)
root tty1 Fri Sep 15 22:46 - 00:36 (01:49)
reboot system boot 3.10.0-514.el7.x Fri Sep 15 22:46 - 00:36 (01:49)
root pts/0 192.168.202.1 Thu Sep 14 21:00 - crash (1+01:46)
root tty1 Thu Sep 14 20:59 - 00:27 (03:28)
reboot system boot 3.10.0-514.el7.x Thu Sep 14 20:51 - 00:36 (1+03:44)
[root@aminglinux-001 ~]# ls /var/log/wtmp
/var/log/wtmp
[root@aminglinux-001 ~]#
```
- lastb命令查看登录失败的用户,对应的文件时/var/log/btmp 这个也是不能直接cat 的,它是一个二进制的文件
```
[root@aminglinux-001 ~]# ls /var/log/btmp
/var/log/btmp
[root@aminglinux-001 ~]#
```
- /var/log/secure 安全日志
```
[root@aminglinux-001 ~]# ls /var/log/secure
/var/log/secure
[root@aminglinux-001 ~]#
```
- 实验,客户端2 尝试登录 服务端 1
- 1.先设置一个动态查看/var/log/secure/文件
```
[root@aminglinux-001 ~]# tail -f /var/log/secure
Sep 16 20:15:13 aminglinux-001 polkitd[481]: Acquired the name org.freedesktop.PolicyKit1 on the system bus
Sep 16 20:15:49 aminglinux-001 sshd[1073]: Server listening on 0.0.0.0 port 22.
Sep 16 20:15:49 aminglinux-001 sshd[1073]: Server listening on :: port 22.
Sep 16 20:18:51 aminglinux-001 login: pam_unix(login:session): session opened for user root by LOGIN(uid=0)
Sep 16 20:18:51 aminglinux-001 login: ROOT LOGIN ON tty1
Sep 16 20:19:09 aminglinux-001 sshd[2317]: Accepted publickey for root from 192.168.202.1 port 49438 ssh2: RSA 62:b0:d7:04:7d:c9:3c:ba:5b:e0:e8:e9:dd:c6:db:7b
Sep 16 20:19:09 aminglinux-001 sshd[2317]: pam_unix(sshd:session): session opened for user root by (uid=0)
Sep 16 20:19:17 aminglinux-001 sshd[2340]: Accepted publickey for root from 192.168.202.1 port 49439 ssh2: RSA 62:b0:d7:04:7d:c9:3c:ba:5b:e0:e8:e9:dd:c6:db:7b
Sep 16 20:19:17 aminglinux-001 sshd[2340]: pam_unix(sshd:session): session opened for user root by (uid=0)
Sep 16 20:19:21 aminglinux-001 sshd[2340]: pam_unix(sshd:session): session closed for user root
```
- 2.再去终端2 尝试登录 服务端1
```
[root@aminglinux-02 ~]# ssh 192.168.202.130
Last login: Sat Sep 16 20:19:17 2017 from 192.168.202.1
```
- 服务端1 有更新信息
```
Sep 16 20:51:55 aminglinux-001 sshd[2585]: Accepted publickey for root from 192.168.202.132 port 35894 ssh2: RSA 8f:33:a7:03:62:b6:5a:56:34:42:b4:e9:e9:1a:e1:e8
Sep 16 20:51:55 aminglinux-001 sshd[2585]: pam_unix(sshd:session): session opened for user root by (uid=0)
```
- 这时候把秘钥清掉
```
[root@aminglinux-001 ~]# vi .ssh/authorized_keys
##aming-02
#ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDK5yZBSsOsWDn3jXFScS6JiYsQGY3kFcd***A1v0+DjeVdKy2SVCCrNWc23HRDxJpoVw88Y67pzj/raU/aSrk1FSYdWoiAaDhqshw+8dJ39qMaMdHkmuBzzHpGNNxCLAGvDPBxA+taPeoUIqElAgd3g/uuhic+anZOVVlIEwBUQV20qmWwzYKYXI3ASL8r5rujE5MVAVtQvrrq/5VHC/0YpGndBtVWUOAte0AnpZyEIDqlBDepvcsno25hk8sONQq4XGl3vI672fgxxDoaWgfgKuiKukftMDZehCURkEqLUD3SJKcKYlvcW04vbQ7N3tNMXxsBYM1SoD5C8zZkY/GX root@aminglinux-0
~
~
:wq
```
- 再来看
```
[root@aminglinux-001 ~]# vi .ssh/authorized_keys
[root@aminglinux-001 ~]# tail -f /var/log/secure
Sep 16 20:15:49 aminglinux-001 sshd[1073]: Server listening on :: port 22.
Sep 16 20:18:51 aminglinux-001 login: pam_unix(login:session): session opened for user root by LOGIN(uid=0)
Sep 16 20:18:51 aminglinux-001 login: ROOT LOGIN ON tty1
Sep 16 20:19:09 aminglinux-001 sshd[2317]: Accepted publickey for root from 192.168.202.1 port 49438 ssh2: RSA 62:b0:d7:04:7d:c9:3c:ba:5b:e0:e8:e9:dd:c6:db:7b
Sep 16 20:19:09 aminglinux-001 sshd[2317]: pam_unix(sshd:session): session opened for user root by (uid=0)
Sep 16 20:19:17 aminglinux-001 sshd[2340]: Accepted publickey for root from 192.168.202.1 port 49439 ssh2: RSA 62:b0:d7:04:7d:c9:3c:ba:5b:e0:e8:e9:dd:c6:db:7b
Sep 16 20:19:17 aminglinux-001 sshd[2340]: pam_unix(sshd:session): session opened for user root by (uid=0)
Sep 16 20:19:21 aminglinux-001 sshd[2340]: pam_unix(sshd:session): session closed for user root
Sep 16 20:51:55 aminglinux-001 sshd[2585]: Accepted publickey for root from 192.168.202.132 port 35894 ssh2: RSA 8f:33:a7:03:62:b6:5a:56:34:42:b4:e9:e9:1a:e1:e8
Sep 16 20:51:55 aminglinux-001 sshd[2585]: pam_unix(sshd:session): session opened for user root by (uid=0)
```
- 再去客户端2 尝试登录服务端1 故意把密码输错
```
[root@aminglinux-001 ~]# 登出
[root@aminglinux-02 ~]# ssh 192.168.202.130
root@192.168.202.130's password:
Permission denied, please try again.
root@192.168.202.130's password:
再去服务端1 看下文件,发现多了几行信息
Sep 16 20:57:49 aminglinux-001 sshd[2585]: Received disconnect from 192.168.202.132: 11: disconnected by user
Sep 16 20:57:49 aminglinux-001 sshd[2585]: pam_unix(sshd:session): session closed for user root
Sep 16 20:58:11 aminglinux-001 sshd[2665]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.202.132 user=root
Sep 16 20:58:11 aminglinux-001 sshd[2665]: pam_succeed_if(sshd:auth): requirement "uid >= 1000" not met by user "root"
Sep 16 20:58:13 aminglinux-001 sshd[2665]: Failed password for root from 192.168.202.132 port 35898 ssh2
```
# 10.35 screen 工具
- 虚拟的一个屏幕,可以认为是一个虚拟的终端
- 为了不让一个任务意外中断
- nohup command &
- 现在有个需求,执行一个脚本,这个脚本执行时间很长,可能一天一夜,而且这个脚本会输出一些东西出来,意味着这个脚本不能中途中断, 我们登录服务器是网络操作的,如果网络中段, 为了保证一天一夜的脚本不能中断,为了保证中途不出差错,但是我们不敢保证,因为我不可能一天一夜不睡觉,
- 有俩个办法,第一个办法 把这个任务丢到后台去,加个日志的输出,虽然没有输出到屏幕上,输出到日志里也可以,
- 执行命令 加上 日志 加上& ,(命 令 nohup command & ) 丢到后台去,即使你的终端断开,它依然会在后台执行
- 虽然解决了防止任务中断 的问题,但是没有办法实时查看任务输出的东西,毕竟在后台,是可以写一个日志,但是能不能保证写在屏幕上输出的内容看到呢?
- 有没有一种终端 让我们的任务一直执行,随时把这个终端退出,临时放到后台去也可以,随时想调回来也可以,这个工具就是screen , 说白了就是虚拟终端,可以在退出远程终端pts 1 pts0 远程终端之前, 先把这个screen 丢到后台去,随时用 随时调出来
- screen是一个虚拟终端
- 首先安装screen命令, yum install -y screen
```
[root@aminglinux-001 ~]# yum install -y screen
已加载插件:fastestmirror
base | 3.6 kB 00:00:00
epel/x86_64/metalink | 6.5 kB 00:00:00
epel | 4.3 kB 00:00:00
已安装:
screen.x86_64 0:4.1.0-0.23.20120314git3c2946.el7_2
完毕!
[root@aminglinux-001 ~]#
```
- 安装完之后,screen直接回车就进入了虚拟终端
-
- ctral a组合键再按d退出虚拟终端,但不是结束
- screen -ls 查看虚拟终端列表
```
[root@aminglinux-001 ~]# screen
[detached from 2822.pts-0.aminglinux-001]
[root@aminglinux-001 ~]# screen -ls
There is a screen on:
2822.pts-0.aminglinux-001 (Detached)
1 Socket in /var/run/screen/S-root.
[root@aminglinux-001 ~]#
```
- 想要回去看下
- screen -r id 进入指定的终端
```
[root@aminglinux-001 ~]# screen -r 2822
[screen is terminating]
[root@aminglinux-001 ~]# screen -ls
No Sockets found in /var/run/screen/S-root.
[root@aminglinux-001 ~]#
```
- 现在弄三个screen
```
[root@aminglinux-001 ~]# screen
[detached from 2854.pts-0.aminglinux-001]
[root@aminglinux-001 ~]# screen
[detached from 2871.pts-0.aminglinux-001]
[root@aminglinux-001 ~]# screen
[detached from 2888.pts-0.aminglinux-001]
[root@aminglinux-001 ~]# screen -ls
There are screens on:
2888.pts-0.aminglinux-001 (Detached)
2871.pts-0.aminglinux-001 (Detached)
2854.pts-0.aminglinux-001 (Detached)
3 Sockets in /var/run/screen/S-root.
[root@aminglinux-001 ~]#
```
- 想进其中一个 直接 screen -r id 就可以了,数字不同,后面都一样,太难区分了,不知道哪一个screen 运行了什么东西,实际上可以自定义一个名字
- 命令screen -S aming 自定义一个名字
- screen -r aming 进入得时候 加自定义的名字,也可以加id
```
[root@aminglinux-001 ~]# screen -S "test_screen"
[detached from 2942.test_screen]
[root@aminglinux-001 ~]# screen -ls
There are screens on:
2942.test_screen (Detached)
2888.pts-0.aminglinux-001 (Detached)
2871.pts-0.aminglinux-001 (Detached)
2854.pts-0.aminglinux-001 (Detached)
4 Sockets in /var/run/screen/S-root.
[root@aminglinux-001 ~]#
[root@aminglinux-001 ~]# sleep 100
[root@aminglinux-001 ~]# ^C
[root@aminglinux-001 ~]#
```
- 分别进入screen 使用命令 exit 退出screen
```
[root@aminglinux-001 ~]# screen -r 2942
[screen is terminating]
[root@aminglinux-001 ~]# screen -r 2888
[screen is terminating]
[root@aminglinux-001 ~]# screen -r 2871
[screen is terminating]
[root@aminglinux-001 ~]# screen -r 2854
[screen is terminating]
[root@aminglinux-001 ~]# screen -ls
No Sockets found in /var/run/screen/S-root.
[root@aminglinux-001 ~]#
- 扩展
1. Linux日志文件总管logrotate http://linux.cn/article-4126-1.html
2. xargs用法详解 http://blog.csdn.net/zhangfn2011/article/details/6776925
转载于:https://blog.51cto.com/ch71smas/1967274
4676
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
