1、每12小時(shí)備份并壓縮/etc/目錄至/backup目錄中童社,保存文件名稱格式為求厕,"etc-年-月-日-時(shí)-分.tar.gz"
0 */12 * * * /usr/bin/tar -jcP -f /backups/etc-$(date +\%F-\%H).tar.xz /etc
2、rpm包管理功能總結(jié)以及實(shí)例應(yīng)用演示扰楼。
程序包管理器:
源代碼 --> 目標(biāo)二進(jìn)制格式 --> 組織成為一個(gè)或有限幾個(gè)"包"文件;
安裝呀癣、升級、卸載灭抑、查詢十艾、校驗(yàn)
功能:將編譯好的應(yīng)用程序的各組成文件打包成一個(gè)或幾個(gè)程序包文件,從而更方便地實(shí)現(xiàn)程序包的安裝腾节、升級忘嫉、卸載和查詢等管理操作;
CentOS系統(tǒng)上rpm命令管理程序包:
安裝案腺、升級庆冕、卸載、查詢劈榨、和校驗(yàn)访递、數(shù)據(jù)庫維護(hù)
rpm命令:rpm [OPTIONS] [PACKAGE_FILE]
安裝:-i, --install
升級:-U, --update, -F, --feshen
卸載:-e, --erase
查詢:-q, --query
校驗(yàn):-V, --verify
數(shù)據(jù)庫維護(hù):--builddb, --initdb
安裝:
rpm {-i|--install} [install-options] PACKAGE_FILE ...
rpm -ivh PACKAGE_FILE ...
GENERAL OPTIONS
-v:verbose,詳細(xì)信息
-vv:更詳細(xì)的輸出
[install-options]:
-h:hash marks輸出進(jìn)度條;每個(gè)#表示2%的進(jìn)度同辣;
--test:測試安裝拷姿,檢查并報(bào)告依賴關(guān)系及沖突消息等;
--nodeps:忽略依賴關(guān)系旱函;不建議响巢;
注意:rpm可以自帶腳本;
四類: --noscripts
preinstall:安裝過程開始之前運(yùn)行的腳本棒妨,%pre踪古,--nopre
postinstall:安裝過程完成之后運(yùn)行的腳本,%post, --nopost
preuninstall:卸載過程真正開始執(zhí)行之前運(yùn)行的腳本券腔,%preun, --preun
postuninstall:卸載過程完成之后運(yùn)行的腳本伏穆,%postun, --nopostun
--nosignature: 不檢查包前面信息,不檢查來源合法性纷纫;
--nodigest: 不檢查包完整信息枕扫;
實(shí)例:
[root@CentOS7 Packages]# rpm -ivh zsh-5.0.2-31.el7.x86_64.rpm
Preparing... ################################# [100%]
Updating / installing...
1:zsh-5.0.2-31.el7 ################################# [100%]
升級:
rpm {-U|--upgrade} [install-options] PACKAGE_FILE ...
rpm {-F|--freshen} [install-options] PACKAGE_FILE ...
-U:升級或安裝;
-F:升級
rpm -Uvh PACKAGE_FILE ...
rpm -Fvh PACKAGE_FILE ...
--oldpackage:降級辱魁;
--force:強(qiáng)制升級铡原;
注意:(1)不要對內(nèi)核做升級操作偷厦;Linux支持多內(nèi)核版本并存,因此燕刻,直接安裝新版本內(nèi)核只泼;
(2)如果某原程序包的配置文件安裝后曾被修改過,升級時(shí)卵洗,新版本的程序提供的同一個(gè)配置文件不會覆蓋原有版本的配置文件请唱,而是吧新版本的配置文件名重命名為(FILENAME.rpmnew)后提供;
[root@CentOS7 Packages]# rpm -Uvh zsh-5.0.2-31.el7.x86_64.rpm
Preparing... ################################# [100%]
Updating / installing...
1:zsh-5.0.2-31.el7 ################################# [100%]
卸載:
rpm {-e|--erase} [--allmatches] [--justdb] [--nodeps] [--noscripts][--notriggers] [--test] PACKAGE_NAME ...
--allmatches:卸載所有匹配的指定名稱的程序包的各版本过蹂;
--nodeps:忽略依賴關(guān)系
--test:測試卸載十绑,dry run模式
[root@CentOS7 Packages]# rpm -e zsh
查詢:
rpm {-q|--query} [select-options] [query-options]
[select-options]
PACKAGE_NAME:查詢指定的程序包是否已經(jīng)安裝,及其版本酷勺;
-a, --all:查詢所有已經(jīng)安裝過的包本橙;
-f FILE: 查詢指定的文件由那個(gè)程序包生成;
-p, --package PACKAGE_FILE:用于實(shí)現(xiàn)對未安裝的程序包執(zhí)行查詢操作脆诉;
--whatprovides CAPABILITY:查詢指定的CAPABILITY由哪個(gè)程序包提供甚亭;
--whatrequires CAPABILITY:查詢指定的CAPABILITY被哪個(gè)包依賴;
[query-options]
--changelog:查詢r(jià)pm包的changelog;
-l, --list:程序安裝生成的所有文件列表击胜;
-i, --info:程序包相關(guān)的信息亏狰,版本號、大小偶摔、所屬的包組暇唾,等;
-c, --configfiles:查詢指定的程序包提供的配置文件辰斋;
-d, --docfiles:查詢指定的程序包提供的文檔策州;
--provides:列出指定的程序包提供的所有的CAPABILITY
-R,--requires:查詢指定的程序包的依賴關(guān)系宫仗;
--scripts:查看程序包自帶的腳本片段够挂;
用法:
-qi PACKAGE, -qf FILE, -qc PACKAGE, -ql PACKAGE, -qd PACKAGE
-qpi PACKAGE_FILE, -qpl PACKAGE_FILE, -qpc PACKAGE_FILE, ...
[root@CentOS7 Packages]# rpm -qpi zsh-5.0.2-31.el7.x86_64.rpm
Name : zsh
Version : 5.0.2
Release : 31.el7
Architecture: x86_64
Install Date: (not installed)
Group : System Environment/Shells
Size : 5854390
License : MIT
Signature : RSA/SHA256, Mon 12 Nov 2018 10:49:55 PM CST, Key ID 24c6a8a7f4a80eb5
Source RPM : zsh-5.0.2-31.el7.src.rpm
Build Date : Wed 31 Oct 2018 12:48:17 AM CST
Build Host : x86-01.bsys.centos.org
Relocations : (not relocatable)
Packager : CentOS BuildSystem <http://bugs.centos.org>
Vendor : CentOS
URL : http://zsh.sourceforge.net/
Summary : Powerful interactive shell
Description :
The zsh shell is a command interpreter usable as an interactive login
shell and as a shell script command processor. Zsh resembles the ksh
shell (the Korn shell), but includes many enhancements. Zsh supports
command line editing, built-in spelling correction, programmable
command completion, shell functions (with autoloading), a history
mechanism, and more.
[root@CentOS7 Packages]# rpm -qi zsh-5.0.2-31.el7.x86_64.rpm
package zsh-5.0.2-31.el7.x86_64.rpm is not installed
校驗(yàn):
rpm {-V|--verify} [select-options] [verify-options]
S file Size differs
M Mode differs (includes permissions and file type)
5 digest (formerly MD5 sum) differs
D Device major/minor number mismatch
L readLink(2) path mismatch
U User ownership differs
G Group ownership differs
T mTime differs
P caPabilities differ
包來源合法性驗(yàn)證和完整性驗(yàn)證:
來源合法性驗(yàn)證:
完整性驗(yàn)證:
獲取并導(dǎo)入信任的包制作者的秘鑰:
對于CentOS發(fā)行版來說:rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
驗(yàn)證:
(1)安裝此組織簽名的程序時(shí),會自動執(zhí)行驗(yàn)證锰什;
(2)手動驗(yàn)證:rpm -K PACKAGE_FILE
數(shù)據(jù)庫重建:
rpm管理器數(shù)據(jù)庫路徑:/var/lib/rpm/
查詢操作:通過此處的數(shù)據(jù)庫進(jìn)行;
獲取幫助:
CentOS 6: man rpm
CentOS 7:man rpmdb
rpm {--initdb|--rebuilddb} [-v] [--dbpath DIRECTORY] [--root DIRECTORY]
--initdb:初始化數(shù)據(jù)庫丁逝,當(dāng)前無任何數(shù)據(jù)庫可實(shí)現(xiàn)初始化創(chuàng)建一個(gè)新的汁胆;當(dāng)前有時(shí)不執(zhí)行任何操作;
--rebuilddb:重新構(gòu)建霜幼,通過讀取當(dāng)前系統(tǒng)上所有已經(jīng)安裝過的程序包進(jìn)行重新創(chuàng)建嫩码;
3、yum的配置和使用總結(jié)以及yum私有倉庫的創(chuàng)建罪既。
YUM:yellow dog, Yellow Update Modifier
yum repository: yum repo
存儲了眾多rpm包铸题,以及包的相關(guān)的元數(shù)據(jù)文件(放置于特點(diǎn)目錄下:repodata)
yum客戶端:
配置文件:
/etc/yum.conf: 為所有倉庫提供公共配置
/etc/yum.repos.d/*.repo: 為倉庫指向提供配置
倉庫的定義:
[repositoryID]
name=Some name for this repository
baseurl=url://path/to/repository/
enabled={1|0}
gpgcheck={1|0}
gpgkey=URL
enablegroups={1|0}
fileovermethod={roundrobin|priority}
默認(rèn)為:roundrobin, 意為隨機(jī)挑選铡恕;
cost=
默認(rèn)為1000
yum命令的用法:
yum [options] [command] [package ...]
command is one of:
- install package1 [package2] [...]
- update [package1] [package2] [...]
- update-to [package1] [package2] [...]
- update-minimal [package1] [package2] [...]
- check-update
- upgrade [package1] [package2] [...]
- upgrade-to [package1] [package2] [...]
- distribution-synchronization [package1] [package2] [...]
- remove | erase package1 [package2] [...]
- autoremove [package1] [...]
- list [...]
- info [...]
- provides | whatprovides feature1 [feature2] [...]
- clean [ packages | metadata | expire-cache | rpmdb | plugins | all ]
- makecache [fast]
- groups [...]
- search string1 [string2] [...]
- shell [filename]
- resolvedep dep1 [dep2] [...]
(maintained for legacy reasons only - use repoquery or yum provides) - localinstall rpmfile1 [rpmfile2] [...]
(maintained for legacy reasons only - use install) - localupdate rpmfile1 [rpmfile2] [...]
(maintained for legacy reasons only - use update) - reinstall package1 [package2] [...]
- downgrade package1 [package2] [...]
- deplist package1 [package2] [...]
- repolist [all|enabled|disabled]
- repoinfo [all|enabled|disabled]
- repository-packages <enabled-repoid> <install|remove|remove-or-reinstall|remove-or-distribution- synchronization> [package2] [...]
- version [ all | installed | available | group-* | nogroups* | grouplist | groupinfo ]
- history [info|list|packages-list|packages-info|summary|addon-info|redo|undo|rollback|new|sync|stats]
- load-transaction [txfile]
- updateinfo [summary | list | info | remove-pkgs-ts | exclude-updates | exclude-all | check-running-kernel]
- fssnapshot [summary | list | have-space | create | delete]
- fs [filters | refilter | refilter-cleanup | du]
- check
- help [command]
顯示倉庫列表:
repolist [all|enabled|disabled]
顯示程序包:
list
# yum list [all | glob_exp1] [glob_exp2] [...]
# yum list {available|installed|updates} [glob_exp1] [...]
安裝程序包:
install package1 [package2] [...]
reinstall package1 [package2] ...
升級程序包:
update [package1] [package2] [...]
downgrade package1 [package2] [...] (降級)
檢查可用升級:
check-update
卸載程序包:
remove | erase package1 [package2] [...]
查看程序包information:
info [...]
查看指定的特性(可以是某文件)是由哪個(gè)程序包所提供:
provides | whatprovides feature1 [feature2] [...]
清理本地緩存:
clean [packages | metadata | expire-cache | rpmdb |plugins | all]
構(gòu)建緩存:
makecache
搜索:
search string1 [string2] [...]
以指定的關(guān)鍵字搜索程序包名及summary信息;
查看指定包所依賴的capabilities:
deplist package1 [package2] [...]
查看yum事務(wù)歷史:
- history [info|list|packages-list|packages-info|summary|addon-info|redo|undo|rollback|new|sync|stats]
安裝及升級本地程序包:
- localinstall rpmfile1 [rpmfile2] [...]
(maintained for legacy reasons only - use install) - localupdate rpmfile1 [rpmfile2] [...]
(maintained for legacy reasons only - use update)
包組管理相關(guān)命令:
- groups [...]
如何使用光盤當(dāng)做本地yum倉庫:
(1)掛載光盤至某目錄丢间,例如/media/cdrom
# mount -r -t iso9660 /dev/cdrom /media/cdrom
(2)創(chuàng)建配置文件
[CentOS7]
name=
baseurl=
gpgcheck=
enabled=
[base]
name=CentOS 7Release 7.6.1810
baseurl=file:///media/cdrom
enabled=1
gpgcheck=0
yum的命令行選項(xiàng):
--nogpgcheck: 禁止進(jìn)行g(shù)pg check;
-y: 自動回答為“yes”探熔;
-q: 靜默模式;
--disablerepo=repoidglob: 臨時(shí)禁用此處指定的repo;
--enablerepo=repoidglob: 臨時(shí)啟用此處指定的repo;
--noplugins: 禁用所有插件烘挫;
yum的repo配置文件中可用的變量:
$releasever: 當(dāng)前OS的發(fā)行版的主版本號诀艰;
$arch: 平臺;
$basearch: 基礎(chǔ)平臺饮六;
$YUM0-$YUM9
http://mirrors.magedu.com/centos/$releasever/$basearch/os
創(chuàng)建yum倉庫:
createrepo [options] <directory>
4其垄、寫一個(gè)腳本實(shí)現(xiàn)列出以下菜單給用戶:
(1)disk:show disk info信息
(2)mem: show memory info信息
(3)cpu: show cpu info信息
(*)quit
cat << EOF
disk) show disks info
mem) show memory info
cpu) show cpu info
*) QUIT
EOF
read -p "Your choice: " option
if [[ "$option" == "disk" ]]; then
fdisk -l /dev/[sh]d[a-z]
elif [[ "$option" == "mem" ]]; then
free -m
elif [[ "$option" == "cpu" ]]; then
lscpu
else
echo "Unkown option."
exit 3
fi
5、sed用法總結(jié)并結(jié)合實(shí)例演示
sed命令:
sed: Stream Editor,流編輯器卤橄。
使用方法:
sed [OPTION]... 'script' [input-file]...
常用選項(xiàng):
-n:不輸出模式空間中的內(nèi)容至屏幕绿满;
-e script:--expression=script:多點(diǎn)編輯;(sed -e 's@^#[[:space:]]*@@' -e '/^UUID/d' /etc/fstab)
-f /PATH/TO/SED_SCRIPT_FILE
每行一個(gè)編輯命令窟扑;
-r, --regexp-extended: 支持使用擴(kuò)展正則表達(dá)式喇颁;
-i[SUFFIX], --in-place[=SUFFIX]:直接編輯源文件;
地址定界:
(1) 空地址:對全文進(jìn)行處理辜膝;
(2) 單地址:
#:指定行无牵;
/pattern/:被此模式匹配到的每一行;
(3)地址范圍
#,#:
#,+#:
#,/pat1/
/pat1/,/pat2/
(4)步進(jìn):~
1~2:所有奇數(shù)行
2~2:所有偶數(shù)行
$最后一行
編輯命令:
d:刪除
p:顯示模式空間中的內(nèi)容
a \text:在行后面追加文本"text",支持使用\n實(shí)現(xiàn)多行追加厂抖;
i \text:在行前面插入文本"text",支持使用\n實(shí)現(xiàn)多行插入茎毁;
c \text:把匹配到的行替換為此處指定的文本"text";
w /PATH/TO/SOMEFILE:保存模式空間匹配到的行至指定文件中;
r /PATH/FROM/SOMEFILE:讀取指定文件的內(nèi)容至當(dāng)前文件被模式匹配到的行處忱辅;文件合并七蜘;
=:為模式匹配到的行打印行號;
i:條件區(qū)反墙懂;
地址定界橡卤!編輯命令;
s///:查找替換损搬,其分隔符可自行指定碧库,常用的有s@@@,s###等;
替換標(biāo)記:
g:全局替換巧勤;
w:/PATH/TO/SOMEFILE:將替換成功的結(jié)果保存至指定文件中嵌灰;
p:顯示替換成功的行;
實(shí)例:
1:刪除/boot/grub/grub2.cfg文件總所有以空白字符開頭的行的行首的空白字符颅悉;
[root@www scripts]# sed 's@^[[:space:]]\+@@' /etc/grub2.cfg
2:刪除/etc/fstab文件中所有以#開頭的行的行首的#號及#后面的所有空白字符沽瞭;
[root@www scripts]# sed 's@^#[[:space:]]*@@' /etc/fstab
3:輸出一個(gè)絕對路徑給sed命令,取出其目錄剩瓶,其行為類似于dirname
echo "/var/log/messages" | sed 's@[^/]\+/\?$@@'
echo "/var/log/messages" | sed -r 's@[^/]+/?$@@'
6驹溃、 用bash實(shí)現(xiàn)統(tǒng)計(jì)訪問日志文件中狀態(tài)碼大于等于400的IP數(shù)量并排序
#!/bin/bash
lines=$(wc -l /tmp/log.txt | cut -d" " -f1)
let lines+=1
#echo $lines
#echo $(head -n 1 /tmp/log.txt | tail -n 1 | cut -d" " -f9 | grep -o "[0-9]\{3\}")
for line in $(seq 1 $lines); do
code=$(head -n $line /tmp/log.txt | tail -n 1 | cut -d" " -f9 | grep -o "[0-9]\{3\}")
# echo $code
if [[ $code -ge 400 ]]; then
head -n $line /tmp/log.txt | tail -n 1 | cut -d" " -f1 >> /tmp/log400.txt
fi
done
cat /tmp/log400.txt | sort -t $'.' -k1 -n:wq
7城丧、 使用自制的yum源安裝ftp、openssh豌鹤、curl亡哄、wget、tcpdump等軟件包
cp /media/cdrom/Packages/* /tmp/Packages/
[root@CentOS7 ~]# cd /tmp/
[root@CentOS7 tmp]# createrepo /tmp/
Spawning worker 0 with 1006 pkgs
Spawning worker 1 with 1005 pkgs
Spawning worker 2 with 1005 pkgs
Spawning worker 3 with 1005 pkgs
Workers Finished
Saving Primary metadata
Saving file lists metadata
Saving other metadata
Generating sqlite DBs
Sqlite DBs complete
[root@CentOS7 tmp]# vim /etc/yum.repos.d/local.repo
[base]
name=CentOS 7Release 7.6.1810
baseurl=file:///tmp/
enabled=1
gpgcheck=0
[root@CentOS7 yum.repos.d]# yum repolist
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
repo id repo name status
base CentOS 7Release 7.6.1810 10,019
epel/7/x86_64 Fedora EPEL 13,332
repolist: 23,351
[root@CentOS7 yum.repos.d]# yum install -y ftp openssh curl wget tcpdump
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
Package openssh-7.4p1-16.el7.x86_64 already installed and latest version
Package curl-7.29.0-51.el7.x86_64 already installed and latest version
Package matching wget-1.14-18.el7.x86_64 already installed. Checking for update.
Package 14:tcpdump-4.9.2-3.el7.x86_64 already installed and latest version
Resolving Dependencies
--> Running transaction check
---> Package ftp.x86_64 0:0.17-67.el7 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
====================================================================================================================================
Package Arch Version Repository Size
====================================================================================================================================
Installing:
ftp x86_64 0.17-67.el7 base 61 k
Transaction Summary
====================================================================================================================================
Install 1 Package
Total download size: 61 k
Installed size: 96 k
Downloading packages:
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : ftp-0.17-67.el7.x86_64 1/1
Verifying : ftp-0.17-67.el7.x86_64 1/1
Installed:
ftp.x86_64 0:0.17-67.el7
Complete!
[root@CentOS7 yum.repos.d]#
