chroot, setuid() and set gid

这篇文章搜集整理了网上chroot, setuid() & set gid相关的文章。

  1. Best Practices for UNIX chroot() Operations
  2. How to break out of a chroot() jail
  3. Setuid Demystifid
  4. Introduction to Unix file permissions

如何判断一个(压缩)文件的类型,以及zcat/gzcat

恰似“一师是个好学校”,dd是个好工具——只消用它逐字copy出某个文件第一个block的内容,就可以判断出该文件的类型!!!

 

bjbldd>1> dd if=MMEgolden.tar bs=512 count=1 > dd_tmp
1+0 records in
1+0 records out
bjbldd>> file dd_tmp
dd_tmp:         USTAR tar archive
bjbldd>> dd if=varofvar bs=512 count=1 > dd_tmp
0+1 records in
0+1 records out
bjbldd>> file dd_tmp
dd_tmp:         executable /bin/ksh script
bjbldd>> dd if=Tk-804.029.tar.gz bs=512 count=1 > dd_tmp
1+0 records in
1+0 records out
bjbldd>> file dd_tmp
dd_tmp:         gzip compressed data - deflate method , original file name , max compression

 

 

另外,zcat或者gzcat是用于cat gzip压缩文件的工具,只是在不同的平台有些差异:/bin/zcat在Linux上work的很好,可是当它在Solaris上cat gzip文件的内容时,就会报错。Solaris上cat gzip文件只能用/bin/gzcat. ——就是这个小小的差异,浪费了我一天的时间!

 

跨平台的cat gzip文件的代码如下:

OS="`/bin/uname`"
if [ "${OS}" != "Linux" ]
then
	ZCAT="/bin/zcat"
else
	ZCAT="/bin/gzcat"
fi
.......
${ZCAT} ${TMPDIR}/ngn_platform.cpio.Z | /bin/cpio -idmvu  -H odc ${SAT_CPIO_FLAG}

 

貌似cpio的用法也很强大哦~

yum的proxy设置

方法一:

export http_proxy="proxy:portnum"

 

方法二:(http://www.fedoraforum.org/forum/showthread.php?t=742

create the following files in /etc/profile.d, and then this will work in *any* shell for *any* user of the system

#proxy.sh
export http_proxy=http://host.com:port/
export ftp_proxy=http://host.com:port/
export no_proxy=.domain.com
export HTTP_PROXY=http://host.com:port/
export FTP_PROXY=http://host.com:port/
#proxy.csh
setenv http_proxy http://host.com:port/
setenv ftp_proxy http://host.com:port/
setenv no_proxy .domain.com
setenv HTTP_PROXY http://host.com:port/
setenv FTP_PROXY http://host.com:port/

 

在/etc/yum.conf中设置proxy,prox_username和proxy_password选项。

Perl的library设置

参考链接:

  1. http://stackoverflow.com/questions/841785/how-do-i-include-a-perl-module-thats-in-a-different-directory
  2. http://stackoverflow.com/questions/185114/how-do-i-use-a-perl-module-in-a-directory-not-in-inc

 

在Fedora/RHEL/CentOS中,perl 的library默认安装路径为:

@INC (@INC contains: /usr/lib64/perl5/site_perl/5.8.8/x86_64-linux-thread-multi /usr/lib/perl5/site_perl/5.8.8 /usr/lib/perl5/site_perl /usr/lib64/perl5/vendor_perl/5.8.8/x86_64-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.8 /usr/lib/perl5/vendor_perl /usr/lib64/perl5/5.8.8/x86_64-linux-thread-multi /usr/lib/perl5/5.8.8 .)

 

如果要使用自定义的perllib,就需要参考以下的设置了。

 

EDIT: Putting the right solution first, originally from this question. It's the only one that searches relative to the module directory:

use FindBin;                 # locate this script
use lib "$FindBin::Bin/..";  # use the parent directory
use yourlib;

There's many other ways that search for libraries relative to the current directory. You can invoke perl with the -I argument, passing the directory of the other module:

perl -I.. yourscript.pl

You can include a line near the top of your perl script:

use lib '..';

You can modify the environment variable PERL5LIB before you run the script:

export PERL5LIB=$PERL5LIB:..

The push(@INC) strategy can also work, but it has to be wrapped in BEGIN{} to make sure that the push is run before the module search:

BEGIN {push @INC, '..'}
use yourlib;

 

How to list processes attached to a shared memory segment in linux?

本文整理自网络,参考网页(references):

  1. http://stackoverflow.com/questions/5658568/how-to-list-processes-attached-to-a-shared-memory-segment-in-linux
  2. http://publib.boulder.ibm.com/infocenter/iseries/v5r4/index.jsp?topic=%2Frzahz%2Fipcs.htm

[Question]:


How do I determine what process is attached to a shared memory segment?

awagner@tree:/home/awagner$ ipcs -m


            
          

Shell浮点数运算

Shell本身不支持浮点数运算,(())之类的数学运算符只能进行整数运算。要想在shell中运算浮点数,只能借助于bc, Awk或者Perl。 如

a=0.1
b=0.2
c=$(echo "$a+$b" | bc -l)

 

或者

perl -e "print STDOUT $a + $b;"

 

 

需要注意的是,如果数学表达式中有负数,则必须确保运算符(+ - * /)与其前后的表达式之间至少有一空格。如:

[bonn@bonn Downloads]$ echo $a $b
-0.1 -0.2
[bonn@bonn Downloads]$ echo "$a - $b" | bc -l
.1
[bonn@bonn Downloads]$ perl -e "print STDOUT $a - $b;"
0.1

 

groff初体验

“所见即所得(WYSIWYG,What you see is what you get)”编辑器可以使简单的工作更简单,却无法完成某些复杂的工作。

 

nroff/troff是UNIX下经典的typesetting工具,groff是GNU的*roff实现,并对troff的功能进行了增强。与LaTeX相比,体积较小,且大多为*nix自带,使用较为方便。虽说TeX为Donald Knuth所创,排版效果非常好,但体积相当庞大(安装完差不多3.5GB),而且通篇的/xx语法确实把我雷倒了——还是先由groff入手吧。

 

已经搜集到的*roff相关的资料:

groff最吸引我的地方在于能够轻松的编辑数学公式、绘图、制表、排版并且转化为ps/pdf文件或者网页。为了体验这些功能,将下面的代码为输入纯文本文件html_test,

.URL http://netpbm.sourceforge.net/doc "Netpbm manual"
.URL pic.html "Eric Raymond's pic guide"
.LK TestLink
.LP
.EQ
G(z) ~=~ e sup { ln ~ G(z) }
    ~=~ exp left ( sum from k>=1 { S sub k z sup k } over k right )
    ~=~ prod from k>=1 e sup { S sub k z sup k /k }
.EN
.LP
.TS
tab(:);
c s s
c | c | c
l | l | n.
Major New York Bridges
=
Bridge:Designer:Length
_
Brooklyn:J. A. Roebling:1595
Manhattan:G. Lindenthal: 1470
Williamsburg:L. L. Buck:1600
_
Queensborough:Palmer &:1182
/^:  Hornbostel:/^
_
Triborough:O. H. Ammann:1380
/^:/^:383
_
Bronx Whitestone:O. H. Ammann:2300
Throgs Neck:O. H. Ammann:1800
_
George Washington:O. H. Ammann:3500
_
.TE
.LP
.PS
lineht = lineht / 2
box "/fIletter.tr/fP"
arrow
circle "tbl"
arrow
Eqn: circle "eqn"
arrow
Troff: circle "troff"
arc cw
line down
arc cw
left
arrow
circle "grops"
arrow
box "/fIletter.ps/fP"
up
line <- from Troff.n
arc
line
box "/fItmac.m/fP"
.PE

 

然后输入下列命令:

pic html_test | eqn | tbl | groff -ms -Thtml > html_test.html

 

或者

groff -p -e -t -ms -Thtml html_test > html_test.html

 

在处理pic时,宏-ms必不可少。

 

如果不出错的话,链接将会在网页中正常显示,公式、表格以及图表会被转换为图片。

 

 

 

 

groff的groff_www扩展会调用pnmcut,netpbm的工具包中的一个工具。netpbm可以在http://netpbm.sourceforge.net/下载并安装。安装成功后,需要把netpbm的路径加入到PATH中,最好是在$HOME/.bashrc中加入。

 


Update 2011-04-21:

 

今天试着用groff写了一个文件,并把它转化为html格式,那是相当的痛苦——对于一个习惯了所见即所得的初学者,groff的学习曲线确实相当的陡峭。

 

QEMU常用命令

Following are excerpted from Build appliances with QEMU and OpenBSD, BSD Magazine, 2011.04.

  • Boot from an ISO image:    qemu -cdrom image.iso
  • Create new hard disk for a VM:    qemu-img create disk.bin 2G
  • Install OS into the virtual disk:    qemu -hda disk.bin -cdrom image.iso
  • Boot VM from virtual disk:    qemu disk.bin
  • Boot VM with two virtual disks:    qemu -hda first.bin -hdb second.bin
  • Start VM in bridge mode network:    qemu -net nic -net tap disk.bin
  • Simulate multiple network cards:   qemu -net nic,model=lance -net nic,model=pcnet -net nic,model=rt18139 disk.bin
  • QEMU can also be used with remote machines without X in -nographic mode. For this you have to have this in boot.conf(FreeBSD):

# cat /etc/boot.conf
set tty com0

 

And start QEMU with command:

qemu -nographic disk.bin 

Excel文件转换为XML以及Linux文件编码格式转换

今天需要将多个Excel文档转换为XML格式,本打算用MS Office自带的另存为XML文件的功能,结果转换成MS Office2003 XML之后的文件就是一坨屎!Office 2007自带的XML文档转换的功能也TMD超级繁琐,根据帮助手册自己建了.xsd文件导入到Excel之后也无法导出XML数据,白白浪费了时间。

后来Google到了这篇文章。文中提供了现成的VBA源代码,稍微修改一下即可拿来使用(中文注释为本人所加):

'Attribute VB_Name = "XL_to_XML"
Sub MakeXML()
' create an XML file from an Excel table
Dim MyRow As Integer, MyCol As Integer, Temp As String, YesNo As Variant, DefFolder As String
Dim XMLFileName As String, XMLRecSetName As String, MyLF As String, RTC1 As Integer
Dim RangeOne As String, RangeTwo As String, Tt As String, FldName(99) As String


            
          

在/etc/hosts中定义Linux的hostname

今天碰到这样一个问题:一个程序在刚刚装好的Linux server上获取IP地址时永远都是0x7f000001。一开始没有注意,后来仔细一想,0x7f000001不正好就是127.0.0.1嘛!有同事查了一下/etc/hosts,发现在该文件中有这样一行:

127.0.0.1     mylinuxsvr localhost.localhost.localdomain localhost

 

其中,mylinuxsvr是这个server的名字。难怪每次都只能获取到127.0.0.1呢。当然了,这台server的IP地址其实是配好了的,只是不知为什么,有一个不同server间通信的程序非要通过/etc/hosts来获取IP地址……

 

找了一些Linux server网络配置的文章,记录于此:

  1. Quick HOWTO : Ch03 : Linux Networking
  2. Adding Red Hat Enterprise Linux Hosts

下文摘自Quick HOWTO : Ch03 : Linux Networking

 


 

 

Configuring Your /etc/hosts File

The /etc/hosts file is just a list of IP addresses and their corresponding server names. Your server will typically check this file before referencing DNS. If the name is found with a corresponding IP address then DNS won't be queried at all. Unfortunately, if the IP address for that host changes, you also have to also update the file. This may not be much of a concern for a single server, but can become laborious if it has to be done companywide. For ease of management, it is often easiest to limit entries in this file to just the loopback interface and also the server's own hostname, and use a centralized DNS server to handle most of the rest. Sometimes you might not be the one managing the DNS server, and in such cases it may be easier to add a quick /etc/hosts file entry till the centralized change can be made.

192.168.1.101  smallfry