wiki:TipAndDoc/Linux

Version 21 (modified by mitty, 11 years ago) (diff)

--

  • distributionを知る => lsb_release -a via twitter:tm_tn/status/134106555959349248
    • $ lsb_release -a
      No LSB modules are available.
      Distributor ID: Ubuntu
      Description:    Ubuntu 10.04.3 LTS
      Release:        10.04
      Codename:       lucid
      
    • $ lsb_release -a
      LSB Version:    :core-4.0-amd64:core-4.0-ia32:core-4.0-noarch:graphics-4.0-amd64:graphics-4.0-ia32:graphics-4.0-noarch:printing-4.0-amd64:printing-4.0-ia32:printing-4.0-noarch
      Distributor ID: CentOS
      Description:    CentOS release 5.7 (Final)
      Release:        5.7
      Codename:       Final
      
  • wikipetan:マジックSysRqキー
    unRaw      (X Window Systemからキーボードの制御を取り戻す)
     tErminate (すべてのプロセスにSIGTERMシグナルを送り、正常に終了させる)
     kIll      (すべてのプロセスにSIGKILLシグナルを送り、強制的に終了させる)
      Sync     (書き込みキャッシュのデータをディスクに書き込む)
      Unmount  (すべてのファイルシステムを読み込み専用で再マウントする)
    reBoot     (システムを再起動する)
    
    • reboot
      • Alt + SysRq + b
      • # echo b > /proc/sysrq-trigger

sudo

  • HowTO: Sudoers Configuration - Ubuntu Forums

    2) Sudo reads the sudoers file and applies permissions in order from top to bottom. So the last line in the file will overwrite any previous conflict with the config settings. So it is best to put new configuration lines at the bottom.

  • (Solved) Sudo Exclude Commands And Disable: sudo su -, Bash Shell
  • 例えば、poweroff, reboot, shutdownコマンドをsudoからは扱えなくするには、以下の様に設定する
    • /etc/sudoers.d/adm
      Cmnd_Alias PWRCTL = /sbin/poweroff,/sbin/reboot,/sbin/shutdown
      %adm    ALL=NOPASSWD: ALL, !PWRCTL
      
    • mitty@test:~$ id mitty
      uid=1001(mitty) gid=1001(mitty) groups=1001(mitty),4(adm)
      
    • mitty@test:~$ sudo shutdown
      Sorry, user mitty is not allowed to execute '/sbin/shutdown' as root on test.
      
    • mitty@test:~$ sudo reboot
      Sorry, user mitty is not allowed to execute '/sbin/reboot' as root on test.
      
    • mitty@test:~$ sudo poweroff
      Sorry, user mitty is not allowed to execute '/sbin/poweroff' as root on test.
      
  • 禁止されているコマンドを実行する際は、sudo su -などして別のgroupになってから行う

Swap

  • $ swapon -s
    Filename                                Type            Size    Used    Priority
    /dev/sda1                               partition       262136  0       -1
    

disk device

udev

/dev/sda を他の名前にする

  • 現状では成功していない

元の状態

  • mitty@walken:~$ sudo udevadm info -q path -n /dev/sda
    /devices/pci0000:00/0000:00:1f.2/host2/target2:0:0/2:0:0:0/block/sda
    
  • mitty@walken:~$ sudo udevadm info --query=all --name=/dev/sda
    P: /devices/pci0000:00/0000:00:1f.2/host2/target2:0:0/2:0:0:0/block/sda
    N: sda
    S: block/8:0
    S: disk/by-id/scsi-SATA_ST3500418AS_6VM9ABYD
    S: disk/by-id/ata-ST3500418AS_6VM9ABYD
    S: disk/by-id/wwn-0x5000c5001eda26f9
    S: disk/by-path/pci-0000:00:1f.2-scsi-0:0:0:0
    E: UDEV_LOG=3
    E: DEVPATH=/devices/pci0000:00/0000:00:1f.2/host2/target2:0:0/2:0:0:0/block/sda
    E: MAJOR=8
    E: MINOR=0
    E: DEVNAME=/dev/sda
    E: DEVTYPE=disk
    E: SUBSYSTEM=block
    E: ID_ATA=1
    E: ID_TYPE=disk
    E: ID_BUS=ata
    E: ID_MODEL=ST3500418AS
    E: ID_MODEL_ENC=ST3500418AS\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20
    E: ID_REVISION=CC38
    E: ID_SERIAL=ST3500418AS_6VM9ABYD
    E: ID_SERIAL_SHORT=6VM9ABYD
    E: ID_ATA_WRITE_CACHE=1
    E: ID_ATA_WRITE_CACHE_ENABLED=1
    E: ID_ATA_FEATURE_SET_HPA=1
    E: ID_ATA_FEATURE_SET_HPA_ENABLED=1
    E: ID_ATA_FEATURE_SET_PM=1
    E: ID_ATA_FEATURE_SET_PM_ENABLED=1
    E: ID_ATA_FEATURE_SET_SECURITY=1
    E: ID_ATA_FEATURE_SET_SECURITY_ENABLED=0
    E: ID_ATA_FEATURE_SET_SECURITY_ERASE_UNIT_MIN=82
    E: ID_ATA_FEATURE_SET_SECURITY_ENHANCED_ERASE_UNIT_MIN=82
    E: ID_ATA_FEATURE_SET_SECURITY_FROZEN=1
    E: ID_ATA_FEATURE_SET_SMART=1
    E: ID_ATA_FEATURE_SET_SMART_ENABLED=1
    E: ID_ATA_FEATURE_SET_AAM=1
    E: ID_ATA_FEATURE_SET_AAM_ENABLED=1
    E: ID_ATA_FEATURE_SET_AAM_VENDOR_RECOMMENDED_VALUE=254
    E: ID_ATA_FEATURE_SET_AAM_CURRENT_VALUE=254
    E: ID_ATA_DOWNLOAD_MICROCODE=1
    E: ID_ATA_SATA=1
    E: ID_ATA_SATA_SIGNAL_RATE_GEN2=1
    E: ID_ATA_SATA_SIGNAL_RATE_GEN1=1
    E: ID_ATA_ROTATION_RATE_RPM=7200
    E: ID_WWN=0x5000c5001eda26f9
    E: ID_WWN_WITH_EXTENSION=0x5000c5001eda26f9
    E: ID_SCSI_COMPAT=SATA_ST3500418AS_6VM9ABYD
    E: ID_PATH=pci-0000:00:1f.2-scsi-0:0:0:0
    E: ID_PART_TABLE_TYPE=dos
    E: UDISKS_PRESENTATION_NOPOLICY=0
    E: UDISKS_PARTITION_TABLE=1
    E: UDISKS_PARTITION_TABLE_SCHEME=mbr
    E: UDISKS_PARTITION_TABLE_COUNT=2
    E: UDISKS_ATA_SMART_IS_AVAILABLE=1
    E: DEVLINKS=/dev/block/8:0 /dev/disk/by-id/scsi-SATA_ST3500418AS_6VM9ABYD /dev/disk/by-id/ata-ST3500418AS_6VM9ABYD /dev/disk/by-id/wwn-0x5000c5001eda26f9 /dev/disk/by-path/pci-0000:00:1f.2-scsi-0:0:0:0
    
    
  • mitty@walken:~$ sudo udevadm info -a --name=/dev/sda
    Udevadm info starts with the device specified by the devpath and then
    walks up the chain of parent devices. It prints for every device
    found, all possible attributes in the udev rules key format.
    A rule to match, can be composed by the attributes of the device
    and the attributes from one single parent device.
    
      looking at device '/devices/pci0000:00/0000:00:1f.2/host2/target2:0:0/2:0:0:0/block/sda':
        KERNEL=="sda"
        SUBSYSTEM=="block"
        DRIVER==""
        ATTR{range}=="16"
        ATTR{ext_range}=="256"
        ATTR{removable}=="0"
        ATTR{ro}=="0"
        ATTR{size}=="976773168"
        ATTR{alignment_offset}=="0"
        ATTR{discard_alignment}=="0"
        ATTR{capability}=="50"
        ATTR{stat}=="    7129      217   287320    92724     2036      269    47453   141436        0    35592   234152"
        ATTR{inflight}=="       0        0"
        ATTR{events}==""
        ATTR{events_async}==""
        ATTR{events_poll_msecs}=="-1"
    
      looking at parent device '/devices/pci0000:00/0000:00:1f.2/host2/target2:0:0/2:0:0:0':
        KERNELS=="2:0:0:0"
        SUBSYSTEMS=="scsi"
        DRIVERS=="sd"
        ATTRS{device_blocked}=="0"
        ATTRS{type}=="0"
        ATTRS{scsi_level}=="6"
        ATTRS{vendor}=="ATA     "
        ATTRS{model}=="ST3500418AS     "
        ATTRS{rev}=="CC38"
        ATTRS{state}=="running"
        ATTRS{timeout}=="30"
        ATTRS{iocounterbits}=="32"
        ATTRS{iorequest_cnt}=="0x24dc"
        ATTRS{iodone_cnt}=="0x24c0"
        ATTRS{ioerr_cnt}=="0xc"
        ATTRS{modalias}=="scsi:t-0x00"
        ATTRS{evt_media_change}=="0"
        ATTRS{queue_depth}=="31"
        ATTRS{queue_ramp_up_period}=="120000"
        ATTRS{queue_type}=="simple"
    
      looking at parent device '/devices/pci0000:00/0000:00:1f.2/host2/target2:0:0':
        KERNELS=="target2:0:0"
        SUBSYSTEMS=="scsi"
        DRIVERS==""
    
      looking at parent device '/devices/pci0000:00/0000:00:1f.2/host2':
        KERNELS=="host2"
        SUBSYSTEMS=="scsi"
        DRIVERS==""
    
      looking at parent device '/devices/pci0000:00/0000:00:1f.2':
        KERNELS=="0000:00:1f.2"
        SUBSYSTEMS=="pci"
        DRIVERS=="ahci"
        ATTRS{vendor}=="0x8086"
        ATTRS{device}=="0x3b22"
        ATTRS{subsystem_vendor}=="0x8086"
        ATTRS{subsystem_device}=="0x0037"
        ATTRS{class}=="0x010601"
        ATTRS{irq}=="49"
        ATTRS{local_cpus}=="00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,0000000f"
        ATTRS{local_cpulist}=="0-3"
        ATTRS{modalias}=="pci:v00008086d00003B22sv00008086sd00000037bc01sc06i01"
        ATTRS{numa_node}=="-1"
        ATTRS{dma_mask_bits}=="64"
        ATTRS{consistent_dma_mask_bits}=="64"
        ATTRS{enable}=="1"
        ATTRS{broken_parity_status}=="0"
        ATTRS{msi_bus}==""
    
      looking at parent device '/devices/pci0000:00':
        KERNELS=="pci0000:00"
        SUBSYSTEMS==""
        DRIVERS==""
    
    
  • mitty@walken:~$ sudo /lib/udev/scsi_id --page=0x83 --whitelisted --device=/dev/sda
    35000c5001eda26f9
    
  • mitty@walken:~$ sudo /lib/udev/scsi_id -g -u --device /dev/sda
    35000c5001eda26f9
    
  • mitty@walken:~$ ls -l /sys/block/
    total 0
    lrwxrwxrwx 1 root root 0 Apr 16 15:09 loop0 -> ../devices/virtual/block/loop0
    lrwxrwxrwx 1 root root 0 Apr 16 15:09 loop1 -> ../devices/virtual/block/loop1
    lrwxrwxrwx 1 root root 0 Apr 16 15:09 loop2 -> ../devices/virtual/block/loop2
    lrwxrwxrwx 1 root root 0 Apr 16 15:09 loop3 -> ../devices/virtual/block/loop3
    lrwxrwxrwx 1 root root 0 Apr 16 15:09 loop4 -> ../devices/virtual/block/loop4
    lrwxrwxrwx 1 root root 0 Apr 16 15:09 loop5 -> ../devices/virtual/block/loop5
    lrwxrwxrwx 1 root root 0 Apr 16 15:09 loop6 -> ../devices/virtual/block/loop6
    lrwxrwxrwx 1 root root 0 Apr 16 15:09 loop7 -> ../devices/virtual/block/loop7
    lrwxrwxrwx 1 root root 0 Apr 16 15:09 sda -> ../devices/pci0000:00/0000:00:1f.2/host2/target2:0:0/2:0:0:0/block/sda
    lrwxrwxrwx 1 root root 0 Apr 16 15:09 sr0 -> ../devices/pci0000:00/0000:00:1f.2/host5/target5:0:0/5:0:0:0/block/sr0
    

実験

  • /etc/udev/rules.d/10-fixed_hdd.rules
    # set device name for ST3500418AS 6VM9ABYD
    SUBSYSTEMS=="block", ENV{ID_SERIAL}=="ST3500418AS_6VM9ABYD", NAME="sdx%n"
    
    • 成功しないがエラーも出ない
  • /etc/udev/rules.d/10-fixed_hdd.rules
    # set device name for ST3500418AS 6VM9ABYD
    SUBSYSTEMS=="block", PROGRAM=="/lib/udev/scsi_id -g -u --device %p", RESULT=="35000c5001eda26f9", NAME="sdx%n"
    
    • mitty@walken:~$ sudo udevadm test /devices/pci0000:00/0000:00:1f.2/host2/target2:0:0/2:0:0:0/block/sda
      run_command: calling: test
      udevadm_test: version 164
      This program is for debugging only, it does not run any program,
      specified by a RUN key. It may show incorrect results, because
      some values may be different, or not available at a simulation run.
      
      parse_file: reading '/etc/udev/rules.d/10-fixed_hdd.rules' as rules file
      parse_file: reading '/lib/udev/rules.d/40-hplip.rules' as rules file
      
      (snip)
      
      udev_rules_new: rules use 231672 bytes tokens (19306 * 12 bytes), 35564 bytes buffer
      udev_rules_new: temporary index used 60940 bytes (3047 * 20 bytes)
      udev_device_new_from_syspath: device 0x7f1093f7c340 has devpath '/devices/pci0000:00/0000:00:1f.2/host2/target2:0:0/2:0:0:0/block/sda'
      udev_device_new_from_syspath: device 0x7f1093f7cee0 has devpath '/devices/pci0000:00/0000:00:1f.2/host2/target2:0:0/2:0:0:0/block/sda'
      udev_device_read_db: device 0x7f1093f7cee0 filled with db file data
      udev_rules_apply_to_event: PROGRAM '/lib/udev/scsi_id -g -u --device /devices/pci0000:00/0000:00:1f.2/host2/target2:0:0/2:0:0:0/block/sda' /etc/udev/rules.d/10-fixed_hdd.rules:2
      util_run_program: '/lib/udev/scsi_id -g -u --device /devices/pci0000:00/0000:00:1f.2/host2/target2:0:0/2:0:0:0/block/sda' started
      util_run_program: '/lib/udev/scsi_id -g -u --device /devices/pci0000:00/0000:00:1f.2/host2/target2:0:0/2:0:0:0/block/sda' returned with exitcode 1
      udev_device_new_from_syspath: device 0x7f1093f7c5c0 has devpath '/devices/pci0000:00/0000:00:1f.2/host2/target2:0:0/2:0:0:0'
      udev_device_new_from_syspath: device 0x7f1093f77e30 has devpath '/devices/pci0000:00/0000:00:1f.2/host2/target2:0:0'
      udev_device_new_from_syspath: device 0x7f1093f78160 has devpath '/devices/pci0000:00/0000:00:1f.2/host2'
      udev_device_new_from_syspath: device 0x7f1093f78480 has devpath '/devices/pci0000:00/0000:00:1f.2'
      udev_device_new_from_syspath: device 0x7f1093f78790 has devpath '/devices/pci0000:00'
      
      (snip)
      
    • mitty@walken:~$ grep scsi_id /var/log/syslog
      Apr 16 16:17:48 walken scsi_id[4773]: custom logging function 0x7f3411a38010 registered
      Apr 16 16:17:48 walken scsi_id[4773]: scsi_id: cannot open /devices/pci0000:00/0000:00:1f.2/host2/target2:0:0/2:0:0:0/block/sda: No such file or directory
      Apr 16 16:17:48 walken scsi_id[4776]: custom logging function 0x7f96ccf96010 registered
      
    • scsi_idのオプションが変わった模様
  • /etc/udev/rules.d/10-fixed_hdd.rules
    # set device name for ST3500418AS 6VM9ABYD
    SUBSYSTEMS=="block", DEVPATH=="/devices/pci0000:00/0000:00:1f.2/host2/target2:0:0/2:0:0:0/block/sda", NAME="sdx%n"
    
    • boot中のコンソール画面
      Waiting for /dev to be fully populated...udevd-work[353]: kernel-provided name '
      sda' and NAME= 'sdx' disagree, please use SYMLINK+= or change the kernel to prov
      ide the proper name
      
    • mitty@walken:~$ ls -l /dev/sd*
      brw------- 1 root root 8, 0 Apr 16 16:30 /dev/sda
      brw-rw---- 1 root disk 8, 1 Apr 16 16:30 /dev/sda1
      brw-rw---- 1 root disk 8, 2 Apr 16 16:30 /dev/sda2
      brw-rw---- 1 root disk 8, 0 Apr 16 16:30 /dev/sdx
      
    • mitty@walken:~$ sudo fdisk -lu /dev/sda
      Disk /dev/sda: 500.1 GB, 500107862016 bytes
      255 heads, 63 sectors/track, 60801 cylinders, total 976773168 sectors
      Units = sectors of 1 * 512 = 512 bytes
      Sector size (logical/physical): 512 bytes / 512 bytes
      I/O size (minimum/optimal): 512 bytes / 512 bytes
      Disk identifier: 0x00086666
      
         Device Boot      Start         End      Blocks   Id  System
      /dev/sda1   *        2048   961177599   480587776   83  Linux
      /dev/sda2       961177600   976771071     7796736   82  Linux swap / Solaris
      
    • mitty@walken:~$ sudo fdisk -lu /dev/sdx
      Disk /dev/sdx: 500.1 GB, 500107862016 bytes
      255 heads, 63 sectors/track, 60801 cylinders, total 976773168 sectors
      Units = sectors of 1 * 512 = 512 bytes
      Sector size (logical/physical): 512 bytes / 512 bytes
      I/O size (minimum/optimal): 512 bytes / 512 bytes
      Disk identifier: 0x00086666
      
         Device Boot      Start         End      Blocks   Id  System
      /dev/sdx1   *        2048   961177599   480587776   83  Linux
      /dev/sdx2       961177600   976771071     7796736   82  Linux swap / Solaris
      
    • mitty@walken:~$ ls -l /sys/block/
      total 0
      lrwxrwxrwx 1 root root 0 Apr 16 16:51 loop0 -> ../devices/virtual/block/loop0
      lrwxrwxrwx 1 root root 0 Apr 16 16:51 loop1 -> ../devices/virtual/block/loop1
      lrwxrwxrwx 1 root root 0 Apr 16 16:51 loop2 -> ../devices/virtual/block/loop2
      lrwxrwxrwx 1 root root 0 Apr 16 16:51 loop3 -> ../devices/virtual/block/loop3
      lrwxrwxrwx 1 root root 0 Apr 16 16:51 loop4 -> ../devices/virtual/block/loop4
      lrwxrwxrwx 1 root root 0 Apr 16 16:51 loop5 -> ../devices/virtual/block/loop5
      lrwxrwxrwx 1 root root 0 Apr 16 16:51 loop6 -> ../devices/virtual/block/loop6
      lrwxrwxrwx 1 root root 0 Apr 16 16:51 loop7 -> ../devices/virtual/block/loop7
      lrwxrwxrwx 1 root root 0 Apr 16 16:51 sda -> ../devices/pci0000:00/0000:00:1f.2/host2/target2:0:0/2:0:0:0/block/sda
      lrwxrwxrwx 1 root root 0 Apr 16 16:51 sr0 -> ../devices/pci0000:00/0000:00:1f.2/host5/target5:0:0/5:0:0:0/block/sr0
      
      • 元のまま
  • /etc/udev/rules.d/10-fixed_hdd.rules
    # set device name for ST3500418AS 6VM9ABYD
    SUBSYSTEMS=="block", ATTR{size}=="976773168" , NAME="sdx%n"
    
    • 同じエラー
      Waiting for /dev to be fully populated...udevd-work[353]: kernel-provided name '
      sda' and NAME= 'sdx' disagree, please use SYMLINK+= or change the kernel to prov
      ide the proper name
      

BackTrack

  • sshd
    • sshd-generate
    • service ssh start

add cert on Linux