linux 相关配置操作 待总结
2014-09-26 15:00
246 查看
chmod 755 jdk-6u45-linux-x64.bin ./ jdk-6u45-linux-x64.bin vi /etc/profile export JAVA_HOME=/usr/java/jdk1.6.0_45 export JRE_HOME=/usr/java/jdk1.6.0_45/jre export JAVA_BIN=/usr/java/jdk1.6.0_45/bin export PATH=$PATH:$JAVA_HOME/bin export CLASSPATH=.:$JAVA_HOME/lib:$JAVA_HOME/jre/lib export JAVA_HOME JAVA_BIN PATH CLASSPATH . /etc/profile java –version
出现以下错误
[root@LVS /]# java -version java version "1.5.0" gij (GNU libgcj) version 4.4.7 20120313 (Red Hat 4.4.7-16) Copyright (C) 2007 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. [root@LVS /]# which java /usr/bin/java [root@LVS /]# ls /usr/bin/java -l lrwxrwxrwx. 1 root root 22 Aug 10 23:39 /usr/bin/java -> /etc/alternatives/java [root@LVS /]# /etc/alternatives/java Usage: gij [OPTION] ... CLASS [ARGS] ... to invoke CLASS.main, or gij -jar [OPTION] ... JARFILE [ARGS] ... to execute a jar file Try `gij --help' for more information. [root@LVS /]# ll /etc/alternatives/java lrwxrwxrwx. 1 root root 35 Aug 10 23:39 /etc/alternatives/java -> /usr/lib/jvm/jre-1.5.0-gcj/bin/java [root@LVS /]# alternatives --install /usr/bin/java java /usr/java/jdk1.7.0_72/jre/bin/java 300 [root@LVS /]# java -version java version "1.5.0" gij (GNU libgcj) version 4.4.7 20120313 (Red Hat 4.4.7-16) Copyright (C) 2007 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. [root@LVS /]# alternatives --config java There are 2 programs which provide 'java'. Selection Command ----------------------------------------------- *+ 1 /usr/lib/jvm/jre-1.5.0-gcj/bin/java 2 /usr/java/jdk1.7.0_72/jre/bin/java Enter to keep the current selection[+], or type selection number: 2 [root@LVS /]# java -version java version "1.7.0_72" Java(TM) SE Runtime Environment (build 1.7.0_72-b14) Java HotSpot(TM) 64-Bit Server VM (build 24.72-b04, mixed mode)
tomcat配置
tar –zxvf apache-tomcat-7.0.47.tar.gz vi catalina.sh JAVA_OPTS="-Xms1024m -Xmx1024m -XX:MaxNewSize=512m -XX:MaxPermSize=512m -Djava.awt.headless=true -Dfile.encoding=UTF-8 -Dsun.jnu.encoding=UTF-8" cygwin=false
server.xml
<Connector port="80" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443" useBodyEncodingForURI="true" URIEncoding="UTF-8" /> <Context path="" reloadable="true" docBase="/opt/java/webapp" crossContext="true"/>
并发优化配置
<Connector port="80" protocol="org.apache.coyote.http11.Http11NioProtocol" connectionTimeout="20000" enableLookups="false" maxThreads="1024" minSpareThreads="25" maxSpareThreads="75" acceptCount="100" redirectPort="8443" useBodyEncodingForURI="true" URIEncoding="UTF-8" />
二级域名session共享配置
<Context useHttpOnly="true" sessionCookiePath="/" sessionCookieDomain=".XXXX.com" />
利用cronolog 分割Tomcat日志
#tar -xvzf cronolog.tar.gz #cd cronolog #./configure --prefix=/usr/local/cronolog #make #make install # which cronolog /usr/local/sbin/cronolog # vi bin/catalina.sh1.找到 touch "CATALINA_BASE"/logs/catalina.out 并注释掉
2.找到(注意:有两处)
org.apache.catalina.startup.Bootstrap "$@" start /
>> "$CATALINA_BASE"/logs/catalina.out 2&1 &
替换为
org.apache.catalina.startup.Bootstrap "$@" start 2>&1 | /usr/local/sbin/cronolog "$CATALINA_BASE"/logs/catalina.%Y-%m-%d.out >> /dev/null &
# >> "$CATALINA_OUT" 2>&1 &
服务安装配置
1. 将$Tomcat_HOME/bin目录下的catalina.sh脚本复制到目录/etc/init.d中,重命名为tomcat
2. 修改刚才复制的tomcat脚本:
在脚本的第三行后面插入下面两行
# chkconfig: 2345 10 90
# description:Tomcat service
第一行是服务的配置:第一个数字是服务的运行级,2345表明这个服务的运行级是2、3、4和5级(Linux的运行级为0到6);第二个数字是启动优先级,数值从0到99;第三个数是停止优先级,数值也是从0到99。
第二行是对服务的描述
在脚本中设置 CATALINA_HOME 和 JAVA_HOME 这两个脚本必需的环境变量,如:
CATALINA_HOME=/usr/share/tomcat
JAVA_HOME=/usr/share/java/jdk
chmod a+x /etc/init.d/tomcat
3. chkconfig --add tomcat
Mysql安装配置
rpm -qa|grep-i mysql rpm -e mysql-libs --nodeps rpm -ivh MySQL-server- 5.5.36-1.linux2.6.x86_64.rpm --nodeps --force rpm -ivh MySQL-client- 5.5.36-1.linux2.6.x86_64.rpm cp/usr/share/mysql/ my-innodb-heavy-4G.cnf /etc/my.cnf vi /etc/my.cnf [client] default-character-set= utf8 [mysqld] character_set_server=utf8 init_connect='SET NAMES utf8'
log_bin_trust_function_creators=true
update user set host = '%' where user = 'root'; //这个命令执行错误时可略过 update user set `Select_priv` = 'Y', `Insert_priv` = 'Y', `Update_priv` = 'Y', `Delete_priv` = 'Y', `Create_priv` = 'Y', `Drop_priv` = 'Y', `Reload_priv` = 'Y', `Shutdown_priv` = 'Y', `Process_priv` = 'Y', `File_priv` = 'Y', `Grant_priv` = 'Y', `References_priv` = 'Y', `Index_priv` = 'Y', `Alter_priv` = 'Y', `Show_db_priv` = 'Y', `Super_priv` = 'Y', `Create_tmp_table_priv` = 'Y', `Lock_tables_priv` = 'Y', `Execute_priv` = 'Y', `Repl_slave_priv` = 'Y', `Repl_client_priv` = 'Y', `Create_view_priv` = 'Y', `Show_view_priv` = 'Y', `Create_routine_priv` = 'Y', `Alter_routine_priv` = 'Y', `Create_user_priv` = 'Y', `Event_priv` = 'Y', `Trigger_priv` = 'Y', `Create_tablespace_priv` = 'Y' where user='root' and host='localhost' flush privileges; UPDATE user SET password=PASSWORD("new password") WHERE user='root';
忘记密码
vi /etc/my.cnf [mysqld] skip-grant-tables # /etc/init.d/mysql restart mysql> USE mysql ; mysql> UPDATE user SET Password = password ( 'new-password' ) WHERE User = 'root' ; mysql> flush privileges ; vi /etc/my.cnf
将刚才在[mysqld]的段中加上的skip-grant-tables删除
转移数据库目录
# /etc/init.d/mysql stop mv /var/lib/mysql /data/ vi /etc/my.cnf [client] #socket = /var/lib/mysql/mysql.sock socket = /data/mysql/mysql.sock [mysqld] #socket = /var/lib/mysql/mysql.sock socket = /data/mysql/mysql.sock vi /etc/init.d/mysql #datadir=/var/lib/mysql datadir=/data/mysql chown -R mysql:mysql /data/mysql/ ln -s /data/mysql/mysql.sock /var/lib/mysql/mysql.sock
Mysql Error:1018:can't read dir of ‘./dbname’ <errno:13>
chown -R mysql:mysql /data/mysql/
定时任务添加
yum -y install vixie-cron yum -y install crontabs vi /etc/crontab SHELL=/bin/bash PATH=/sbin:/bin:/usr/sbin:/usr/bin MAILTO=root HOME=/ # run-parts 01 * * * * root run-parts /etc/cron.hourly 02 4 * * * root run-parts /etc/cron.daily 22 4 * * 0 root run-parts /etc/cron.weekly 42 4 1 * * root run-parts /etc/cron.monthly 0 */2 * * * root /opt/scripts/DBDailyBak.sh service crond start
Mysql数据备份,删除10天前数据,DBDailyBak.sh
filename=$(date +%Y%m%d%H) /usr/bin/mysqldump -uroot -pron --quick --all-databases --flush-logs --single-transaction>/mnt/data/backup/daily/$filename.sql tar czvf /mnt/data/backup/daily/$filename.tar.gz /mnt/data/backup/daily/$filename.sql rm -f /mnt/data/backup/daily/*.sql find /data/backup/daily -type f -mtime +10 | xargs rm -f
mysql数据库是否开启了InnoDB引擎
mysql>SHOW ENGINES; mysql>SHOW VARIABLES LIKE "have_%"; mysql>SHOW VARIABLES LIKE 'plugin_dir'; mysql>SHOW PLUGINS; mysql>INSTALL PLUGIN InnoDB SONAME 'ha_innodb.so';删除MySQL目录下的ib_logfile0和ib_logfile1相关文件,修改my.cnf 下default-storage-engine = InnoDB重启数据库;注意数据备份,防止万一出错
如果是InnoDB: memory with malloc! Total allocated memory这个原因,系统内存不足
修改配置文件里innodb_buffer_pool_size=2G
开启linux端口
vi /etc/sysconfig/iptables重启
/etc/init.d/iptables restart
linux 优化及安全配置:
#iptables 只开启80对外,SSH只允许内网连接 [root@LVS /]#Iptables –t filter –A RH-Firewall-1-INPUT –s 192.168.1.0/24 –p tcp –dport 22 –j ACCEPT [root@LVS /]#Iptables –t filter -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT #防SYN 防止同步包洪水(Sync Flood) [root@LVS /]# iptables -A FORWARD -p tcp --syn -m limit --limit 1/s -j ACCEPT #也有人写作 [root@LVS /]#iptables -A INPUT -p tcp --syn -m limit --limit 1/s -j ACCEPT #--limit 1/s 限制syn并发数每秒1次,可以根据自己的需要修改 #防止各种端口扫描 [root@LVS /]# iptables -A FORWARD -p tcp --tcp-flags SYN,ACK,FIN,RST RST -m limit --limit 1/s -j ACCEPT #Ping洪水攻击(Ping of Death) [root@LVS /]# iptables -A FORWARD -p icmp --icmp-type echo-request -m limit --limit 1/s -j ACCEPT
<pre name="code" class="html">#修改sysctl.conf [root@LVS /]# vi /etc/sysctl.conf #打开SYN COOKIE功能: [root@LVS /]# sysctl -w net.ipv4.tcp_syncookies=1 #降低重试次数: [root@LVS /]# sysctl -w net.ipv4.tcp_synack_retries=3 [root@LVS /]# sysctl -w net.ipv4.tcp_syn_retries=3 [root@LVS /]# sysctl -w net.core.netdev_max_backlog = 32768 [root@LVS /]# sysctl -w net.core.somaxconn = 32768 [root@LVS /]# sysctl -w net.core.wmem_default = 8388608 [root@LVS /]# sysctl -w net.core.rmem_default = 8388608 [root@LVS /]# sysctl -w net.core.rmem_max = 16777216 [root@LVS /]# sysctl -w net.core.wmem_max = 16777216 [root@LVS /]# sysctl -w net.ipv4.ip_local_port_range = 1024 65000 [root@LVS /]# sysctl -w net.ipv4.route.gc_timeout = 100 [root@LVS /]# sysctl -w net.ipv4.tcp_fin_timeout = 30 [root@LVS /]# sysctl -w net.ipv4.tcp_keepalive_time = 1200 [root@LVS /]# sysctl -w net.ipv4.tcp_timestamps = 0 [root@LVS /]# sysctl -w net.ipv4.tcp_tw_recycle = 1 [root@LVS /]# sysctl -w net.ipv4.tcp_tw_reuse = 1 [root@LVS /]# sysctl -w net.ipv4.tcp_mem = 94500000 915000000 927000000 [root@LVS /]# sysctl -w net.ipv4.tcp_max_orphans = 3276800 [root@LVS /]# sysctl -w net.ipv4.tcp_max_syn_backlog = 65536
linux时间设置
cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
linux系统FTP服务器配置与管理
[root@iZ23s2nhlomZ ~]# rpm -qa|grep vsftpd [root@iZ23s2nhlomZ ~]# yum install vsftpd [root@iZ23s2nhlomZ ~]# lsb_release -a [root@iZ23s2nhlomZ ~]# rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5 [root@iZ23s2nhlomZ ~]# yum install vsftpd [root@iZ23s2nhlomZ ~]# vi /etc/vsftpd/vsftpd.conf anonymous_enable=NO #禁止匿名访问 ascii_upload_enable #允许使用ascii码上传 ascii_download_enable #允许使用ascii码下载 userlist_deny=NO #(这条需手动添加到最后)使用FTP用户表,表里没有的用户需要添加才能登录 [root@iZ23s2nhlomZ ~]# /etc/init.d/vsftpd start [root@iZ23s2nhlomZ ~]# chkconfig vsftpd on [root@iZ23s2nhlomZ ~]# vi /etc/vsftpd/user_list [root@iZ23s2nhlomZ ~]# useradd vip.com [root@iZ23s2nhlomZ ~]# passwd vip.com [root@iZ23s2nhlomZ ~]# vi /etc/vsftpd/ftpusers #root 开启root的ftp
相关文章推荐
- linux c网络学习总结2(IP地址相关的操作)
- WDCP上配置SSL证书即https 2017-08-28 百度总结 操作环境:linux的WDCP操作面板(没有操作面板就在命令行操作) wdcp 安装ssl证书教程实现https访问 1.申请
- 安装完成ubuntu系统后的基本的相关配置---Linux总结笔记
- Linux网卡的相关配置总结
- Linux mysql 相关操作命令-配置日志时间,开启日志
- Linux基础之无线网卡配置连接测试相关操作
- Linux C语言编程-Linux系统环境--Linux上时间的相关操作---知识点总结
- linux相关基本操作指令总结
- CentOS 配置防火墙操作实例(启、停、开、闭端口)CentOS Linux-FTP/对外开放端口(接口)TomCat相关
- 【Linux从零开始】:2.文件与目录的管理和配置(2)相关操作命令
- Linux常用命令总结1(用户操作相关)
- asp.net中窗口相关操作总结(javascript)
- Linux 网络接口配置文件及相关工具 (v0.1b)
- [转]asp.net中窗口相关操作总结(javascript)
- Linux网络相关配置文件
- asp.net中窗口相关操作总结(javascript)
- linux时间配置相关问题
- [转]有关UNICODE、ANSI字符集和相关字符串操作的总结!
- Linux 网络接口配置文件及相关工具
- Linux网络相关配置文件