Make Linux faster and lighter<1>

本文介绍如何通过简单调整提升Linux系统的启动速度及整体性能,包括优化启动序列、改进KDE和Gnome,以及提高常用应用的表现。文章还分享了来自开源社区专家的高效使用技巧。

摘要生成于 C知道 ,由 DeepSeek-R1 满血版支持, 前往体验 >

With just a few tweaks, your Linux box can be lighter, sprightlier and quicker than ever before. Read on for the best ways to speed up your boot sequence, optimise KDE and Gnome, and get betterperformance from your favourite apps. We've also got some top tips from our favourite free software gurus...

Gone are the days when you could make a cup of tea and drink it in the time it takes your computer's operating system to boot (with one notable exception). On that basis, you might think that your Linux machines are already performing at the fastest possible speed, right?

Sadly, this is not always the case. Communities developing mainstream Linux distributions have to appeal to the widest possible audience and ensure compatibility with the widest range of hardware. This means that someone running a mainstream distro on a netbook or a low-end PC may well be using many of the same settings as someone with a high-end gaming machine. But it doesn't have to be this way!

With just a few tweaks and some experimentation, your Linux system can realise your machine's untapped potential. Do you have a dual-core processor? Take advantage of this by running boot processes in parallel. Do you have more memory than you know what to do with? You could try caching data in memory rather than swapping space for faster access.

The great strength of everyone's favourite free OS is that it can be customised from the ground up, so Linux is the ideal tool to tailor to your needs. But once you have an ultrafast system, how can you become more productive? We've consulted prominent members of the free software community for their favourite tips that make their systems more productive - and they could do the same for you.

 

Make Linux boot faster

Any productive machine needs to be up and running as soon as possible, and a sluggish boot can hinder your efforts – which is why boot times were the first thing we thought about improving. One word of warning before you begin: we recommend that you make a backup before you make these alterations, as a bug in your bootloader can render your Linux box unbootable!

Remove the timeout

You may notice that each time you boot there's a small count-down from three to zero, which is great if you regularly select a different OS or Linux kernel at boot time, but useless if you always boot into the same distro. Fortunately, it's easy to remove by opening /boot/grub/menu.lst in a text editor with root permissions and finding the line showing:

timeout=3

Once you've found it, change the value to zero. Save and exit then reboot and you should notice you have just knocked three seconds off your boot time.

Improve disk performance

If you have a DMA-compatible (Direct Memory Access) hard drive, you can increase data throughput threefold with a simple tweak. This will improve boot times because read times will be reduced, and overall performance will increase whenever the hard disk is accessed.

Start by installing hdparm through your package manager, then fire up a root terminal and type: hdparm -d1 /dev/hda1 replacing /dev/hda1 with the location of your boot partition to increase startup times or the root partition to increase general performance. Gnome users can have this run automatically each startup by heading to System > Administration > Services . You can then add this line as an entry with gksudo at the start to ensure it runs with root permissions without requiring additional authentication.

Run boot processes in parallel

Parallelism can lead to big performance boosts, because running two processes at once will take half the time of running them sequentially (at least in theory). You can take advantage of this technique in Grub by firing up /etc/init.d/rc in a text editor with root permissions and finding the following line:

CONCURRENCY=none

You would then replace none with shell before saving and closing your text editor. When you reboot you should see a noticeable decrease in your boot times (around one or two seconds in most cases). If you don't see an increase, this is because this tweak is aimed primarily at systems with multi-core processors. If you have a solo-core processor you could actually increase your boot time if you use this tweak, which was the case with our test system where we saw a 2.4-second increase.

You could edit a text file and restart your machine to profile your system, or just click a few buttons in Grub.

You could edit a text file and restart your machine to profile your system, or just click a few buttons in Grub.

Optimise memory

One great way to improve performance is to define how swap space is used. A swap partition is where the Linux kernel caches data in virtual memory to quickly swap into RAM as and when it's needed. A dedicated partition isn't compulsory, but the space is also used to store your machine state if you choose to hibernate. The effects of this tip depend on your system and whether you have a swap partition, but if you have plenty of RAM you'll find that reducing swappiness will give you a noticeable performance boost.

This will allow the kernel to cache data in memory for faster access and reduces the amount of data being swapped in and out of swap space at any given time. Simply open /etc/sysctl.conf in a text editor with root permissions, then append the following line to the bottom of the file:

vm.swappiness=10

(You will need to restart the session in order for your changes to take effect.) You can tweak this value to see how performance improves. The lower the value, the less you use swap space and the more data is cached to memory. This was the value that seemed to work best with our test system using 512MB RAM. However, this tip isn't just restricted to systems with large amounts of memory - systems with 256MB of RAM or less may see a performance boost if swappiness is increased, as this will cache more data to swap space and free up more memory for day-to-day applications.

The precise values vary from system to system so this will require some trial and error, especially as reading data from swap space still takes longer than reading it from memory, but the end results are usually worth the effort.

Speed up ext3

You can gain some significant performance benefits by enabling write-back operation in ext3. This tweak isn't restricted to systems running KDE, but it is disabled by default in almost every distro. This is primarily because older hard drives don't support this feature, though newer hard drives can achieve a minor speed boost. This won't affect your day-to-day disk operations, so it is not recommended you try this tweak on a typical home system, but you will see an improvement for the high intensity disk operations that are typically the preserve of servers.

After making a back up of the file, open /etc/fstab in a text editor with root permissions and look for a line with the following section of text:

relatime,errors=remount-ro

and replace it with this:

noatime,nodiratime,errors=remount-ro,data=writeback

If there is no text either side of this snippet, you have done it wrong! Save and exit this file then open /boot/grub/menu.lst and find the following two lines:

# defoptions quiet splash
#altoptions=(recoverymode) single

They won't be next to each other, but once you find them append the following at the end of both those lines:

rootflags=data=writeback

then save and exit. Open up a root terminal and run update grub . You then have the option of simply restarting to apply these changes to your file system, or you can apply them on the fly by installing tune2fs from your package manager. If you choose the latter option you would then type the following into a root terminal:

tune2fs -o journal_data_writeback /dev/hda1

substituting /dev/hda1 with your root partition. Be warned: write-back mode puts you at a little risk of losing data if you machine suddenly powers off, ie if you kick the power cord out, if there's a major system crash or if you get a general power outage.

Voice of the Guru #1

Richard Stallman - founder of the GNU Project

"I recently learned about the M-. command in Bash (use Escape followed by a full stop if you don’t have a Meta key), which copies the last argument from the previous command."

┌──(kali㉿kali)-[~] └─$ binwalk Binwalk v2.4.3 Original author: Craig Heffner, ReFirmLabs https://github.com/OSPG/binwalk Usage: binwalk [OPTIONS] [FILE1] [FILE2] [FILE3] ... Disassembly Scan Options: -Y, --disasm Identify the CPU architecture of a file using the capstone disassembler -T, --minsn=<int> Minimum number of consecutive instructions to be considered valid (default: 500) -k, --continue Don't stop at the first match Signature Scan Options: -B, --signature Scan target file(s) for common file signatures -R, --raw=<str> Scan target file(s) for the specified sequence of bytes -A, --opcodes Scan target file(s) for common executable opcode signatures -m, --magic=<file> Specify a custom magic file to use -b, --dumb Disable smart signature keywords -I, --invalid Show results marked as invalid -x, --exclude=<str> Exclude results that match <str> -y, --include=<str> Only show results that match <str> Extraction Options: -e, --extract Automatically extract known file types -D, --dd=<type[:ext[:cmd]]> Extract <type> signatures (regular expression), give the files an extension of <ext>, and execute <cmd> -M, --matryoshka Recursively scan extracted files -d, --depth=<int> Limit matryoshka recursion depth (default: 8 levels deep) -C, --directory=<str> Extract files/folders to a custom directory (default: current working directory) -j, --size=<int> Limit the size of each extracted file -n, --count=<int> Limit the number of extracted files -0, --run-as=<str> Execute external extraction utilities with the specified user's privileges -1, --preserve-symlinks Do not sanitize extracted symlinks that point outside the extraction directory (dangerous) -r, --rm Delete carved files after extraction -z, --carve Carve data from files, but don't execute extraction utilities -V, --subdirs Extract into sub-directories named by the offset Entropy Options: -E, --entropy Calculate file entropy -F, --fast Use faster, but less detailed, entropy analysis -J, --save Save plot as a PNG -Q, --nlegend Omit the legend from the entropy plot graph -N, --nplot Do not generate an entropy plot graph -H, --high=<float> Set the rising edge entropy trigger threshold (default: 0.95) -L, --low=<float> Set the falling edge entropy trigger threshold (default: 0.85) Binary Diffing Options: -W, --hexdump Perform a hexdump / diff of a file or files -G, --green Only show lines containing bytes that are the same among all files -i, --red Only show lines containing bytes that are different among all files -U, --blue Only show lines containing bytes that are different among some files -u, --similar Only display lines that are the same between all files -w, --terse Diff all files, but only display a hex dump of the first file Raw Compression Options: -X, --deflate Scan for raw deflate compression streams -Z, --lzma Scan for raw LZMA compression streams -P, --partial Perform a superficial, but faster, scan -S, --stop Stop after the first result General Options: -l, --length=<int> Number of bytes to scan -o, --offset=<int> Start scan at this file offset -O, --base=<int> Add a base address to all printed offsets -K, --block=<int> Set file block size -g, --swap=<int> Reverse every n bytes before scanning -f, --log=<file> Log results to file -c, --csv Log results to file in CSV format -t, --term Format output to fit the terminal window -q, --quiet Suppress output to stdout -v, --verbose Enable verbose output -h, --help Show help output -a, --finclude=<str> Only scan files whose names match this regex -p, --fexclude=<str> Do not scan files whose names match this regex -s, --status=<int> Enable the status server on the specified port [NOTICE] Binwalk v2.x will reach EOL in 12/12/2025. Please migrate to binwalk v3.x 怎样使用binwalk
08-09
<think>我们被要求解释如何使用binwalk工具进行文件分析和提取。根据引用内容,我们知道binwalk是一个用于分析二进制文件(尤其是固件映像)并从中提取数据的工具。下面我将按照步骤介绍基本使用方法和命令示例。 ### 1. 安装Binwalk 在Kali Linux中,binwalk通常已预装。若未安装,可使用以下命令: ```bash sudo apt update sudo apt install binwalk ``` ### 2. 基本命令结构 ```bash binwalk [选项] <文件路径> ``` ### 3. 文件分析 #### 3.1 扫描文件签名 最基础用法是直接运行binwalk后接文件名,这会扫描文件中已知的文件签名(如压缩文件、文件系统、可执行文件等): ```bash binwalk firmware.bin ``` 输出示例: ``` DECIMAL HEXADECIMAL DESCRIPTION -------------------------------------------------------------------------------- 0 0x0 uImage header, header size: 64 bytes, ... 112 0x70 LZMA compressed data, properties: 0x5D, ... ... ``` #### 3.2 详细扫描(-e选项) `-e`或`--extract`选项用于自动提取识别出的文件: ```bash binwalk -e firmware.bin ``` 此命令会在当前目录创建一个`_firmware.bin.extracted`文件夹存放提取的文件。 #### 3.3 递归提取(-M选项) `-M`或`--matryoshka`选项启用递归提取,对提取出的文件再次进行binwalk扫描: ```bash binwalk -Me firmware.bin ``` ### 4. 常用选项详解 | 选项 | 全称 | 功能 | |------|------|------| | `-B` | `--signature` | 扫描文件签名(默认行为) | | `-A` | `--opcodes` | 扫描文件中特定架构的机器码(opcode) | | `-C` | `--directory=<dir>` | 指定提取文件的输出目录 | | `-d` | `--depth=<int>` | 设置递归提取深度(默认1) | | `-r` | `--rm` | 提取后删除无效文件 | | `-y` | `--include=<type>` | 只包含指定类型的签名(如'tar') | | `-x` | `--exclude=<type>` | 排除指定类型的签名 | ### 5. 高级用法示例 #### 5.1 组合扫描 同时进行签名扫描和操作码扫描: ```bash binwalk -BA firmware.bin ``` #### 5.2 指定输出目录 将提取文件输出到`output`目录: ```bash binwalk -e -C output firmware.bin ``` #### 5.3 排除特定类型 排除所有`gzip`压缩文件的扫描: ```bash binwalk -x gzip firmware.bin ``` ### 6. 实际案例分析 假设有一个固件文件`router_fw.img`: 1. 首先分析文件结构: ```bash binwalk router_fw.img ``` 输出显示包含Squashfs文件系统和uImage头。 2. 递归提取所有内容: ```bash binwalk -Me router_fw.img ``` 提取后可在`_router_fw.img.extracted`目录中找到文件系统。 ### 7. 常见问题解决 - **提取失败**:尝试手动指定偏移量和工具(如`dd`): ```bash dd if=firmware.bin of=part1 bs=1 skip=112 ``` 然后对`part1`单独使用`binwalk -e part1` - **签名库更新**:通过Git获取最新签名库: ```bash git clone https://github.com/ReFirmLabs/binwalk cd binwalk sudo python setup.py install ``` ### 8. 图形界面(可选) 安装`binwalk-gui`: ```bash sudo apt install binwalk-gui ``` 启动:`binwalk-gui` ### 9. 注意事项 - 对加密/混淆文件可能无法直接提取 - Windows环境功能受限,建议在Linux下使用 - 复杂文件需结合其他工具(如`firmware-mod-kit`)分析 ### 参考文档 - 官方文档:https://github.com/ReFirmLabs/binwalk - Kali工具文档:https://www.kali.org/tools/binwalk/ ### 相关问题 1. 如何解决binwalk提取固件时出现的"Invalid offset"错误? 2. 除了binwalk,还有哪些工具可以用于固件分析? 3. 如何为binwalk添加自定义文件签名? 4. 在CTF比赛中binwalk通常用于解决哪些类型的题目?</think>### Binwalk 工具使用指南 Binwalk 是一款强大的二进制文件分析工具,专为识别和提取嵌入式文件(如固件映像)而设计。以下是核心使用方法和命令示例: --- #### **1. 基本文件分析** 扫描文件签名(压缩包、文件系统、可执行文件等): ```bash binwalk firmware.bin # 基础扫描 ``` 输出示例: ``` DECIMAL HEXADECIMAL DESCRIPTION -------------------------------------------------------------------------------- 0 0x0 uImage header, header size: 64 bytes, ... 112 0x70 LZMA compressed data, properties: 0x5D, ... 131072 0x20000 Squashfs filesystem, little endian, version 4.0, ... ``` --- #### **2. 文件提取操作** **自动提取所有识别内容**: ```bash binwalk -e firmware.bin # 输出到 _firmware.bin.extracted 目录 ``` **递归提取嵌套文件**(如多次压缩包): ```bash binwalk -Me firmware.bin # -M 启用递归提取 ``` **指定输出目录**: ```bash binwalk -e --directory=output_folder firmware.bin ``` --- #### **3. 高级扫描选项** | 选项 | 功能 | 示例 | |------|------|------| | `-A` | 扫描机器码指令 | `binwalk -A firmware.bin` | | `-B` | 显示文件熵图(检测加密/压缩) | `binwalk -B firmware.bin` | | `-y` | 仅包含特定类型(如 `gzip`) | `binwalk -y gzip firmware.bin` | | `-x` | 排除特定类型(如 `jpeg`) | `binwalk -x jpeg firmware.bin` | --- #### **4. 实际案例:固件解包** ```bash # 步骤1: 扫描固件结构 binwalk router_firmware.bin # 步骤2: 提取所有文件(含递归) binwalk -Me router_firmware.bin # 步骤3: 进入提取目录分析文件系统 cd _router_firmware.bin.extracted ls -l ``` --- #### **5. 常见问题解决** - **提取失败**:手动指定偏移量提取 ```bash dd if=firmware.bin bs=1 skip=112 of=part1 # 从偏移量112提取 binwalk -e part1 ``` - **签名库更新**: ```bash git clone https://github.com/ReFirmLabs/binwalk cd binwalk sudo python setup.py install ``` > 💡 **提示**: > - Windows 支持有限,建议在 Linux 环境使用[^2] > - 复杂文件需结合 `firmware-mod-kit` 等工具 --- ### 相关问题 1. 如何解决 binwalk 提取固件时出现的 "Invalid offset" 错误? 2. 除了 binwalk,还有哪些工具可以用于固件分析? 3. 如何为 binwalk 添加自定义文件签名? 4. 在 CTF 比赛中 binwalk 通常用于解决哪些类型的题目? 参考文档:[官方 GitHub](https://github.com/ReFirmLabs/binwalk) [^3]
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值