Linux_03
A.进程
1.进程定义
进程就是cpu未完成的工作
2.ps命令
a 关于当前环境的所有进程 x | -A 所有进程 f 显示进程从属关系 e 显示进程调用环境工具的详细信息 l 长列表显示进程的详细信息 u 显示进程的用户信息 -a 显示shell前台运行命令的进程,但不包含shell本身 [root@localhost Desktop]# ps a PID TTY TIME CMD 2902 pts/0 00:00:00 ps [root@localhost Desktop]# ps x PID TTY STAT TIME COMMAND 1 ? Ss 0:02 /usr/lib/systemd/systemd --switched-root --system --d 2 ? S 0:00 [kthreadd] 3 ? S 0:00 [ksoftirqd/0] 5 ? S< 0:00 [kworker/0:0H] ... [root@localhost Desktop]# ps -A PID TTY TIME CMD 1 ? 00:00:02 systemd 2 ? 00:00:00 kthreadd 3 ? 00:00:00 ksoftirqd/0 5 ? 00:00:00 kworker/0:0H ... [root@localhost Desktop]# ps f PID TTY STAT TIME COMMAND 2008 pts/0 Ss 0:00 /bin/bash 2951 pts/0 R+ 0:00 \_ ps f 589 tty1 Ss+ 0:13 /usr/bin/Xorg :0 -background none -verbose -auth /run [root@localhost Desktop]# ps e PID TTY STAT TIME COMMAND 589 tty1 Ss+ 0:16 /usr/bin/Xorg :0 -background none -verbose -auth /run 2008 pts/0 Ss 0:00 /bin/bash XDG_VTNR=1 SSH_AGENT_PID=1639 XDG_SESSION_I 2982 pts/0 R+ 0:00 ps e XDG_VTNR=1 XDG_SESSION_ID=1 SSH_AGENT_PID=1639 H [root@localhost Desktop]# ps l F UID PID PPID PRI NI VSZ RSS WCHAN STAT TTY TIME COMMAND 4 0 589 579 20 0 186224 34580 poll_s Ss+ tty1 0:17 /usr/bin/Xo 4 0 2008 2000 20 0 116260 2860 wait Ss pts/0 0:00 /bin/bash 0 0 2999 2008 20 0 121260 984 - R+ pts/0 0:00 ps l [root@localhost Desktop]# ps u USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND root 589 2.0 1.8 186224 34580 tty1 Ss+ 05:57 0:17 /usr/bin/Xorg : root 2008 0.0 0.1 116260 2860 pts/0 Ss 05:57 0:00 /bin/bash root 3010 0.0 0.0 123356 1324 pts/0 R+ 06:11 0:00 ps u [root@localhost Desktop]# ps -a PID TTY TIME CMD 3018 pts/0 00:00:00 ps
3.显示进程的某些信息
%cpu 显示进程cpu负载 %mem 显示进程内存负载 user 进程用户 group 进程组 comm 进程名称 nice 进程优先级 pid 进程id stat 进程状态 [root@localhost Desktop]# ps ax -o %cpu,%mem,user,group,comm,nice,pid,stat %CPU %MEM USER GROUP COMMAND NI PID STAT 0.1 0.3 root root systemd 0 1 Ss 0.0 0.0 root root kthreadd 0 2 S 0.0 0.0 root root ksoftirqd/0 0 3 S 0.0 0.0 root root kworker/0:0H -20 5 S< ...
4.stat中显示的信息
S 进程状态 l 内存中有锁定空间 N 优先级低 < 优先级高 + 前台运行 s 顶级进程
5.按照进程信息排序
+ 正序 - 倒序 %cpu cpu负载排序 %mem 内存负载 ## 取出cpu使用率排名前五的进程的id [root@localhost Desktop]# ps ax -o pid --sort=-%cpu | grep PID -v | head -n 5 1748 589 1 30650 2
5.优先级
a.进程的优先级范围:-20~19
b.优先级查看 ps ax -o pid,nice,comm
c.指定某个优先级开启进程
d.改变进程优先级
nice -n 优先级数字 进程名称 nice -n -5 vim & 开启vim并且指定程序优先级为-5
renice -n 优先级数字 进程pid renice -n -5 1806 改变1806进程的优先级为-5 [root@localhost Desktop]# nice -n -5 firefox & ## 打开浏览器,设置优先级为-5 [2] 31384 ## 浏览器id [1] Done nice firefox [root@localhost Desktop]# (process:31384): GLib-CRITICAL **: g_slice_set_config: assertion `sys_page_size == 0' failed ^C ## 推出vim模式Ctrl+C [root@localhost Desktop]# ps -o nice,comm,pid,stat ## 查看进程信息 NI COMMAND PID STAT 0 bash 30654 Ss -5 firefox 31384 S<l 0 ps 31440 R+ [root@localhost Desktop]# renice -n 5 31384 ## 更改浏览器优先级为5 31384 (process ID) old priority -5, new priority 5 [root@localhost Desktop]# ps -o nice,comm,pid,stat ## 再次查看 NI COMMAND PID STAT 0 bash 30654 Ss 5 firefox 31384 SNl 0 ps 31464 R+
6.环境中进程的前后台调用
jobs 查看被打入环境后台的进程 ctrl+z 把占用终端的进程打入后台 fg jobsnum 把后台进程调回前台 bg jobsnum 把后台暂停的进程运行 comm & 让命令直接在后台运行 [root@localhost Desktop]# gedit ## 打开一个记事本 ^Z ## 按Ctrl+z把进程打入后台 [3]+ Stopped gedit [root@localhost Desktop]# jobs ## 查看被打入后台的信息 [2]- Running nice -n -5 firefox & [3]+ Stopped gedit ## 状态为stopped,此时不能编辑 [root@localhost Desktop]# bg 3 ## 把id为3的进程运行 [3]+ gedit & [root@localhost Desktop]# jobs [2]- Running nice -n -5 firefox & [3]+ Running gedit & ## 状态为running,此时可以编辑 [root@localhost Desktop]# fg 3 ## 将后台的进程调到前台 gedit ^C ## 按ctrl+c退出
7.进程信号
kill -信号 进程pid
1 进程重新加载配置 2 删除进程在内存中的数据 3 删除鼠标在内存中的数据 9 强行结束单个进程(不能被阻塞) 15 正常关闭进程(可能会被阻塞) 18 运行暂停的进程 19 暂停某个进程(不能被阻塞) 20 把进程打入后台(可以被阻塞) man 7 signal 查看信号详细信息 killall -信号 进程名字
pkill -u student -信号
B.用户登陆审计和top命令
1.用户登陆审计
a.远程主机连接虚拟机
[kiosk@foundation78 Desktop]$ ssh root@172.25.254.178 ## 用主机远程登陆虚拟机的root用户 The authenticity of host '172.25.254.178 (172.25.254.178)' can't be established. ECDSA key fingerprint is 65:4d:ac:8a:c9:58:82:b5:0c:91:c4:ef:a5:e6:f6:65. Are you sure you want to continue connecting (yes/no)? yes ## 输入yes Warning: Permanently added '172.25.254.178' (ECDSA) to the list of known hosts. root@172.25.254.178's password: ## 输入root用户密码 Last login: Thu Jan 4 05:57:28 2018 [root@localhost ~]# ## 已经登陆并切换到root用户家目录
b.虚拟机查看
[root@localhost Desktop]# w ## 查看有谁远程登陆此系统 07:06:52 up 1:10, 3 users, load average: 0.07, 0.05, 0.10 USER TTY LOGIN@ IDLE JCPU PCPU WHAT root :0 05:57 ?xdm? 4:37 0.13s gdm-session-worker [pam/gdm-pas root pts/0 06:17 4.00s 0.13s 0.02s w root pts/1 07:03 3:50 0.02s 0.02s -bash ## 此为外来用户 [root@localhost Desktop]# w -f ## 查看用户来源 07:06:56 up 1:10, 3 users, load average: 0.07, 0.05, 0.10 USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT root :0 :0 05:57 ?xdm? 4:37 0.13s gdm-session-wor root pts/0 :0 06:17 0.00s 0.11s 0.00s w -f root pts/1 172.25.254.78 07:03 3:54 0.02s 0.02s -bash ## 是172.25.254.78远程登陆 [root@localhost Desktop]# ps aux | grep pts/1 ## 查看该进程的端口号 root 32238 0.0 0.2 135680 4868 ? Ss 07:02 0:00 sshd: root@pts/1 root 32259 0.0 0.1 116144 2608 pts/1 Ss+ 07:03 0:00 -bash root 32386 0.0 0.0 112640 936 pts/0 R+ 07:07 0:00 grep --color=auto pts/1 [root@localhost Desktop]# kill -9 32259 ## 通过端口号断开连接 此时主机用户会显示:[root@localhost ~]# Connection to 172.25.254.178 closed. [root@localhost Desktop]# last ## 查看有谁远程登陆过 root pts/1 172.25.254.78 Thu Jan 4 07:03 - 07:07 (00:04) ## 这个ip远程登陆过 root pts/0 :0 Thu Jan 4 06:17 still logged in root pts/0 :0 Thu Jan 4 05:57 - 06:17 (00:19) root :0 :0 Thu Jan 4 05:57 still logged in (unknown :0 :0 Thu Jan 4 05:57 - 05:57 (00:00) reboot system boot 3.10.0-123.el7.x Thu Jan 4 05:56 - 07:08 (01:12) (unknown :0 :0 Wed Jan 3 08:08 - crash (21:48) reboot system boot 3.10.0-123.el7.x Wed Jan 3 08:07 - 07:08 (23:01) reboot system boot 3.10.0-123.el7.x Tue Jan 6 22:20 - 22:38 (00:17) wtmp begins Tue Jan 6 22:20:41 2015 [root@localhost Desktop]# lastb ## 查看有谁试图登陆缺登陆失败(登陆密码错误) root ssh:notty 172.25.254.78 Thu Jan 4 07:09 - 07:09 (00:00) btmp begins Thu Jan 4 07:09:52 2018
2.top命令
top 监控系统负载工具 s 修改进程刷新时间间隔 m 根据内存占占有率进行排序 c 根据cpu占有率进行排序 u 后面输入用户名,用来查看该用户发起的所有进程 k 后面跟要作用的进程pid,和发起的信号(eg:9,15,20)用来给某个进程发起一信号 q 退出进程查看界面 h 显示top命令帮助
C.远程发送文件
1.scp
传送速度较慢
## scp 文件名(带路经) 目标用户名@ip:路径 [root@localhost Desktop]# scp file kiosk@172.25.254.78:/home/kiosk/Desktop kiosk@172.25.254.78's password: ## 目标用户密码 file 100% 101 0.1KB/s 00:00
2.rsync
[root@localhost Desktop]# rsync file kiosk@172.25.254.78:/home/kiosk/Desktop kiosk@172.25.254.78's password:
D.归档和压缩
1.归档
[root@localhost Desktop]# tar cf etc.tar /etc/ ## 将/etc/归档到桌面etc.tar [root@localhost Desktop]# tar tf etc.tar ## 查看里面的文件 [root@localhost Desktop]# touch file ## 建一个file文件 [root@localhost Desktop]# tar rf etc.tar file ## 将file归档至etc.tar [root@localhost Desktop]# rm -fr file ## 删除桌面上的file [root@localhost Desktop]# tar xf etc.tar ## 将tar中的文件释放出来 [root@localhost Desktop]# tar -f etc.tar --get file ## 将tar中的file释放出来 [root@localhost Desktop]# tar -f etc.tar --delete file ## 将tar中的file删除 [root@localhost Desktop]# du -sh etc.tar ## 查看etc.tar的大小
2.压缩和解压缩
压缩后的大小越小,压缩速度越慢
## zip的解压缩 [root@localhost Desktop]# unzip etc.tar.zip Archive: etc.tar.zip inflating: etc.tar [root@localhost Desktop]# rm -fr *.zip ## gzip的压缩与解压缩 [root@localhost Desktop]# gzip etc.tar [root@localhost Desktop]# du -sh etc.tar.gz 8.4M etc.tar.gz [root@localhost Desktop]# gunzip etc.tar.gz ## bzip的压缩与解压缩 [root@localhost Desktop]# bzip2 etc.tar [root@localhost Desktop]# du -sh etc.tar.bz2 7.0M etc.tar.bz2 [root@localhost Desktop]# bunzip2 etc.tar.bz2 ## xz的压缩与解压缩 [root@localhost Desktop]# xz etc.tar [root@localhost Desktop]# du -sh etc.tar.xz 5.7M etc.tar.xz [root@localhost Desktop]# unxz etc.tar.xz
3.归档压缩一健完成
## 一键归档压缩 [root@localhost Desktop]# tar zcf etc.tar.gz /etc/ tar: Removing leading `/' from member names [root@localhost Desktop]# du -sh etc.tar.gz 8.4M etc.tar.gz [root@localhost Desktop]# tar jcf etc.tar.bz2 /etc/ tar: Removing leading `/' from member names [root@localhost Desktop]# tar Jcf etc.tar.xz /etc/ tar: Removing leading `/' from member names ## 解压缩 [root@localhost Desktop]# tar jxf etc.tar.bz2 [root@localhost Desktop]# rm -fr etc [root@localhost Desktop]# tar zxf etc.tar.gz [root@localhost Desktop]# tar Jxf etc.tar.xz
E.网关管理
1.查看网关
[root@localhost Desktop]# ifconfig eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 172.25.254.178 netmask 255.255.255.0 broadcast 172.25.254.255 inet6 fe80::5054:ff:fe00:a prefixlen 64 scopeid 0x20<link> ether 52:54:00:00:00:0a txqueuelen 1000 (Ethernet) RX packets 173 bytes 28769 (28.0 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 2461 bytes 133000 (129.8 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10<host> loop txqueuelen 0 (Local Loopback) RX packets 1484 bytes 134722 (131.5 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 1484 bytes 134722 (131.5 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
2.添加网络ip
编辑System eth0
点击保存
[root@localhost Desktop]# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 172.25.254.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
3.文本设置网关
文本内容
[root@localhost Desktop]# cd /etc/sysconfig/network-scripts/ [root@localhost network-scripts]# vim ifcfg-eth0 [root@localhost network-scripts]# systemctl restart network
4.程序设置
[root@localhost network-scripts]# vim /bin/wang.sh ## 编辑(内容见上图) [root@localhost network-scripts]# chmod 777 /bin/wang.sh ## 修改权限可以执行 [root@localhost network-scripts]# wang.sh ## 执行 Please input your device name: eth0 ## 输入eth0 Please input IP address: 172.25.254.178 ## 输入ip Please input DNS address: 114.114.114.114 ## 解析网址 Please inout GATEWAY: 172.25.254.250 eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 172.25.254.178 netmask 255.255.255.0 broadcast 172.25.254.255 inet6 fe80::5054:ff:fe00:a prefixlen 64 scopeid 0x20<link> ether 52:54:00:00:00:0a txqueuelen 1000 (Ethernet) RX packets 272 bytes 45443 (44.3 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 4111 bytes 221216 (216.0 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 172.25.254.250 0.0.0.0 UG 1024 0 0 eth0 172.25.254.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0