【Linux学习笔记】Linux_03_进程,用户审计,远程传文件,归档,网关

本文介绍 Linux 下的进程管理操作,包括进程的基本概念、ps 命令的使用、进程调度与优先级调整等;同时涵盖远程文件传输、归档与压缩技巧以及网络配置方法。

摘要生成于 C知道 ,由 DeepSeek-R1 满血版支持, 前往体验 >

Linux_03

A.进程

1.进程定义

进程就是cpu未完成的工作

2.ps命令

a关于当前环境的所有进程
x | -A所有进程
f显示进程从属关系
e显示进程调用环境工具的详细信息
l长列表显示进程的详细信息
u显示进程的用户信息
-a显示shell前台运行命令的进程,但不包含shell本身
[root@localhost Desktop]# ps a  
 PID TTY          TIME CMD
2902 pts/0    00:00:00 ps
[root@localhost Desktop]# ps x
  PID TTY      STAT   TIME COMMAND
    1 ?        Ss     0:02 /usr/lib/systemd/systemd --switched-root --system --d
    2 ?        S      0:00 [kthreadd]
    3 ?        S      0:00 [ksoftirqd/0]
    5 ?        S<     0:00 [kworker/0:0H]
...
[root@localhost Desktop]# ps -A
  PID TTY          TIME CMD
    1 ?        00:00:02 systemd
    2 ?        00:00:00 kthreadd
    3 ?        00:00:00 ksoftirqd/0
    5 ?        00:00:00 kworker/0:0H
...
[root@localhost Desktop]# ps f
  PID TTY      STAT   TIME COMMAND
 2008 pts/0    Ss     0:00 /bin/bash
 2951 pts/0    R+     0:00  \_ ps f
  589 tty1     Ss+    0:13 /usr/bin/Xorg :0 -background none -verbose -auth /run
[root@localhost Desktop]# ps e
  PID TTY      STAT   TIME COMMAND
  589 tty1     Ss+    0:16 /usr/bin/Xorg :0 -background none -verbose -auth /run
 2008 pts/0    Ss     0:00 /bin/bash XDG_VTNR=1 SSH_AGENT_PID=1639 XDG_SESSION_I
 2982 pts/0    R+     0:00 ps e XDG_VTNR=1 XDG_SESSION_ID=1 SSH_AGENT_PID=1639 H
[root@localhost Desktop]# ps l
F   UID   PID  PPID PRI  NI    VSZ   RSS WCHAN  STAT TTY        TIME COMMAND
4     0   589   579  20   0 186224 34580 poll_s Ss+  tty1       0:17 /usr/bin/Xo
4     0  2008  2000  20   0 116260  2860 wait   Ss   pts/0      0:00 /bin/bash
0     0  2999  2008  20   0 121260   984 -      R+   pts/0      0:00 ps l
[root@localhost Desktop]# ps u
USER       PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
root       589  2.0  1.8 186224 34580 tty1     Ss+  05:57   0:17 /usr/bin/Xorg :
root      2008  0.0  0.1 116260  2860 pts/0    Ss   05:57   0:00 /bin/bash
root      3010  0.0  0.0 123356  1324 pts/0    R+   06:11   0:00 ps u
[root@localhost Desktop]# ps -a
  PID TTY          TIME CMD
 3018 pts/0    00:00:00 ps

3.显示进程的某些信息

%cpu显示进程cpu负载
%mem显示进程内存负载
user进程用户
group进程组
comm进程名称
nice进程优先级
pid进程id
stat进程状态
[root@localhost Desktop]# ps ax -o %cpu,%mem,user,group,comm,nice,pid,stat
%CPU %MEM USER     GROUP    COMMAND          NI   PID STAT
 0.1  0.3 root     root     systemd           0     1 Ss
 0.0  0.0 root     root     kthreadd          0     2 S
 0.0  0.0 root     root     ksoftirqd/0       0     3 S
 0.0  0.0 root     root     kworker/0:0H    -20     5 S<
...

4.stat中显示的信息

S进程状态
l内存中有锁定空间
N优先级低
<优先级高
+前台运行
s顶级进程

5.按照进程信息排序

+正序
-倒序
%cpucpu负载排序
%mem内存负载
## 取出cpu使用率排名前五的进程的id
[root@localhost Desktop]# ps ax -o pid --sort=-%cpu | grep PID -v | head -n 5
 1748
  589
    1
30650
    2

5.优先级

a.进程的优先级范围:-20~19

b.优先级查看 ps ax -o pid,nice,comm

c.指定某个优先级开启进程

nice-n优先级数字进程名称
nice-n-5 vim &开启vim并且指定程序优先级为-5
d.改变进程优先级

renice-n优先级数字进程pid
renice-n-5 1806改变1806进程的优先级为-5
[root@localhost Desktop]# nice -n -5 firefox &	## 打开浏览器,设置优先级为-5
[2] 31384	## 浏览器id
[1]   Done                    nice firefox
[root@localhost Desktop]# 
(process:31384): GLib-CRITICAL **: g_slice_set_config: assertion `sys_page_size == 0' failed
^C		## 推出vim模式Ctrl+C
[root@localhost Desktop]# ps -o nice,comm,pid,stat	## 查看进程信息
 NI COMMAND           PID STAT
  0 bash            30654 Ss
 -5 firefox         31384 S<l
  0 ps              31440 R+
[root@localhost Desktop]# renice -n 5 31384	## 更改浏览器优先级为5
31384 (process ID) old priority -5, new priority 5
[root@localhost Desktop]# ps -o nice,comm,pid,stat	## 再次查看
 NI COMMAND           PID STAT
  0 bash            30654 Ss
  5 firefox         31384 SNl
  0 ps              31464 R+

6.环境中进程的前后台调用

jobs查看被打入环境后台的进程
ctrl+z把占用终端的进程打入后台
fg jobsnum把后台进程调回前台
bg jobsnum把后台暂停的进程运行
comm &让命令直接在后台运行
[root@localhost Desktop]# gedit		## 打开一个记事本
^Z					## 按Ctrl+z把进程打入后台
[3]+  Stopped                 gedit
[root@localhost Desktop]# jobs		## 查看被打入后台的信息
[2]-  Running                 nice -n -5 firefox &
[3]+  Stopped                 gedit	## 状态为stopped,此时不能编辑
[root@localhost Desktop]# bg 3		## 把id为3的进程运行
[3]+ gedit &
[root@localhost Desktop]# jobs
[2]-  Running                 nice -n -5 firefox &
[3]+  Running                 gedit &	## 状态为running,此时可以编辑
[root@localhost Desktop]# fg 3		## 将后台的进程调到前台
gedit
^C					## 按ctrl+c退出

7.进程信号

1进程重新加载配置
2删除进程在内存中的数据
3删除鼠标在内存中的数据
9强行结束单个进程(不能被阻塞)
15正常关闭进程(可能会被阻塞)
18运行暂停的进程
19暂停某个进程(不能被阻塞)
20把进程打入后台(可以被阻塞)
man 7 signal查看信号详细信息
kill -信号 进程pid

killall -信号 进程名字

pkill -u student -信号

B.用户登陆审计和top命令

1.用户登陆审计

a.远程主机连接虚拟机

[kiosk@foundation78 Desktop]$ ssh root@172.25.254.178	## 用主机远程登陆虚拟机的root用户
The authenticity of host '172.25.254.178 (172.25.254.178)' can't be established.
ECDSA key fingerprint is 65:4d:ac:8a:c9:58:82:b5:0c:91:c4:ef:a5:e6:f6:65.
Are you sure you want to continue connecting (yes/no)? yes	## 输入yes
Warning: Permanently added '172.25.254.178' (ECDSA) to the list of known hosts.
root@172.25.254.178's password: 	## 输入root用户密码
Last login: Thu Jan  4 05:57:28 2018
[root@localhost ~]# 	## 已经登陆并切换到root用户家目录

b.虚拟机查看

[root@localhost Desktop]# w	## 查看有谁远程登陆此系统
 07:06:52 up  1:10,  3 users,  load average: 0.07, 0.05, 0.10
USER     TTY        LOGIN@   IDLE   JCPU   PCPU WHAT
root     :0        05:57   ?xdm?   4:37   0.13s gdm-session-worker [pam/gdm-pas
root     pts/0     06:17    4.00s  0.13s  0.02s w
root     pts/1     07:03    3:50   0.02s  0.02s -bash	## 此为外来用户
[root@localhost Desktop]# w -f	## 查看用户来源
 07:06:56 up  1:10,  3 users,  load average: 0.07, 0.05, 0.10
USER     TTY      FROM             LOGIN@   IDLE   JCPU   PCPU WHAT
root     :0       :0               05:57   ?xdm?   4:37   0.13s gdm-session-wor
root     pts/0    :0               06:17    0.00s  0.11s  0.00s w -f
root     pts/1    172.25.254.78    07:03    3:54   0.02s  0.02s -bash	## 是172.25.254.78远程登陆
[root@localhost Desktop]# ps aux | grep pts/1	## 查看该进程的端口号
root     32238  0.0  0.2 135680  4868 ?        Ss   07:02   0:00 sshd: root@pts/1
root     32259  0.0  0.1 116144  2608 pts/1    Ss+  07:03   0:00 -bash
root     32386  0.0  0.0 112640   936 pts/0    R+   07:07   0:00 grep --color=auto pts/1
[root@localhost Desktop]# kill -9 32259		## 通过端口号断开连接
此时主机用户会显示:[root@localhost ~]# Connection to 172.25.254.178 closed.
[root@localhost Desktop]# last	## 查看有谁远程登陆过
root     pts/1        172.25.254.78    Thu Jan  4 07:03 - 07:07  (00:04)	## 这个ip远程登陆过    
root     pts/0        :0               Thu Jan  4 06:17   still logged in   
root     pts/0        :0               Thu Jan  4 05:57 - 06:17  (00:19)    
root     :0           :0               Thu Jan  4 05:57   still logged in   
(unknown :0           :0               Thu Jan  4 05:57 - 05:57  (00:00)    
reboot   system boot  3.10.0-123.el7.x Thu Jan  4 05:56 - 07:08  (01:12)    
(unknown :0           :0               Wed Jan  3 08:08 - crash  (21:48)    
reboot   system boot  3.10.0-123.el7.x Wed Jan  3 08:07 - 07:08  (23:01)    
reboot   system boot  3.10.0-123.el7.x Tue Jan  6 22:20 - 22:38  (00:17)    

wtmp begins Tue Jan  6 22:20:41 2015
[root@localhost Desktop]# lastb		## 查看有谁试图登陆缺登陆失败(登陆密码错误)
root     ssh:notty    172.25.254.78    Thu Jan  4 07:09 - 07:09  (00:00)    

btmp begins Thu Jan  4 07:09:52 2018

2.top命令

top监控系统负载工具
s修改进程刷新时间间隔
m根据内存占占有率进行排序
c根据cpu占有率进行排序
u后面输入用户名,用来查看该用户发起的所有进程
k后面跟要作用的进程pid,和发起的信号(eg:9,15,20)用来给某个进程发起一信号
q退出进程查看界面
h显示top命令帮助

C.远程发送文件

1.scp

传送速度较慢

## scp 文件名(带路经) 目标用户名@ip:路径
[root@localhost Desktop]# scp file kiosk@172.25.254.78:/home/kiosk/Desktop
kiosk@172.25.254.78's password: 	## 目标用户密码
file                                          100%  101     0.1KB/s   00:00 

2.rsync

[root@localhost Desktop]# rsync file kiosk@172.25.254.78:/home/kiosk/Desktop
kiosk@172.25.254.78's password:

D.归档和压缩

1.归档

[root@localhost Desktop]# tar cf etc.tar /etc/	## 将/etc/归档到桌面etc.tar
[root@localhost Desktop]# tar tf etc.tar	## 查看里面的文件	
[root@localhost Desktop]# touch file		## 建一个file文件
[root@localhost Desktop]# tar rf etc.tar file	## 将file归档至etc.tar
[root@localhost Desktop]# rm -fr file		## 删除桌面上的file
[root@localhost Desktop]# tar xf etc.tar	## 将tar中的文件释放出来
[root@localhost Desktop]# tar -f etc.tar --get file	## 将tar中的file释放出来
[root@localhost Desktop]# tar -f etc.tar --delete file	## 将tar中的file删除
[root@localhost Desktop]# du -sh etc.tar	## 查看etc.tar的大小

2.压缩和解压缩

压缩后的大小越小,压缩速度越慢

## zip的解压缩
[root@localhost Desktop]# unzip etc.tar.zip
Archive:  etc.tar.zip
  inflating: etc.tar                 
[root@localhost Desktop]# rm -fr *.zip

## gzip的压缩与解压缩
[root@localhost Desktop]# gzip etc.tar
[root@localhost Desktop]# du -sh etc.tar.gz
8.4M	etc.tar.gz
[root@localhost Desktop]# gunzip etc.tar.gz

## bzip的压缩与解压缩
[root@localhost Desktop]# bzip2 etc.tar
[root@localhost Desktop]# du -sh etc.tar.bz2
7.0M	etc.tar.bz2
[root@localhost Desktop]# bunzip2 etc.tar.bz2

## xz的压缩与解压缩
[root@localhost Desktop]# xz etc.tar
[root@localhost Desktop]# du -sh etc.tar.xz
5.7M	etc.tar.xz
[root@localhost Desktop]# unxz etc.tar.xz

3.归档压缩一健完成

## 一键归档压缩
[root@localhost Desktop]# tar zcf etc.tar.gz /etc/
tar: Removing leading `/' from member names
[root@localhost Desktop]# du -sh etc.tar.gz
8.4M	etc.tar.gz
[root@localhost Desktop]# tar jcf etc.tar.bz2 /etc/
tar: Removing leading `/' from member names
[root@localhost Desktop]# tar Jcf etc.tar.xz /etc/
tar: Removing leading `/' from member names
## 解压缩
[root@localhost Desktop]# tar jxf etc.tar.bz2
[root@localhost Desktop]# rm -fr etc
[root@localhost Desktop]# tar zxf etc.tar.gz
[root@localhost Desktop]# tar Jxf etc.tar.xz

E.网关管理

1.查看网关

[root@localhost Desktop]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.25.254.178  netmask 255.255.255.0  broadcast 172.25.254.255
        inet6 fe80::5054:ff:fe00:a  prefixlen 64  scopeid 0x20<link>
        ether 52:54:00:00:00:0a  txqueuelen 1000  (Ethernet)
        RX packets 173  bytes 28769 (28.0 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 2461  bytes 133000 (129.8 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 0  (Local Loopback)
        RX packets 1484  bytes 134722 (131.5 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 1484  bytes 134722 (131.5 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

2.添加网络ip

编辑System eth0

点击保存

[root@localhost Desktop]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
172.25.254.0    0.0.0.0         255.255.255.0   U     0      0        0 eth0

3.文本设置网关

文本内容


[root@localhost Desktop]# cd /etc/sysconfig/network-scripts/
[root@localhost network-scripts]# vim ifcfg-eth0
[root@localhost network-scripts]# systemctl restart network

4.程序设置

[root@localhost network-scripts]# vim /bin/wang.sh	## 编辑(内容见上图)
[root@localhost network-scripts]# chmod 777 /bin/wang.sh	## 修改权限可以执行
[root@localhost network-scripts]# wang.sh		## 执行
Please input  your device name: eth0			## 输入eth0
Please input IP address: 172.25.254.178			## 输入ip
Please input DNS address: 114.114.114.114		## 解析网址
Please inout GATEWAY: 172.25.254.250			
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.25.254.178  netmask 255.255.255.0  broadcast 172.25.254.255
        inet6 fe80::5054:ff:fe00:a  prefixlen 64  scopeid 0x20<link>
        ether 52:54:00:00:00:0a  txqueuelen 1000  (Ethernet)
        RX packets 272  bytes 45443 (44.3 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 4111  bytes 221216 (216.0 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         172.25.254.250  0.0.0.0         UG    1024   0        0 eth0
172.25.254.0    0.0.0.0         255.255.255.0   U     0      0        0 eth0

评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值