User login audit record:
w Check which current users are using the system
w -f -f to see where to use
w -i show ip
last View user login success history
lastb View the history of unsuccessful user logins
7.top command
top monitor system load tool
s : modify the process refresh interval
m : sort by memory usage
c : sort by cpu occupancy
l : View each cpu information separately
u : Enter the user name later to view all processes initiated by the user
k : followed by the pid of the process to be used, and the signal initiated (eg: 9, 15, 20) for
send a signal to a process
q : Exit the process view interface
h : display help for the top command
The following two figures only show the help of modifying the process refresh interval and displaying the top command. Other commands are very intuitive. We can directly observe the results when doing exercises.
System initialization procedure:
1.systemd
System initialization program, the first process started by the system, pid is 1
2. systemctl command
systemctl list-units lists the status of current system services
systemctl list-unit-files lists the boot status of services
systemctl status sshd View the status of the specified service
systemctl stop sshd shuts down the specified service
systemctl start sshd start the specified service
systemctl restart sshd restarts the service
systemctl enable sshd Set the specified service to start at boot
systemctl disable sshd Set the specified service to power on and off
systemctl reload sshd causes the specified service to reload the configuration
systemctl list-dependencies sshd View dependencies of specified services
systemctl mask sshd freezes the specified service
systemctl unmask sshd enable service
systemctl set-default multi-user.target boot does not open graphics
systemctl set-default graphical.target boot graphics
setterm text interface set color
vga=ask
3. Service Status
systemctl status service name
The loaded system service has been initialized and the configuration has been loaded
active (running) One or more programs are executing in the system,
vsftpd is this mode
atcive (exited) a service that is normal after only one execution
atcive (waiting) is being executed
inactive service is closed
The enbaled service is started at boot
disabled service does not start automatically
static service startup items cannot be managed
failed System configuration error
这些服务状态在上图我们操作systemctl命令时可以观察到。