Linux reading notes: "Brother Niao's Linux Private Kitchen Basics Learning Chapter (Fourth Edition)"

Brother Niao Linux Private Kitchen (Basic Learning)

Chapter 0, Introduction to Calculator

• The so-called computer is a calculator, and a calculator actually: " accepts user input instructions and data, and processes them through the mathematical and logical units of the central processing unit to generate or store useful information ." Therefore, as long as there is an input device (whether it is a keyboard or a touch screen) and an output device (such as a computer screen or printing directly from a printer) that allow you to enter data and make the machine produce information, it is a calculator.
• Regarding the hardware components of a computer, you can actually analyze it by observing your desktop computer. It can be divided into three parts based on appearance:
  • Input unit: including keyboard, mouse, card reader, scanner, handwriting pad, touch screen, etc.;
  • Host part: This is the system unit, which is protected by the host chassis and contains a bunch of boards, CPU, memory, etc.;
  • Output unit: such as screen, printer, etc.
• The Central Processing Unit (CPU) is a chip with specific functions and contains an instruction set. The CPU can be divided into two main units: the arithmetic logic unit and the control unit . The arithmetic logic unit is mainly responsible for program operations and logical judgment, while the control unit is mainly responsible for coordinating the work between peripheral components and units.
• To sum up, the computer is composed of several units, including the input unit, the output unit, the control unit inside the CPU, the arithmetic logic unit and the memory.
• Currently, the two most common CPU architectures in the world are: reduced instruction set (RISC) and complex instruction set (CISC) systems . Common RISC instruction set CPUs mainly include Oracle's SPARC series, IBM's Power Architecture series, and ARM's ARM CPU series. At present, the most widely used CPU in the world may be the ARM architecture; common CPUs using the CISC instruction set include x86 architecture CPUs such as AMD, Intel, and VIA.
• Assume that the computer is a human body, CPU = brain; memory = the block in the head that stores the data being thought about; hard disk = the memory block in the head that stores memories; motherboard = nervous system; various interface devices = the way the human body communicates with the outside world Hands, feet, skin, eyes, etc.; graphics card = image in the head; host power supply = heart.
• Early chipsets are usually divided into two network bridges to control the communication of each component, namely Northbridge (responsible for connecting faster CPU, memory, graphics card and other components) and Southbridge (responsible for connecting slower device interfaces, including hard drive, USB device, network card, etc.). Since the most important thing about Northbridge is the bridge between CPU and memory, most of the current mainstream architectures integrate Northbridge's memory controller into the CPU.
• In early CPU design, the so-called FSB refers to the speed of data transmission between the CPU and external components. The frequency multiplier is a multiple used internally by the CPU to accelerate work performance. The multiplication of the two is the frequency speed of the CPU.
• The amount of data that the CPU can parse each time is limited, so the amount of data transferred from the memory is limited. This also results in a 32-bit CPU that can only support a maximum of 4GB of memory. Understand as follows: For a 32-bit CPU, the maximum memory space it can support is determined by its addressing capabilities. In a 32-bit system, each address is represented by a 32-bit binary number, so there are a total of 2^32 (approximately 4.29 billion) different addresses. The size of the memory space is calculated by converting these addresses into bytes. Since in computers, memory is usually organized as a sequence of bytes, with each address corresponding to a byte, therefore, the maximum number of bytes that a 32-bit system can address is 2^32 bytes, 2^32 bytes = 4,294,967,296 Bytes ≈ 4GB. 64-bit system: 2^64 bytes = 18,446,744,073,709,551,616 bytes ≈ 18.4 million TB.
• The main memory component of a personal computer is Dynamic Random Access Memory (DRAM). Random read and write memory can only be recorded and used when the power is on. The data disappears after the power is turned off, so we also call this kind of RAM volatile. sexual memory. Static Random Access Memory (SRAM).
• BIOS (Basic Input Output System) is a program. This program is hard-coded into a memory chip on the motherboard. This memory chip can record data even when it is not powered on. This is Read Only Memory (ROM). It is a non-volatile storage.
• The graphics card is also called VGA (Video Graphics Array). A 3D acceleration chip is directly embedded on the graphics card. This is the origin of the so-called GPU. The graphics card mainly communicates with the CPU, memory, etc. through the GPU control chip.
• The graphics card and the computer screen mainly communicate through the following connection interfaces: D-Sub (VGA interface, an earlier connection interface, mainly a 15-pin interface), DVI, HDMI (compared to D-Sub and DVI, which can only transmit image data , HDMI can transmit images and sounds at the same time ) and DisplayPort (can transmit sounds and images at the same time).
• Mechanical hard disk (Hard Disk Driver, HDD) and solid state drive (Solid State Disk or Solid State Driver, SSD). The biggest advantage of a solid-state drive is that it has no motor and does not need to rotate, but can directly read and write through the memory.
• The main function of CMOS is to record important parameters on the motherboard, including system time, CPU voltage and frequency, I/O addresses and IRQs of various devices, etc. Since the recording of these data requires electricity, there is a battery on the motherboard. BIOS is a program written to a certain piece of flash or EEPROM on the motherboard. It can be executed when the computer is turned on to load the parameters in the CMOS and try to call the boot program in the storage device to further enter the operating system.
• The operating system (Operating System, OS) is actually a set of programs. The focus of this set of programs is to manage all activities of the computer and drive all the hardware in the system. In fact, it is the kernel and the interface tools it provides.
• The computer system is mainly composed of hardware, and the kernel program mainly manages the hardware and provides reasonable computer system resource allocation (including CPU resources, memory resources, etc.). Therefore, as long as the hardware is different (such as x86 architecture and RISC architecture CPU), the kernel must Just make changes.

Chapter 1, What is Linux and how to learn it

• 1973: The official birth of Unix. Ritchie and others used C language to write the first official Unix core.
• The Linux kernel was written in 1991 by Finnish Linus Torvalds.
• In 1994, the official version of the Linux kernel, Version 1.0, was completed.
• Unix like == Linux is a Unix-like operating system.
• GNU 是 GNU‘s Not UNIX。

Chapter 2, Host Planning and Disk Partitioning

• There are two common disk interfaces for personal computers: SATA and SAS. The current mainstream one is SATA.

• Device file names /dev/sd[a-p]are named according to the order in which the disks are detected by the Linux kernel, and are not related to the actual slot order. The virtual machine's device name might be /dev/vd[a-p].

• The first sector of the disk mainly records two important information, which are: (1) Master Boot Record MBR (Master Boot Record) : The place where the boot program can be installed, which is 446 bytes. (2) Partition table : records the status of the entire hard disk partition, with 64 bytes. Due to the continuous expansion of disk capacity in recent years, some problems have been caused in reading and writing. Even disk partitions above 2TB have become inaccessible to some operating systems. Therefore, a new disk partition format was later added, called GPT (GUID partition). table).

• /dev/sda1, /dev/sda2, /dev/sda3, /dev/sda4are reserved for primary partitions or extended partitions, and the device name numbers of logical partitions start from 5.

• Characteristics of MBR primary partition, extended partition and logical partition:

  • There can be up to 4 primary partitions and extended partitions (limited by hard disk);
  • There can be only one extended partition at most (operating system limitation);
  • A logical partition is a partition continuously divided by an extended partition;
  • The partitions that can be formatted and used as data access are primary partitions and logical partitions. Extended partitions cannot be formatted;
  • The number of logical partitions varies depending on the operating system. In Linux systems, SATA hard drives can already exceed the limit of more than 63 partitions.

• GPT partitions no longer have the so-called concepts of primary, extended, and logical partitions. Since each set of records can exist independently, of course each can be regarded as a primary partition, and each partition can be formatted and used.

• The difference between traditional BIOS and UEFI (BIOS (Basic Input/Output System, basic input and output system), UEFI (Unified Extensible Firmware Interface, unified extensible firmware interface))

  • Design differences:
    • BIOS: Traditional BIOS is written in hardware-oriented assembly language, and the code is large and complex. It uses partition table (MBR) as the disk partitioning scheme and relies on real-mode x86 processors.
    • UEFI: UEFI is written in C/C++ language and has a modular design. It supports running on various platforms (such as x86, ARM) and introduces a new GPT disk partitioning scheme.
  • Startup speed:
    • BIOS: The BIOS boot process is slower because it requires a complete self-test process and loading of the operating system at each boot.
    • UEFI: The UEFI boot process is faster because it uses pre-initialized drivers and modules to load the operating system directly.
  • Capacity limit:
    • BIOS: Due to historical reasons, BIOS faces limitations in memory addressing and disk capacity. It can only handle a 16-bit address bus and hard drives up to 2TB.
    • UEFI: UEFI supports a 64-bit address bus and larger disk capacities. It can handle drives exceeding 2TB and supports larger memory configurations.
  • user interface:
    • BIOS: The BIOS provides a basic text interface and is usually configured by keyboard operations.
    • UEFI: UEFI provides a more modern graphical user interface (GUI) that allows mouse operation and more visualization options.
  • Extensibility and functionality:
    • BIOS: Traditional BIOS is difficult to expand and update, and its functions are relatively limited.
    • UEFI: UEFI has better scalability and supports plug-in drivers and applications that support external devices (such as mouse, keyboard, etc.).

  Different from traditional BIOS, UEFI is simply like a low-level operating system. Even the management of hardware resources on the motherboard is quite similar to the operating system. You only need to load the driver to control the operation. At the same time, due to proper program control, generally speaking, the boot speed of a host using the UEFI interface is much faster than that of the BIOS! Therefore, many people feel that UEFI seems to be able to develop into a very useful operating system.

• The boot process: BIOS —> MBR —> Boot program —> Kernel file.

• The main functions of the boot program are: providing options, loading the kernel, and transferring control to other boot programs.

• There are two places where the boot program can be installed, namely the MBR and the boot sector.

Chapter 4, first login and online help

• By default, Linux provides six terminals for users to log in, and the switching method is Ctrl+Alt+F1~F6the key combination used.
• The program that is run after logging in in command line mode is called a shell. This is because this program is responsible for communicating with the user from the outside, so it is nicknamed the shell program.
• Please pay special attention to the fact that uppercase and lowercase letters are different in the Linux environment.
• Instructions to display date and time:date
• Instructions to display calendar:cal cal [year] cal [month] [year]
• Simple and easy-to-use calculator: bc, by default it only outputs integers. If you want to output the number of decimal places, you must execute scale=numberthe command, which numberis the number of decimal points. quitExit bc.
• Data is written to the disk synchronously: sync, input directly in the command line mode sync, then the data that has not been updated in the memory will be written to the hard disk. Therefore, it is best to execute this command several times after the system is shut down or restarted. sync; sync; sync; reboot
• There are seven Linux operating levels from 0 to 6, where 0 is shutdown, 6 is restart, etc. init 0 init 6 systemctl rebootRestart systemctl poweroffShutdown.
• In the terminal environment, you can determine whether the normal user or the root user is based on the prompts $and #.
• Ctrl+dThe end of keyboard input (End Of File, EOF or End Of Input) can be used to replace the exit input.

Chapter 5, Linux file permissions and directory configuration

• Linux generally divides the identities that can read and write files into three categories: owner, group, and others. Each of the three identities has read, write, Execute (execute) and other permissions.

• chgrp— change group Modify the group to which the file belongs; chgrp users test.log chgrp -R dirname/filename ...modify the group recursively

• chown— change owner Modify the file owner;chown [-R] 所有者:用户组 文件或目录 chown [-R] 所有者 文件或目录

• chmodModify file permissions, characteristics of SUID, SGID, SBIT, etc. There are two ways to modify permissions: numbers or symbols.

  • Numeric type changes file permissions

    There are nine basic permissions for Linux files, namely owner/group/others. Each of the three identities has its own read/write/execute permissions.r:4 w:2 x:1 chmod 777 test

  • Symbol type changes file permissions

    chmod u=rwx,g=rx,o=r filename
    chmod a+w .bashrc
    chmod a-x .bashrc
    

• By default, all accounts and general identity users on the system, as well as root-related information, are recorded in the /etc/passwd file. As for personal passwords, they are recorded in the /etc/shadow file. In addition, all group names in Linux are recorded in /etc/group! These three files can be said to be the centralized place for account, password, and group information in the Linux system.

• The meaning of permissions on files:

  • r (read): can read the actual content of this file, such as reading the text content of a text file, etc.;
  • w (write): You can edit, add or modify the content of the file ( but not delete the file );
  • x (execute): The file has permission to be executed by the system.

• The meaning of permissions for directories:

  • r (read contents in directory) indicates the permission to read the directory structure list, that is ls;
  • w (modify contents of directory) indicates the authority to modify the directory structure list, that is, to create new files and directories touch add.txt mkdir new_dir, delete existing files and directories (regardless of the permissions of the file) rm rmdir, and modify existing files or directories. Rename cp mvand move files and directory locations in the directory;
  • x (access directory) indicates whether the user can enter the directory cd. Whether the content of a certain file can be read is also related to the permissions of the directory where the file is located (the directory must have at least xpermissions).

• File system
  

  • / (root, root directory): related to starting the system;
  • /usr ( unix software resource ): related to software installation/execution; the directory where UNIX operating system software resources are placed, not the user's data.
  • /var (variable): related to the system operation process.
    
    
    
    
    

• Whether a Linux file can be executed is related to the ten attributes in its first column and has nothing to do with the file name.drwxrwxrwx

Chapter 6, Linux file and directory management

• cp

  -i ：若目标文件已经存在时，在覆盖时会询问操作的进行
  -p ：连同文件的属性（权限、用户、时间）一起复制过去，而非使用默认属性（备份常用）
  

• View file content

  • cat displays the file contents starting from the first line; cat -n test.logdisplays the line number

  • tac is displayed starting from the last line. It can be seen that tac is cat written backwards;

  • When nl is displayed, the line number is also output;

  • od reads the file contents in binary format;

  • more

    空格键: Represents turning down one page

    Enter: Scroll down one line

    /字符串: Search down for keywords

    :f: Display the file name and the number of lines currently displayed

    q: leave more

    b 或 ctrl-b: Turn pages back, only works for files, not for pipes.

  • less

    空格键: Represents turning down one page

    [pagedown]: Scroll down one page

    [pageup]: Scroll up one page

    /字符串: Search down for keywords

    ?字符串: Search for keywords upwards

    n: Repeat the previous search (related to / or ?)

    N: Repeat the previous search in reverse (related to / or ?)

    g: Go to the first row of this data

    G: Go to the last row of this data

    q:Leave less

  • tail （head）

    -n: Followed by a number, it means how many lines are displayed.

    -f: Indicates that the content of the next connected file will be continuously refreshed and displayed.

• umask specifies the default permissions of the current user when creating files or directories. There are two ways to view it. One is to directly enter umask, and you can see the numerical permission setting value; the other is to add -Sthe (Symbolic) option, and the permissions will be displayed in a symbolic type.

  # umask
  0022  # 第一个数字是特殊权限用的
  # umask -S
  u=rwx, g=rx, o=rx
  ---
  # 假设 umask 为 003，请问该 umask 情况下，建立的文件与目录权限是什么？（注意：直接使用文件默认权限减去 umask 默认权限是不对的）
  文件：（-rw-rw-rw-）-（--------wx）= -rw-rw-r--
  目录：（drwxrwxrwx）-（d-------wx）= drwxrwxr--
  

  • In terms of the properties of default permissions, directories and files are different. x permissions are very important for directories, but general files are usually used for data recording and do not require execution permissions. therefore:

    If the user is created as a file, there is no executable xpermission by default, that is rw, only the maximum permission is 666;

    If the user is created as a directory, since it xis related to whether the directory can be entered, all permissions are open by default, that is, 777.

  • It should be noted that the number of umask refers to the permissions that need to be subtracted from the default value.

• File hidden attributes

  • The chattr configuration file hides attributes, and the command can only take full effect on the Linux traditional file systems of ext2, ext3, and ext4.

    + ：增加某一个特殊参数，其他原本存在参数则不动
    - ：删除某一个特殊参数，其他原本存在参数则不动
    = ：直接设置参数，且仅有后面接的参数
    a ：当设置a之后，这个文件将只能增加数据，而不能删除也不能修改数据，只有root才能设置这属性
    i ：很厉害的参数，它可以让一个文件【不能被删除、改名、设置链接也无法写入或新增数据】。对于系统安全性有相当大的助益，只有root能设置此属性
    

    For log files like logfile, +athis parameter that can be added but cannot modify or delete old data is even more needed.

  • lsattr displays file hidden attributes

• When searching for a file, generally use whereis or locate to check first. If it really cannot be found, use find to search. Before executing locate, you can execute updatedb to update the searched database. The parameters -l 5can control the number of output rows.

Chapter 7, Linux Disk and File System Management

• There are two main formats of disk partition tables, one is the MBR partition table with more restrictions, and the other is the newer and less restrictive GPT partition table. In the MBR partition table, the first sector is the most important, which contains: Master boot record (Master boot record, MBR) and partition table (partition table), of which the MBR occupies 446B and the partition table occupies 64B.

• The operation of combining the file system with the directory tree is called mounting;

• The mount point must be a directory, which is the entrance to the file system.

• df: Lists the overall disk usage of the file system; df -hdisplays itself in GBytes, MBytes, KBytes, etc. formats that people trade to read;

  Since the main data read by df is almost for the entire file system, the read range is mainly the information in the super block, so this command displays the results very quickly.

• du: Check the disk usage of the file system (commonly used to check the disk space occupied by the directory);du -sm du -h --max-depth=1 /opt

  -a ：列出所有的文件与目录容量，因为默认仅统计目录下面的文件量；
  -h ：以人们较易读的容量格式（G/M）显示；
  -s ：仅列出总量，而不列出每个各别的目录占用容量；
  -k ：以 KBytes 列出容量显示；
  -m ：以 MBytes 列出容量显示；
  

• lsblk (list block device) lists all disks on the system.

• fdiskfdisk -l

• fsck checks the file system and attempts to fix errors

• File system mount:

  • A single file system should not be repeatedly mounted on different mount points (directories);
  • A single directory should not mount multiple file systems repeatedly;
  • The directory to be used as the mount point should theoretically be an empty directory, otherwise the things in the original directory will disappear temporarily.

  mount -a # 依照配置文件 /etc/fstab 的数据将所有未挂载的磁盘都挂载上来
  mount -l # 单纯的输入mount会显示目前的挂载信息，加上 -l 可增列 Label 名称
  mount -o # 后面可以接一些挂载时额外加上的参数，比如账号、密码、读取权限、重新挂载等
  mount -o remount,rw,auto / # 将 / 重新挂载，并加入参数为 rw 与 auto
  mount --bind /var /data/var # 将/var这个目录暂时挂载到 /data/var 目录下
  
  # umount [-fn] 设备文件名或挂载点
  -f ：强制卸载
  -l ：立刻卸载文件系统，比 -f 还强
  -n ：不更新 /etc/mtab 情况下卸载
  

Chapter 8, Compression of Files and File Systems

• Common compressed file extensions

  *.Z   # compress 程序压缩的文件
  *.zip # zip 程序压缩的文件
  *.gz  # gzip 程序压缩的文件
  *.bz2 # bzip2
  *.xz  # xz
  *.tar # tar 程序打包的文件，并没有压缩过
  *.tar.gz # tar 程序打包的文件，并且经过 gzip 压缩
  *.tar.bz2 # tar 程序打包的文件，并且经过 bzip2 压缩
  *.tar.xz  # tar 程序打包的文件，并且经过 xz 压缩 
  

• Common compression commands under Linux are gzip, bzip2 and the latest xz. As for compress, it is no longer popular. bzip2 and xz have better compression ratios . But these commands usually only compress and decompress a file.

• When gzip is compressed, by default the original file will be compressed into a file with a .gz suffix, and the source file will no longer exist.

• tar can package many files into one file, and even directories can be used in this way. The simple tar function is only for packaging and does not provide compression function. Later, the entire tar and compression function were combined.

• cat/more/less can use different methods to read plain text files, and zcat/zmore/zless can read compressed files after compressing plain text files.

• tar zcvf ztvf zxvf jcvf jtvf jxvf

  -c ：建立打包文件，可搭配 -v 来查看过程中被打包的文件名；
  -t ：查看打包文件的内容含有哪些文件名，重点在查看【文件名】；
  -x ：解包或解压缩的功能；
  -z ：通过 gzip 的支持进行压缩/解压缩；此时文件名最好为 *.tar.gz；
  -j ：通过 bzip2 的支持进行压缩/解压缩；此时文件名最好为 *.tar.bz2；
  -J ：通过 xz 的支持进行压缩/解压缩；此时文件名最好为 *.tar.xz，特别留意，-z、-j、-J 不可以同时出现在一串命令行中；
  -v ：在压缩/解压缩的过程中，将正在处理的文件名显示出来；
  -f 文件名 ：后面要立刻接要被处理的文件名；
  -C 目录 ：解压缩到特定目录；
  --exclude=FILE ：在压缩的过程中，不要将 FILE 打包；
  

• How to unpack only a single filetar -jxv -f 打包文件.tar.bz2 待解开文件名

• Pack a directory, but not include some files in the directory (do not compress files starting with /root/etc* and the compressed package itself) tar -jcv -f /root/system.tar.gz2 --exclude=/root/etc* --exclude=/root/system.tar.bz2 /etc /rootor tar -jcv -f /root/system.tar.gz2 --exclude /root/etc* --exclude /root/system.tar.bz2 /etc /root, note that the files to be packaged need to be written at the end.

Chapter 9, vim program editor

• Basically vi is divided into 3 modes, namely general command mode, editing mode and command line mode.
  
  
  
  
  
  

Chapter 10, Understanding and Learning BASH

• We must communicate the commands we enter with the Kernel through "Shell" so that the Kernel can control the hardware to work correctly!

• As long as it can operate the interface of the application program, it can be called a shell program. In a narrow sense, shell programs refer to command-line software, including bash, which will be introduced in this chapter. In a broad sense, shell programs include graphical interface software! Because the graphical interface can actually operate various applications to call core work!

• Variable setting rules:

  • Variables and variable contents are connected with an equal sign "=";
  • Spaces cannot be directly placed on both sides of the equal sign;
  • Variable names can only be English letters and numbers, but the first character cannot be a number;
  • If there are spaces in the variable content, you can use double quotes """ or single quotes "'" to combine the variable contents, but
    • Special characters such as $ within double quotes can retain their original characteristics;
    • Special characters within single quotes are only general characters (plain text);
  • Escape characters can be used to convert \special symbols (such as Enter, $, \, spaces, ', etc.) into general characters;
  • When executing a series of commands and you need information provided by other additional commands, you can use backticks [`] or $ (命令). version=$(uname -r);
  • If the variable needs to be executed in other subroutines, you need to use export to turn the variable into an environment variable;
  • Usually uppercase characters are system default variables, and lowercase characters can be used to set variables yourself;
  • The way to cancel a variable is to use unset;

• During the command execution process, the command within the anti-single quotes will be executed first, and the result of its execution will be used as an external input signal. [ls -ld locate crontab]ls -ld $(locate crontab)

• historyhistorical command!number

• wildcard
  

• /dev/nullTrash can black hole device and special writing method.

• Standard input (stdin): code is 0, use < or <<;
  standard output (stdout): code is 1, use > or >>;
  standard error output (stderr): code is 2, use 2> or 2>> ;

• Judgment basis for command execution;、&&、||

  • Execute multiple commands at oncecmd;cmd;cmd sync; sync; shutdown -h now
  • There is a dependency between the two commands. The execution result of the previous command is related to whether the latter command is executed;
    

• Pipe command pipe|

  • The pipe command will only process standard output and ignore standard error;
  • The pipeline command must be able to receive data from the previous command as standard input to continue processing.

• Select commandcut grep

  • cutYou can cut out a certain section of a piece of information, and the information processed is in units of lines.

    cut -d '分隔字符' -f fields
    -d：后接分隔字符，与-f一起使用
    -f：根据-d的分隔字符将一段信息划分成为数段，用-f取出第几段的意思
    
    ll | cut -d ' ' -f 1,3 # 1、3段
    ll | cut -d ' ' -f 1-3 # 1到3段
    

  • grep analyzes a line of information, and if it matches the required information, take out the line

    -c # 打印匹配的文本行的行数
    **-v # 不包括，反向查找
    -i # 忽略字母大小写**
    -n # 列出所有匹配的文本行，并显示行号
    **-w # 匹配整个单词**
    **-E # 表示过滤 多个参数
    -a # 可将二进制视为文本文件搜寻，相当于--binary-files=text这个参数。**
    
    **# grep -A  -B -C(大写)    后面都跟阿拉伯数字 
    -A # 是显示匹配后和它后面的n行。after 
    -B # 是显示匹配行和它前面的n行。 before
    -C # 是匹配行和它前后各n行。 context**
    
    cat test.txt | grep -A1 ‘hello’ # 输出 hello 匹配行，以及之后一行 after 1
    cat test.txt | grep -B1 ‘hello’ # 输出 hello 匹配行，以及之前一行 before 1
    cat test.txt | grep -1 ‘hello’ # 输出hello 匹配行，以及之前、之后各一行内容
    

• sort commandsort wc uniq

  • sort

    -f ：忽略大小写的差异，例如 A 与 a 视为编码相同；
    -b ：忽略最前面的空格符部分；
    -M ：以月份的名字来排序，例如 JAN, DEC 等等的排序方法；
    -n ：使用『纯数字』进行排序(默认是以文字型态来排序的)； -r ：反向排序；
    -u ：就是 uniq ，相同的数据中，仅出现一行代表；
    -t ：分隔符，预设是用 [tab] 键来分隔；
    -k ：以那个区间 (field) 来进行排序的意思
    
    last | cut -d ' ' -f1 | sort
    cat /etc/passwd | sort -t ':' -k 3
    

  • uniq When we complete the sorting, we want to list the duplicate data in only one display

    -i：忽略大小写字符的不同
    -c：进行计数
    
    last | cut -d ' ' -f1 | sort | uniq
    

    Note: uniq counts the information of adjacent rows, so it needs to be sorted before counting.

  • wc counts the number of words, lines, etc.

    -l：仅列出行数
    -w：仅列出列数
    -m：字符数
    
    ll | wc -l
    

• Bidirectional redirection teedistributes data streams to files and screens simultaneously.

• Character conversion commandtr col join paste expand

  • tr is used to delete text in a message or replace text information.

    cat /etc/passwd | tr -d ':' # 删除冒号
    

  • col can convert tabs into equivalent space keys.cat -A test.txt | col -x

  • expand Converts the [tab] key to the space bar.-t 4/8

• The divide command splitdivides large files into small files based on file size or number of lines.

  -b：后接欲划分成的文件大小，可加单位，例如b, k m等
  -l：以行数划分
  
  split -b 300k /etc/services services # 300k一个文件，文件名services开头
  

• Parameter substitution xargsLiterally speaking, x is the multiplication sign for addition, subtraction, multiplication and division, and args means arguments (parameters), which means the parameters that generate a certain instruction! xargs can read the data of stdin and
  separate the data of stdin into arguments by using space or line break characters as a distinction. Because they are separated by spaces, xargs may misjudge if some document names or other nouns contain spaces.find /usr/sbin -perm 700 | xargs ls -l

• -use. In pipeline commands, the stdout of the previous instruction is often used as the stdin this time. When some instructions need to use the file name (such as tar) for processing, the stdin and stdout can be replaced by the minus sign "-" .

  tar -cvf - /home | tar -xvf - -C /tmp/homebackPack the files in /home for him, but the packaged data is not recorded to the file, but sent to stdout; after passing through the pipeline, tar -cvf - /home is sent to the subsequent tar -xvf -. The latter - is to get the stdout of the previous instruction, so we don't need to use filename.

Chapter 11, Regular Expressions and File Formatting

• Simply put, regular representation is a method for processing strings. It processes strings in behavioral units. With the help of some special symbols, regular representation allows users to easily achieve "search/delete/ Replace the handler for a specific string!grep 'screen' catkin_ws/src/* -r

• The string representation of regular expressions is divided into basic regular expressions and extended regular expressions according to different levels of rigor.

  # 例题一、搜寻特定字符串
  grep -n 'the' regular_express.txt  # 搜索特定字符串
  grep -in 'the' regular_express.txt  # 忽略大小写搜索特定字符串
  # 例题二、利用中括号 [] 来搜寻集合字符
  grep -n 't[ae]st' regular_express.txt  # 搜寻 test 或 tast 这两个单字时
  # 例题三、行首与行尾字符 ^ $
  grep -n '^the' regular_express.txt # 查询the在行首
  # 例题四、任意一个字符 . 与重复字符 *
  **. (小数点)：代表『一定有一个任意字符』的意思；
  * (星星号)：代表『重复前一个字符， 0 到无穷多次』的意思，为组合形态
  .* ： 代表零个或多个任意字符**
  # 例题五、限定连续 RE 字符范围 {}
  使用到限定范围的字符 {
        
        }，找出两个到五个 o 的连续字符串，因为 {
        
         与 } 的符号在 shell 是有	特殊意义的，因此， 我们必须要使用跳脱字符 \ 来让他失去特殊意义才行。
  grep -n 'o\{2\}' regular_express.txt
  

• ^[]Symbols are different inside and outside character set symbols (brackets ). Within []represents reverse selection, and []outside represents the meaning of positioning at the beginning of the line.

• Find blank lines^$

• Note: The special characters of regular expressions are not the same as the wildcard characters used to enter commands on the command line. For example, the * in the wildcard character represents [0 ~ infinite characters], but in the regular expression, * It means [repeat the previous character from 0 to infinite].

• sed tool. sed itself is also a pipeline command, which can replace, delete, add data, retrieve specific lines, etc.

  
  选项与参数： 
  -n ：使用安静(silent)模式。在一般 sed 的用法中，所有来自 STDIN 的数据一般都会被列出到屏幕上。
  但如果加上 -n 参数后，则只有经过 sed 特殊处理的那一行(或者动作)才会被列出来。 
  -e ：直接在指令列模式上进行 sed 的动作编辑；
  -f ：直接将 sed 的动作写在一个文件内， -f filename 则可以执行 filename 内的 sed 动作；
  -r ：sed 的动作支持的是延伸型正规表示法的语法。(预设是基础正规表示法语法) 
  -i ：直接修改读取的文件内容，而不是由屏幕输出。
  
  function 有底下这些咚咚：
  a ：新增， a 的后面可以接字符串，而这些字符串会在新的一行出现(目前的下一行)
  c ：取代， c 的后面可以接字符串，这些字符串可以取代 n1,n2 之间的行！
  d ：删除，因为是删除啊，所以 d 后面通常不接任何咚咚；
  i ：插入， i 的后面可以接字符串，而这些字符串会在新的一行出现(目前的上一行)；
  p ：打印，亦即将某个选择的数据印出。**通常 p 会与参数 sed -n 一起运作**
  s ：取代，可以直接进行取代的工作哩！通常这个 s 的动作可以搭配正规表示法！
  

  • Line-based add/delete function

    范例一：将 /etc/passwd 的内容列出并且打印行号，同时，请将第 2~5 行删除！
    [dmtsai@study ~]$ nl /etc/passwd | sed '2,5d'
    范例二：承上题，在第二行后(亦即是加在第三行)加上『drink tea?』字样！
    [dmtsai@study ~]$ nl /etc/passwd | sed '2a drink tea'
    范例三：在第二行后面加入两行字，例如『Drink tea or .....』与『drink beer?』
    [dmtsai@study ~]$ nl /etc/passwd | sed '2a Drink tea or ......\
    > drink beer ?'
    范例四：我想将第 2-5 行的内容取代成为『No 2-5 number』呢？
    [dmtsai@study ~]$ nl /etc/passwd | sed '2,5c No 2-5 number'
    范例五：仅列出 /etc/passwd 文件内的第 5-7 行
    [dmtsai@study ~]$ nl /etc/passwd | sed -n '5,7p'   # -n 代表的是『安静模式』
    
    步骤三：将 IP 前面的部分予以删除
    [dmtsai@study ~]$ /sbin/ifconfig eth0 | grep 'inet ' | sed 's/^.*inet //g'
    步骤四：将 IP 后面的部分予以删除
    [dmtsai@study ~]$ /sbin/ifconfig eth0 | grep 'inet ' | sed 's/^.*inet //g' \
    > | sed 's/ *netmask.*$//g'
    

  • sed directly modifies the content of the file, sed -idirectly modifies the original file, without adding -iscreen printing, and does not modify the original file.

    sed -i '$a hello world' h.cpp # 文件末尾添加 hello world
    sed -i '$d' h.cpp # 删除文件末尾一行
    sed -i 's/$/;/g' h.cpp # 每行末尾添加分号；
    sed -i 's/;$//g' h.cpp # 替换文件末尾的分号为空，即删除分号
    

• Extended regular expression egrep
  
  

• awk: A useful data processing tool. Compared with sed, which often processes an entire line, awk prefers to divide a line into several "fields" for processing. Therefore, awk is quite suitable for handling small data processing.

  • Awk mainly processes "data in the fields of each row", and the default "field separator is "space bar" or "[tab] key""

    awk '条件类型 1{动作 1} 条件类型 2{动作 2} ...' filename
    
    # 在 awk 的括号内，每一行的每个字段都是有变量名称的，那就是 $1, $2... 等变量名称。
    last -n 5 | awk '{print $1 "\t" $7}' # 打印第一列 第七列
    

  • awk is followed by two single quotes and braces {} to set the processing action you want to perform on the data.

  • The entire awk processing flow is:

    • 1. Read the first line and fill the data in the first line into variables such as $0, $1, $2...;
    • 2. Based on the restrictions of "condition type", determine whether subsequent "actions" are required;
    • 3. Complete all actions and condition types;
    • 4. If there are subsequent "rows" of data, repeat steps 1 to 3 above until all the data has been read.

  • Awk is "a unit of processing at a time, rows", and "fields are the smallest processing unit"
    

    # 以冒号为分隔符 FS，打印passwd文件中第三栏小于10 $3<10的数据，
    # 必须添加 BEGIN，否则文件处理从第二行开始。
    cat /etc/passwd | awk 'BEGIN {FS=":"} $3 < 10 {print $1 "\t " $3}'
    # 打印第一行 第一栏和第三栏
    cat t | awk 'NR==1 {print $1 "\t" $3}' 
    

    

    What is worth noting is the "==" symbol.

• diff is used to compare the differences between two files, and the comparison is done in line units. cmp mainly uses byte units for comparison.

Chapter 12. Learning Shell Scripting

• Shell script is a "program" written using the functions of the shell. This program uses a plain text file to write some shell syntax and instructions (including external instructions) in it, and uses regular notation, pipeline commands and Data flow redirection and other functions to achieve the processing purpose we want. To put it simply, shell script is like a batch file (.bat) in the early DOS era. The simplest function is to compile many instructions together, allowing users to easily handle complex tasks with one touch . Action (execute a file "shell script" to execute multiple instructions at once).

• Differences in script execution methods (source, sh script, ./script)

  • Use direct execution to execute the script. The script will use a new bash environment to execute the commands in the script, that is, the script is executed in the bash of the child process. When the child process is completed, various variables or operations in the child process will end and will not be transferred back to the parent process.
  • Use source to execute the script: execute in the parent process .

• Use the test command to test the function
  
  

• Use the judgment symbol [ ]

  • When using square brackets as shell judgment expressions in bash syntax, you must pay attention to the fact that both ends of the square brackets need to be separated by spaces.
  • Each component within square brackets [] needs to be separated by a space bar;
  • Variables within square brackets are best enclosed in double quotes;
  • Constants within square brackets are best enclosed in single or double quotes.[ "${name}" == "VBird" ]

• Default variables for shell scripts ($0, $1…)

  ./test.sh opt1 opt2 opt3 opt4
  $0：表示执行的脚本文件 `test.sh`
  $1：脚本接的第一个参数 `opt1`
  $2：第二个参数 `opt2`
  
  **$#：代表后接的参数『个数』，以上表为例这里显示为『4』
  $@：代表『 "$1" "$2" "$3" "$4" 』之意，每个变量是独立的（用双引号括起来）**
  $*：代表『 "$1c$2c$3c$4" 』，其中 c 为分隔字符，默认为空格键， 所以本例中代表『 "$1 $2 $3 $4" 』之意。
  

• Conditional judgmentif ... then

  if [ 条件判断式 ]; then
      条件成立 --> 执行内容
  fi # 结束 if
  
  # && 代表 AND
  # || 代表 or
  
  if [ "${yn}" == "Y" ] || [ "${yn}" == "y" ]; then
      echo "Ok, continue"
      exit 0
  elif [ "${yn}" == "N" ] || [ "${yn}" == "n" ]; then
      echo "Oh, interrupt!"
  else
      echo "I don't know what your choice is"
  fi
  

• function function

  function fname () {
        
        
      程序段
  }
  

• cycle

  • while do doneindefinite cycle

    while [ condition ]
    do
        程序段落
    done
    

  • for… do…donecanned cycle

    for var in con1 con2 con3...
    do
        程序段
    done
    
    # C/C++ 风格
    for (( 初始值; 限制值; 赋值运算 ))
    do
        程序段
    done
    

• Tracing and debugging shell scripts

  sh [-nvx] scripts.sh
  -n：不要执行脚本，仅查询语法问题
  -v：在执行脚本前，先将脚本文件的内容输出到屏幕上
  -x：将使用到的脚本内容显示到屏幕上
  

• Shell scripts are a good tool for system management, but they are not user-friendly when used to handle large amounts of numerical operations. Because the shell script is slower and uses more CPU resources, it will cause poor allocation of host resources.

Chapter 13, Linux account management and ACL permission settings

• Each logged-in user will obtain at least two IDs, one is the user ID (UID) and the other is the user group ID (GID);

• User/user group information queryid username

• /etc/passwdFile structure. Each row represents an account, and the number of rows represents how many accounts are in your system. However, special attention should be paid to the fact that many of the accounts there are originally necessary for the normal operation of the system. We can refer to them as system accounts for short. Each line is :separated by , and there are seven things in total:robot:x:1000:1000::/home/robot:/bin/bash 账号、密码、UID、GID、全名、家目录、shell

  • Account Name
  • Password, the actual password data is placed /etc/shadowin , only one can be seen here x.
  • UID. 0 means this account is a system administrator; 1-999 means it is a system account; 1000-60000 is for general users;
  • GID
  • The user information description column is of no use.
  • home directory
  • shell

• /etc/shadowIn the file structure, shadow is also used :as the delimiter, and there are nine fields in total:robot:$6$batX7luE$NTDTst4Y3M/EgpvVhIBDZFOC29epKHEdT3.NCvYhn1NRoUdu90UMqD9vD4zoSWN2usRh21vM6EXkr5VuyXU/u.:19422:0:99999:7:::

  • Account Name
  • password. The data in this field is the real password, and it is an encoded password. The default permissions of the file are -rw-------or ----------, that is, only root can read and write.
  • The date the password was last changed.
  • The number of days that the password cannot be changed
  • The number of days before the password needs to be changed again. You must reset your password within this number of days, otherwise the password for this account will become expired. If it is like 99999 above (calculated as 273 years), it means that the password change is not mandatory.
  • The number of warning days before the password needs to be changed.
  • Account grace time after password expiration
  • Account expiration date
  • reserve

• Add useruseradd lyz

  -u # 后面接的是 UID，是一组数字，直接指定一个特定的 UID 给这个账号
  -g # 后面接的是上面提到的初始用户组，该用户组的 GID 会被放到 /etc/passwd 的第四格栏位内
  -M # 强制，不要奖励使用者家目录。（系统账号默认值）
  -m # 强制，要建立使用者家目录（一般账号默认值）
  -d # 指定某个目录成为家目录，而不要使用默认值，务必使用绝对路经
  

• set passwordpasswd lyz

• Add user vbird2 to the users group, uid is 1500useradd -u 1500 -g users vbird2

• Delete user userdel. Generally speaking, if the account is only temporarily inactive, then setting the account expiration date (eighth field) in /etc/shadow to 0 will make the account unusable, but all data related to the account will be retained. Come down. The time to use userdel is usually when you are really sure not to allow this user to use any data on the host.

• The home directory is also deleted userdel [-r] username.

• usermodModify user data

  -d # 后面接账号的家目录，即修改 /etc/passwd 第六栏 usermod -d /home/new_name old_name
  -g # 后面接初始用户组，修改 /etc/passwd 第四个栏位，即 GID 栏位 usermod -g 1000 user
  -l # 接账号名称，即修改账号名称 usermod -l old_name new_name
  -u # 接 UID 数字 usermod -u 1002 user
  
  usermod -g mojiao zwj
  

• chshAbbreviation for change shell. -sSet up and modify your own shell. chsh -s /bin/zsh; cat /etc/shellsView the shells available on the system.

• There are two ways for general users to switch to root:

  • You can directly su -change the identity to root, but this command requires the root password ;
  • Execute root commands through the sudo command. Since sudo needs to be set up properly in advance, and sudo needs to enter the user's own password, when multiple people co-manage the same host, sudo is better than su, at least the root password will not be leaked.

• suIdentity switching command.

  • To completely switch to the new user's environment, you must use su - usernameor su -l usernameto convert variables such as PATH, USER, and MAIL to the new user's environment.
  • If you only want to execute the root command once, you can use su - -c 命令the method to handle it.
  • When you use root to switch to any user, you do not need to enter the new user's password.

• sudo

  • When a user executes sudo, the system /etc/sudoerssearches the file to see whether the user has the permission to execute sudo;
  • If the user has the permission to execute sudo, the user is asked to enter his or her own password to confirm;
  • If the password is entered successfully, the subsequent commands after sudo will be started (but when root executes sudo, there is no need to enter a password);
  • If the identity to be switched is the same as the executor's identity, there is no need to enter a password.

• Query userw who last lastlog

Chapter 15, Planning tasks (crontab)

• Two ways to schedule tasks:at cron

  • Routine means things that need to be done at certain intervals. crontabThe task set by this command will be executed cyclically, and the cyclic time can be minutes, hours, weekly, monthly or yearly, etc. In addition to using commands to execute crontab, you can also edit /etc/crontab to support it. The service that makes crontab effective is crond.
  • Sudden pain is the kind that disappears after this time. atIt is a command that can be executed only once and then terminated. However, to execute at, you must have the support of the atd service. In some new versions of Linux distributions, atd may not be started by default.systemctl start atd

• logrotate

• Because of security issues, not everyone can perform at scheduled tasks. We can use the two files /etc/at.allow and /etc/at.deny to implement restrictions on the use of at:

  • First look for the file /etc/at.allow. Users written in this file can use at. Users who are not in this file cannot use at (even if it is not written in at.deny);
  • If /etc/at.allow does not exist, search for the file /etc/at.deny. Users written in this at.deny cannot use at;
  • If neither file exists, only root can use the at command.

• at. The most important thing about executing the at command is to specify the time. You can use now +the method to implement how long to execute the command. at now + 5 minutes. In fact, when we use at, we will enter an at shell environment to allow users to execute task commands. At this time it is best to use absolute paths to execute commands.

  -l # at -l 相当于 atq，列出目前系统所有该使用者的at计划
  -d # at -d 相当于 atrm，可以取消一个在at计划中的任务
  
  

• crontab /etc/cron.hourly /etc/cron.daily /etc/cron.monthly /etc/cron.weekly /etc/crontab

  -e # 编辑crontab的任务内容
  -l # 查看crontab的任务内容
  -r # 删除所有的crontab的任务内容，若仅要删除一项，请用 -e 编辑
  

  • The format is * * * * * 执行的任务 分、时、日、月、周、命令six columns, /etc/crontabseven columns, and more executors.

    10 * * * * /root/sh/apache_check.shExecuted at the 10th minute of every hour
    
    */10 * * * * /root/sh/apache_check.shExecuted every 10 minutes
    
    

• anacronIt is a program, not a service. It can help us execute planned tasks that have not been executed when the time is up, such as crontab tasks that were not executed by the system during shutdown./etc/anacrontab

  • anacron is not used to replace crontab. The purpose of anacron's existence is to handle crontabs executed by Linux systems that are not running 24 hours a day, as well as tasks that have not been executed due to some reasons that have exceeded the time limit. In fact, anacron is also executed by crond once every hour, and then monitors whether related planned tasks are executed.

Chapter 16, A preliminary study on process management and SELinux

• Process: After the program is triggered, the executor's permissions and attributes, the program's code and required data, etc. will be loaded into the memory. The operating system gives an identifier (PID) to the unit in the memory. It can be said that , a process is a running program.

• Since we assume that we only have one terminal, the environment where prompt characters can appear for you to operate is called the foreground, and other tasks can be put into the background to pause or run.

• Keywords and keywords related to task management: &, ctrl+z, jobs, fg, bg, kill %netc.;

  • Directly throw the command to the background for [execution] &. The biggest advantage of this is: you are not afraid of being ctrl+cinterrupted.
  • Throw the [current] task to the background [pause]:ctrl+z
  • View the current status of background tasks: jobs. jobs -lAmong them, + represents the task number that was recently placed in the background, - represents the second task number that was recently placed in the background, and there will be no + or - symbols for tasks after the third one.
  • Bring background tasks to the foreground for processing: fg. fg %jobnumberOr fg jobnumberbring a job to the front desk.
  • Change the status of the task in the background to running: bg.
  • Tasks in the management background: kill. kill -9 %jobnumberOr kill -9 PIDforcefully delete a task immediately.

• The [background] mentioned in task management refers to ctrl+ca situation in the terminal that can be avoided in terminal mode. It can be said that this is the background of bash, not the background of the system. In this case, if you connect to your Linux host remotely and &put the task in the background, if you close the terminal before the task is completed, the program will not continue to execute. Based on this problem, you can use nohupthe command to handle it. This command can allow the task to continue executing after going offline or logging off the system. nohup [命令与参数]Task in the terminal foreground. nohup [命令与参数] &Tasks in the background of the terminal.nohup ./sleep500.sh &

• View progress

  • psDisplays the running status of system processes at an instant. Commonly used ps auxand ps -ef. The ef method does not show as much as aux. (aux is the BSD operating system format, a - foreground process x - background process u - user; ef is the Linux operating system format, e - displays all processes f - full format display)

    # ps aux # 查看系统中所有进程
    	1、USER 该进程属于的用户
    	2、PID 该进程的进程号 
    	3、CPU 该进程使用掉的CPU资源百分比 
    	4、MEM 该进程所占用的物理内存百分比 
    	5、VSZ 该进程使用掉的虚拟内存量（单位为Kbytes）
    	6、RSS 该进程占用的固定的内存量（单位为Kbytes）
    	7、TTY: 进程是在哪个终端机上面运作的，若与终端机无关，则显示“?”，另外，tty1-tty6是本机上面的登入者进程，若为pts/0等，则表示为由网络连接进主机的进程 
    	**8、STAT 进程当前的状态
    	   ("S":中断 sleeping，进程处在睡眠状态，表明这些进程在等待某些事件发生--可能是用户输入或者系统资源的可用性;
    	    "D":不可中断 uninterruptible sleep; "R":运行 runnable; "T":停止 traced or stopped; "Z":僵死 a defunct zombie process)** 
    	9、START 该进程被触发启动的时间
    	10、TIME 该进程实际使用CPU运作的时间 
    	11、COMMAND 该进程的实际命令
    
    # ps -ef
    	1、UID 用户号 
    	2、PID 进程ID 
    	3、PPID 父进程号 
    	4、C CPU占用率 
    	5、TTY 终端的次要装置号码 (minor device number of tty) 
    	6、TIME 进程执行起到现在总的CPU暂用时间 
    	7、COMMAND 启动这个进程的命令
    

    

  • topDynamically view process changes

    **-d：秒数，指定top命令每隔几秒更新**
    -b：使用批处理模式输出。一般和"-n"选项合用 `top -b -n 2` 将top信息执行2次
    -n次数：指定top命令执行的次数，一般和"-b"选项合用
    **-i：使top不显示任何闲置或者僵死的进程。**
    -p：通过指定监控进程ID来仅仅监控某个进程的状态
    

    Key commands that can be used during the execution of the top command:

    ?或h：显示在top当中可以输入的按键命令，即帮助
    **P：以CPU使用率进行排序
    M：以内存使用率进行排序**
    N：以PID排序
    T：由该进程使用的 CPU 时间累积（TIME+）排序
    q：退出top
    

  • pstreeView process treeps -Aup

    -A  各进程树之间的连接以 ASCII 字符来连接
    -U  各进程树之间的连接以 Unicode 的字符来连接，在某些终端界面下又可能会有错误。
    -p  显示进程的PID
    -u  显示进程的所属用户
    

• freeView memory usage free -mDisplay memory usage in MB

• unameView system and kernel related information

  **-a # 显示操作系统全部信息**
  -m # 显示系统硬件架构 CPU类型，是32位还是64位系统
  -n # 显示操作系统主机名
  -s # 显示操作系统类型
  **-r # 显示操作系统内核版本**
  

• uptimeView system startup time and task load

• netstatTrace network or socket files

  -a # 列出所有网络状态，包括监听端口、已建立连接和等待关闭的连接。 all
  -c 秒数 # 指定每隔几秒刷新一次网络状态 continuous
  -n # 使用IP地址和端口显示，不使用域名与服务名 numeric
  -p # 显示PID和程序名 programs
  -t # 显示使用tcp协议端口连接的状态 tcp 
  -u # 显示使用udp协议端口连接的状态 udp
  -l # 仅显示监听状态的连接  listening
  -r # 显示路由表 route
  -s # 显示网络接口的统计信息 statistice
  
  -an # 按照一定顺序排列输出
  
  netstat -anp  |  more # 查看本机所有的网络连接
  netstat -tunlp # 查看端口占用
  netstat -rn # 查看本机路由表
  
  tunl 和 an 选项的最大区别：tunl 只能查看监听 LISTEN，而 an 可以查看监听和正在连接 ESTABLISHED 的状态.
  

• dmesgAnalyze the information generated by the kernel (query USB or serial port number dmesg | grep ttyUSB)dmesg ｜ grep -i vda

• The so-called processes are all in the memory, and the data in the memory are written to /proc/*this directory. You can directly view /procthe files in cat /proc/uptime cat /proc/version cat /proc/meminfo cat /proc/cpuinfoto view the relevant information of the CPU, including frequency, type, etc.;

• lsof displays files opened by a process. The full name of lsof is list open files, which is to list the files that have been opened in the system.
  

  lsof /var/log/messages # 显示使用文件的进程
  lsof -c rsyslog # 显示指定进程所打开的文件
  lsof -p 1277 # 显示指定进程号所打开的文件
  lsof -i # 查看所有进程
  **lsof -i :9001 # 查看端口9001信息
  lsof -i tcp:<port> # 显示所有使用指定 TCP 端口号的进程列表
  lsof -i udp:<port> # 显示所有使用指定 UDP 端口号的进程列表**
  

Chapter 17, Understanding system services (daemon)

• A process that resides in memory and can provide some system or network functions is a service. The relationship between daemon and service: Simply put, the system must provide some services for certain functions. This service is called service. But the provision of service always requires the running of a program, which is called a daemon. For example: The program that completes the periodic scheduled task service (service) is the crond daemon. In fact, the two can be considered the same thing, because completing a service requires a daemon to run in the background.

• Early service management: All service startup scripts are placed in the /etc/init.d/ directory. They are basically script programs written using bash shell. Start, shut down, restart, and view status commands./etc/init.d/daemon start/stop/restart/status

• The running level of the service is divided into 7 levels, with commonly used levels 1, 3, and 5.

  0 -- 系统停机状态，系统默认运行级别不能设为0，否则不能正常启动
  **1 -- 但用户工作状态，root权限，用于系统维护，禁止远程登陆**
  2 -- 多用户状态（没有 NFS），不支持网络
  **3 -- 完全的多用户状态（有 NFS），登陆后进入控制台命令行模式**
  4 -- 系统未使用，保留
  **5 -- X11控制台，登陆后进入图形GUI模式**
  6 -- 系统正常关闭并重启，默认运行级别不能设为6，否则不能正常启动
  

• Modern service management: systemctl. systemd's mechanism for starting services is mainly accomplished through a command called systemctl.

  systemctl start/stop/restart/reload/status aaa.service
  
  systemctl enable/disable aaa.service # 设置服务开机自启/不自启
  systemctl is-enable aaa.service # 查看服务是否开机自启
  
  systemctl list-unit-files  # 查看系统上所有服务 --all， --type=service
  systemctl list-dependencies aaa.service # 查看各服务之间的依赖关系 --reverse 查看被依赖
  

Chapter 18, Understanding and Analyzing Log Files

• Log file permissions are usually set so that only root can read them. Commonly used log file names:

  /var/log/boot.log # 开机启动的时候系统内核会去检测与启动硬件
  /var/log/cron
  /var/log/dmesg
  /var/log/lastlog
  /var/log/secure
  /var/log/httpd/*
  

• There are basically two ways to generate log files: one is that the software developer defines the written log files and related formats; the other is unified management by the log file management service provided by the Linux distribution. As long as you throw information to this service, it will automatically place various information into relevant log files in categories.

• logrotate(Log file rotation) Use crontab to perform the log file rotation function, automatically change the name of the old file, and then create an empty log file./etc/logrotate.d/

  # 实现日志一天一轮循 或者 超出20M进行轮循，log保留7天
  sudo vi /etc/logrotate.d/mylog
  
  /var/log/mylog.log {
        
        
      daily
      rotate 7
      missingok
      notifempty
      size 20M
      compress
      delaycompress
      create 0644 root root
  }
  daily: 给定日志应以多长时间间隔进行旋转。这里指定为每天。
  rotate: 日志文件历史保留的数量。这里指定保留七天。
  missingok: 如果日志文件丢失不要给出错误消息并继续处理下一个文件。
  notifempty: 如果日志文件为空则不进行轮换。
  size: 指定日志文件大小，超出后会轮换。
  compress: 轮询后压缩日志文件。
  delaycompress: 延迟压缩，将轮换的日志文件延迟一次再压缩。
  create: 设置新文件的权限和所有者。
  

Chapter 19, Startup Process, Module Management and Loader

• System startup process:
  • Load the BIOS hardware information and perform self-test, and obtain the first bootable device according to the settings;
  • Read and execute the boot boot program of the MBR in the first boot device;
  • Load the Kernel according to the settings of the startup boot program, and the Kernel will start to detect the hardware and load the driver;
  • After the hardware driver is successful, Kernel will actively call the systemd program and start it with the default.target process;
    • systemd executes sysinit.target to initialize the system and basic.target to prepare the operating system;
    • systemd starts the local and server services under multi-user.target;
    • systemd executes the /etc/rc.d/rc.local file under multi-user.target;
    • systemd executes getty.target and login service under multi-user.target;
    • systemd executes the services required by graphical.

Chapter 20, Basic System Settings and Backup Strategies

nmcli general status # 显示NetworkManager的状态。
**nmcli device status # 显示所有设备状态**
nmcli connection # nmcli con show # nmcli con # 查看所有的网络连接 connection
**nmcli connection show --active # 显示所有活动连接**
nmcli connection show eth0
nmcli connection up/down eth0 # 启用/停用指定网络连接
nmcli connection delete eth0 # 删除一个网卡连接
nmcli connection reload
nmcli connection add type ethernet ifname eth0 # 添加一个以太网连接。
nmcli connection modify eth0 ipv4.addresses 192.168.0.58 # 给eth0添加一个IP（IPADDR）

**nmcli device wifi list  # nmcli d w l # 搜索可用 wifi 网络**
# 首次连接Wifi
**nmcli device wifi connect  SSID  password PASSWORD # nmcli dev wifi connect  SSID  password PASSWORD**
nmcli device disconnect # 断开wifi
**nmcli connect del SSID** # 删除连接
nmcli c del UUID # 删除连接

nmcli device set wlan0 managed no

# 修改配置文件执行生效
systemctl restart network
systemctl status NetworkManager # 查看状态

# 创建网桥
nmcli connection add type bridge con-name br0 ifname br0 autoconnect yes
#查卡br0的状态
nmcli device status
 
DEVICE             TYPE           STATE           CONNECTION     
br0               bridge   连接中（正在获取 IP 配置）    br0
# 将我们本地的有线网卡enp8s0连接到br0
nmcli connection add type bridge-slave ifname enp8s0  master br0
# 启动br0
nmcli connection up br0

2、nmcli device
设备，是网络设备的接口，可理解为实际存在的网卡（包括物理网卡和虚拟网卡）。可以简写为nmcli d

在NM里，有2个维度：连接（connection）和设备（device），这是多对一的关系。想给某个网卡配ip，首先NM要能纳管这个网卡。设备里存在的网卡（即 nmcli d可以看到的），就是NM纳管的。接着，可以为一个设备配置多个连接（即 nmcli c可以看到的），每个连接可以理解为一个ifcfg配置文件。同一时刻，一个设备只能有一个连接活跃。可以通过 nmcli c up切换连接。

3、connection有2种状态：
▷ 活跃（带颜色字体）：表示当前该connection生效
▷ 非活跃（正常字体）：表示当前该connection不生效

4、device有4种常见状态：
▷ connected：已被NM纳管，并且当前有活跃的connection
▷ disconnected：已被NM纳管，但是当前没有活跃的connection
▷ unmanaged：未被NM纳管
▷ unavailable：不可用，NM无法纳管，通常出现于网卡link为down的时候（比如ip link set ethX down）

Chapter 21, Software Installation: Source Code and Tarball

• Function libraries are divided into two categories according to the type they are used: static and dynamic function libraries.

  • Features of static function library:
    • The extension is usuallylibxxx.a
    • Compilation operation. This type of function library will be directly integrated into the executable program during compilation, so the file compiled using a static function library will be larger .
    • Independent execution status. The successfully compiled executable file can be run independently without requiring external requests to read the contents of the function library.
    • Leveling difficulty. Because the function library is directly integrated into the executable file, if the function library is upgraded, the entire executable file must be recompiled to integrate the new version of the function library into the program. In other words, in terms of upgrade, as long as the function library is upgraded, all programs using this function library need to be recompiled.
  • Features of dynamic function library:
    • The extension is usuallylibxxx.so
    • Compilation operation. The compilation operations of dynamic function libraries and static function libraries are quite different. Unlike the static function library that is fully integrated into the program, the dynamic function library only has one [Pointer] position in the program during compilation. In other words, the contents of the dynamic function library are not integrated into the executable file, but when the executable file needs to use the functions of the function library, the program will read the function library and use it. Since the executable file only has a pointer to the location of the dynamic function library and does not contain the contents of the function library, its file will be smaller.
    • Independent operation status. Cannot run independently.
    • Leveling difficulty. It has a pointing function, so when the function library is upgraded, the executable file does not need to be recompiled at all.

• lddDynamic function library analysis of the program.

  -v: 列出所有内容信息
  -d: 重新将数据有遗失的链接点显示出来
  -r: 将ELF有关的错误内容显示出来
  
  # ldd /usr/bin/passwd
  

• There are currently a variety of algorithms that can calculate the check value of a file, including the more extensive MD5, SHA-1, and SHA-256 encryption algorithms.md5sum /usr/bin/passwd

Chapter 22, Software Installation RPM, SRPM and YUM

• RPMThe full name is RedHat Package Manager, which is a software management mechanism that uses a database record to install the software you need into your Linux system. ***.rpm. The biggest problem with RPM is the dependency between software.
• SRPMIt means Source RPM, that is, this RPM file contains source code. The software content provided by SRPM [has not been compiled] and provides source code. extension ***.src.rpm. The biggest advantage of SRPM is that it allows users to modify the setting parameters to match the user's own Linux environment.

Chapter 24, Linux kernel compilation and management

• The kernel is just a file on the system, which contains detection programs and driver modules that drive various hardware of the host. Kernel files are usually named /boot/vmlinuz-xxx. Where to place kernel modules /lib/modules/$(uname -r)/kernel/.
• "Kernel" is the bottom layer of the entire operating system. It is responsible for driving the entire hardware and providing core functions required by various systems, including firewall mechanisms, whether to support file systems such as LVM or Quota, and so on.
• DNS Domain Name System domain name system. The role of the DNS service: resolve domain names into IP addresses.
• Gateway role: Generally speaking, it is a physical device with routing function, which can be a router or a device built by a server that can implement routing function;
  within the LAN: data exchange is performed through a switch. The switch is a low-level device that does not recognize IP but only recognizes mac and data link layer devices;
  between networks or different network segments: data exchange is performed through routers (gateways). External network to internal network, internal network to external network;
  the gateway implements the network hierarchy, and there is a gateway after the gateway;
  the internal network cannot directly access the internal network;
  the functions of the gateway:
  1) The gateway accesses all internal network computers that are not in this network segment When using data packets, as long as the data is not exchanged within the LAN, it must go through the gateway, that is, the gateway separates the internal network and the external network.
  2) Convert the internal IP to the public IP, and the public IP to the internal IP.
• Telnet IP: (clear text transmission, very unsafe, now basically replaced by ssh) Port detection is the same as windows.