This is an old revision of the document!
# mkdir -p /srv/ssh/chroot # mkdir -p /etc/ssh/authorized_keys /srv/ssh/chroot # groupadd sftponly # useradd -G www-data -g sftponly -s /usr/sbin/nologin -d /srv/ssh -N USERNAME # find /var/www/static -type d -print0 | xargs -0 chmod g+xwr # find /var/www/static -type f -print0 | xargs -0 chmod g+wr # chmod 775 /var/www/static /srv/ssh/chroot # mount -o bind /var/www/static /srv/ssh/chroot
Subsystem sftp internal-sftp -u 0002 AuthorizedKeysFile /etc/ssh/authorized_keys/%u %h/.ssh/authorized_keys .ssh/authorized_keys Match Group sftponly ChrootDirectory %h ForceCommand internal-sftp -u 0002 AllowTcpForwarding no X11Forwarding no PasswordAuthentication no
LABEL=cloudimg-rootfs / ext4 defaults,discard 0 0 /var/www/static /srv/ssh/chroot none bind 0 0
atrpms-repo-6-7.el6.x86_64 https://www.mirrorservice.org/sites/dl.atrpms.net/el$releasever-$basearch/atrpms/stable
[atrpms] name=Red Hat Enterprise Linux $releasever - $basearch - ATrpms failovermethod=priority #baseurl=http://dl.atrpms.net/el$releasever-$basearch/atrpms/stable baseurl=https://www.mirrorservice.org/sites/dl.atrpms.net/el$releasever-$basearch/atrpms/stable enabled=0 gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-atrpms [atrpms-debuginfo] name=Red Hat Enterprise Linux $releasever - $basearch - ATrpms - Debug failovermethod=priority baseurl=https://www.mirrorservice.org/sites/dl.atrpms.net/debug/el$releasever-$basearch/atrpms/stable enabled=0 gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-atrpms [atrpms-source] name=Red Hat Enterprise Linux $releasever - $basearch - ATrpms - Source failovermethod=priority baseurl=https://www.mirrorservice.org/sites/dl.atrpms.net/src/el$releasever-$basearch/atrpms/stable enabled=0 gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-atrpms
#!/usr/bin/env bash
yum --enablerepo=atrpms ffmpeg-devel
SRC_DIR=/opt/src/ffmpeg-php
[[ -d $SRC_DIR ]] || mkdir -p $SRC_DIR
cd $SRC_DIR
git clone https://github.com/tony2001/ffmpeg-php.git
cd ffmpeg-git
grep -ir avcodec_alloc_frame "$SRC_DIR" -l | xargs -I{} sed 's/avcodec_alloc_frame/av_frame_alloc/' -i {}
./configure
#!/usr/bin/env bash _dir=/home/bundle # app root dir _home=/home/passenger # user home dir _addr="0.0.0.0" _port="8191" _pid="$_home/passenger.pid" _log="$_home/passenger.log" _ngxtpl="$_home/nginx.conf.erb" _args="--address $_addr --port $_port --user passenger --environment production --pid-file $_pid --log-file $_log --nginx-config-template $_ngxtpl --daemonize --sticky-sessions --app-type node --startup-file main.js" [[ -f $_home/.nvm/nvm.sh ]] && source $_home/.nvm/nvm.sh export MONGO_URL='mongodb://localhost:27017/mongodb' export ROOT_URL="http://pro-manage.net:$_port" [[ `whoami 2>/dev/null` == passenger ]] || echo "Run as passenger user" cd $_dir case $@ in stop) passenger stop --port $_port --pid-file $_pid ;; start) passenger start $_args ;; restart) $0 stop $0 start ;; status) passenger status --port $_port --pid-file $_pid ;; *) echo "usage: $0 stop | start | restart | status" ;; esac
generate files
for i in $(seq 1 1000000); do echo testing >> $i.txt; done
rm
time rm -f * -bash: /bin/rm: Argument list too long real 0m11.126s user 0m9.673s sys 0m1.278s
find with -exec rm
time find ./ -type f -exec rm {} \;
real 14m51.735s
user 2m24.330s
sys 9m48.743s
find with -delete
time find ./ -type f -delete real 5m11.937s user 0m1.259s sys 0m28.441s
perl
time perl -e 'for(<*>){((stat)[9]<(unlink))}'
real 1m0.488s
user 0m7.023s
sys 0m27.403s
rsync - empty test dir
rsync -a --delete /home/blanktest/ /home/test/ real 2m52.502s user 0m2.772s sys 0m32.649s
clamscan -ri --detect-pua=yes --scan-mail=yes --phishing-sigs=yes --phishing-scan-urls=yes --heuristic-scan-precedence=yes --algorithmic-detection=yes --scan-pe=yes --scan-elf=yes --scan-ole2=yes --scan-pdf=yes --scan-html=yes --scan-archive=yes --detect-broken=yes --block-encrypted=yes /path/to/dir
Задача состояла в разделении точки входа и точки выхода для openvpn.
| Entry node | Exit node | |
|---|---|---|
| OS | Linux CentOS 6.x | FreeBSD 9.x |
| Service | openvpn server | none |
| External IP | 88.32.99.91 | 162.210.201.13 |
| Internal IP | 10.254.10.1 | 10.254.20.1 |
| OpenVPN network | 10.254.0.0/16 | |
[mysqld] tmpdir=/tmp/mysql [mysqldump] tmpdir=/tmp [client] tmpdir=/tmp
#!/usr/bin/env bash
#
# Daily backup mysql databases
# CLI args: none
#exit on error
set -e
LANG=C
PATH="/bin:/usr/sbin:/usr/bin:/sbin:/usr/local/bin:/usr/local/sbin"
DATE=$(date +%F)
BACKUP_DIR=/home/mysql_backups
DUMP_DIR=$BACKUP_DIR/dumps
LOG=$BACKUP_DIR/backup.log
DAYS=7
DB="all"
OPTS="--order-by-primary --add-drop-database"
#########################
print_error() { echo "$@"; write_log "[ERROR] $@"; exit 1; }
print_info() { echo "$@"; write_log "[INFO] $@"; }
write_log() { echo "`date -R -u` $@" >> $LOG; }
##########################
# check dir
[[ -d $DUMP_DIR ]] || mkdir -p $DUMP_DIR
# check permissions on backup dir
if PERMS=$(stat --format="%a" $BACKUP_DIR)
then
# restore chmod
[[ $PERMS -eq 700 ]] || chmod 700 $BACKUP_DIR
fi
# check binaries
[[ -f `which mysqldump 2>/dev/null` ]] && MYSQLDUMP=mysqldump || print_error "No mysqldump binary found in $PATH"
[[ -f `which mysql 2>/dev/null` ]] && MYSQL=mysql || print_error "No mysql binary found in $PATH"
# validate $DB and skip default dbs
[[ $DB == all ]] && DB=$(mysql -e 'show databases' | tail -n +2 | grep -v -E "^(information_schema|performance_schema)$")
# create dumps
for db in $DB
do
# is db exist?
if ! EXISTS=$($MYSQL -s -N -e "show databases" | tail -n +2 | grep -x $db)
then
print_info "No such database: $db"
break
fi
DUMP_FILE=$DUMP_DIR/$DATE/$db.sql.gz
# is dump exist?
[[ -s $DUMP_FILE ]] || (
# log
print_info "Creating new: $DUMP_FILE"
# mkdir
mkdir -p $DUMP_DIR/$DATE
# add --events to mysql db
[[ $db == mysql ]] && OPTS+=" --events"
# dump
$MYSQLDUMP $OPTS $db | gzip -1 > $DUMP_FILE
)
done
# remove dirs
if OUTDATED_DIRS=$(find $DUMP_DIR -maxdepth 1 -type d -mtime +$DAYS)
then
for dir in $OUTDATED_DIRS
do
# log
print_info "Deleting outdated: $dir"
# rm
[[ -d $dir ]] && rm -r "$dir" || print_error "Can't remove $dir"
done
fi
#!/usr/bin/env bash export LANG=C # must have # 1-column to tabs-separated multicolumn cat 1-col.txt | sort | column # 1-column to spaces-separated multicolumn cat 1-col.txt | sort | column | expand # 1-column to string w/delimiter cat 1-col.txt | sort | paste -sd: # multicolumn to 1-column cat multi-col-spaces.txt | xargs -n 1 | sort # string w/delimiter to 1-column cat 1-string-delim.txt | tr ':' '\n' | sort
