ssh远程登陆时间过长,输入username后陷入等待
[
| 
2008/06/26 07:52]
| 2008/06/26 07:52]
这个问题导致的原因我还没有深入研究。
但是看来ssh在远程登陆中会判断远程用户的所属域,进而使用相应的ACL。而这个判断过程就需要DNS。
我收集整理了一下。解决方法。
1:关闭SSH的DNS调用
a:修改/etc/ssh/sshd_config
UseDNS no
b:修改/etc/resolv.conf
#nameserver 0.0.0.0
上面的方法确实有用,我试过了。比较合理的是a。
以下的影响因素未确定。
2:/etc/hosts 与主机名对应
3: /etc/rc.conf
sendmail_enable="NONE"
但是看来ssh在远程登陆中会判断远程用户的所属域,进而使用相应的ACL。而这个判断过程就需要DNS。
我收集整理了一下。解决方法。
1:关闭SSH的DNS调用
a:修改/etc/ssh/sshd_config
UseDNS no
b:修改/etc/resolv.conf
#nameserver 0.0.0.0
上面的方法确实有用,我试过了。比较合理的是a。
以下的影响因素未确定。
2:/etc/hosts 与主机名对应
3: /etc/rc.conf
sendmail_enable="NONE"
一个SuSE下Oracle脚本
[| 2008/06/23 17:53]
| 2008/06/23 17:53]
引自:http://www.blogjava.net/sk8boy/archive/2007/06/05/122061.html
以后估计用得着。下次在SuSE上安装的时候改改。
#!/bin/bash
#
# /etc/init.d/oracle
#
### BEGIN INIT INFO
# Provides:
# Required-Start: $network $syslog
# Should-Start:
# Required-Stop:
# Should-Stop:
# Default-Start: 3 5
# Default-Stop: 0 1 2 4 6
# Description: Startup/shutdown script for oracle listener and instance;
### END
. /etc/rc.status
rc_reset
start()
{
#when system stop redhat check /var/lock/subsys/oracle
#to make sure oracle is running.
touch /var/lock/subsys/oracle
# start tsnlisnter
echo -n "Start tsnlisnter:"
su - oracle -c "lsnrctl start" >/dev/null 2>/dev/null
rc_status -v
# start database
echo -n "Start Oracle database instance:"
su - oracle -c "echo \"
CONN / AS SYSDBA
STARTUP
exit \"|sqlplus /NOLOG" >/dev/null 2>/dev/null
rc_status -v
# start enterprise manager
echo -n "Start Enterprise Manager:"
su - oracle -c "emctl start dbconsole" >/dev/null 2>/dev/null
rc_status -v
#start isqlplus
echo -n "Start isqlplus"
su - oracle -c "isqlplusctl start">/dev/null 2>/dev/null
rc_status -v
}
stop()
{
#when system stop redhat check /var/lock/subsys/oracle
#to make sure oracle is running.
rm -rf /var/lock/subsys/oracle
# shutdown database
echo -n "Shutdown Oracle database instance:"
su - oracle -c "echo \"
CONN / AS SYSDBA
SHUTDOWN immediate
exit \"|sqlplus /NOLOG">/dev/null 2>/dev/null
rc_status -v
# stop tsnlisnter
echo -n "Stop tsnlisnter:"
su - oracle -c "lsnrctl stop">/dev/null 2>/dev/null
rc_status -v
# stop enterprise manager
echo -n "Stop Enterprise Manager:"
su - oracle -c "emctl stop dbconsole"
rc_status -v
# stop isqlplus
echo -n "Stop isqlplus:"
su - oracle -c "isqlplusctl stop"
rc_status -v
}
case "$1" in
start)
start
echo "Oracle Start at:" `date` >>/var/log/oracle.log
;;
stop)
stop
echo "Oracle Stop at:" `date` >>/var/log/oracle.log
;;
restart)
echo "Oracle Restart at:" `date` >>/var/log/oracle.log
stop
start
;;
*)
echo "Usage: $0 { start | stop| restart }"
exit 1
;;
esac
rc_exit
以后估计用得着。下次在SuSE上安装的时候改改。
#!/bin/bash
#
# /etc/init.d/oracle
#
### BEGIN INIT INFO
# Provides:
# Required-Start: $network $syslog
# Should-Start:
# Required-Stop:
# Should-Stop:
# Default-Start: 3 5
# Default-Stop: 0 1 2 4 6
# Description: Startup/shutdown script for oracle listener and instance;
### END
. /etc/rc.status
rc_reset
start()
{
#when system stop redhat check /var/lock/subsys/oracle
#to make sure oracle is running.
touch /var/lock/subsys/oracle
# start tsnlisnter
echo -n "Start tsnlisnter:"
su - oracle -c "lsnrctl start" >/dev/null 2>/dev/null
rc_status -v
# start database
echo -n "Start Oracle database instance:"
su - oracle -c "echo \"
CONN / AS SYSDBA
STARTUP
exit \"|sqlplus /NOLOG" >/dev/null 2>/dev/null
rc_status -v
# start enterprise manager
echo -n "Start Enterprise Manager:"
su - oracle -c "emctl start dbconsole" >/dev/null 2>/dev/null
rc_status -v
#start isqlplus
echo -n "Start isqlplus"
su - oracle -c "isqlplusctl start">/dev/null 2>/dev/null
rc_status -v
}
stop()
{
#when system stop redhat check /var/lock/subsys/oracle
#to make sure oracle is running.
rm -rf /var/lock/subsys/oracle
# shutdown database
echo -n "Shutdown Oracle database instance:"
su - oracle -c "echo \"
CONN / AS SYSDBA
SHUTDOWN immediate
exit \"|sqlplus /NOLOG">/dev/null 2>/dev/null
rc_status -v
# stop tsnlisnter
echo -n "Stop tsnlisnter:"
su - oracle -c "lsnrctl stop">/dev/null 2>/dev/null
rc_status -v
# stop enterprise manager
echo -n "Stop Enterprise Manager:"
su - oracle -c "emctl stop dbconsole"
rc_status -v
# stop isqlplus
echo -n "Stop isqlplus:"
su - oracle -c "isqlplusctl stop"
rc_status -v
}
case "$1" in
start)
start
echo "Oracle Start at:" `date` >>/var/log/oracle.log
;;
stop)
stop
echo "Oracle Stop at:" `date` >>/var/log/oracle.log
;;
restart)
echo "Oracle Restart at:" `date` >>/var/log/oracle.log
stop
start
;;
*)
echo "Usage: $0 { start | stop| restart }"
exit 1
;;
esac
rc_exit
SuSE下chkconfig的启动脚本写法。
[| 2008/06/23 17:23]
| 2008/06/23 17:23]
相关链接:
http://www.novell.com/coolsolutions/feature/11256.html
http://www.ibm.com/developerworks/cn/linux/l-cn-run_parallel/index.html
查看文件/etc/init.d/skeleton,内容如下:
#!/bin/sh
#
# Template SUSE system startup script for example service/daemon FOO
# Copyright (C) 1995--2005 Kurt Garloff, SUSE / Novell Inc.
#
# This library is free software; you can redistribute it and/or modify it
# under the terms of the GNU Lesser General Public License as published by
# the Free Software Foundation; either version 2.1 of the License, or (at
# your option) any later version.
#
# This library is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public
# License along with this library; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307,
# USA.
#
# /etc/init.d/FOO
# and its symbolic link
# /(usr/)sbin/rcFOO
#
# Template system startup script for some example service/daemon FOO
#
# LSB compatible service control script; see http://www.linuxbase.org/spec/
#
# Note: This template uses functions rc_XXX defined in /etc/rc.status on
# UnitedLinux/SUSE/Novell based Linux distributions. If you want to base your
# script on this template and ensure that it works on non UL based LSB
# compliant Linux distributions, you either have to provide the rc.status
# functions from UL or change the script to work without them.
# See skeleton.compat for a template that works with other distros as well.
#
### BEGIN INIT INFO
# Provides: FOO
# Required-Start: $syslog $remote_fs
# Should-Start: $time ypbind sendmail
# Required-Stop: $syslog $remote_fs
# Should-Stop: $time ypbind sendmail
# Default-Start: 3 5
# Default-Stop: 0 1 2 6
# Short-Description: FOO XYZ daemon providing ZYX
# Description: Start FOO to allow XY and provide YZ
# continued on second line by '#<TAB>'
# should contain enough info for the runlevel editor
# to give admin some idea what this service does and
# what it's needed for ...
# (The Short-Description should already be a good hint.)
### END INIT INFO
#
# Any extensions to the keywords given above should be preceeded by
# X-VendorTag- (X-UnitedLinux- X-SuSE- for us) according to LSB.
#
# Notes on Required-Start/Should-Start:
# * There are two different issues that are solved by Required-Start
# and Should-Start
# (a) Hard dependencies: This is used by the runlevel editor to determine
# which services absolutely need to be started to make the start of
# this service make sense. Example: nfsserver should have
# Required-Start: $portmap
# Also, required services are started before the dependent ones.
# The runlevel editor will warn about such missing hard dependencies
# and suggest enabling. During system startup, you may expect an error,
# if the dependency is not fulfilled.
# (b) Specifying the init script ordering, not real (hard) dependencies.
# This is needed by insserv to determine which service should be
# started first (and at a later stage what services can be started
# in parallel). The tag Should-Start: is used for this.
# It tells, that if a service is available, it should be started
# before. If not, never mind.
# * When specifying hard dependencies or ordering requirements, you can
# use names of services (contents of their Provides: section)
# or pseudo names starting with a $. The following ones are available
# according to LSB (1.1):
# $local_fs all local file systems are mounted
# (most services should need this!)
# $remote_fs all remote file systems are mounted
# (note that /usr may be remote, so
# many services should Require this!)
# $syslog system logging facility up
# $network low level networking (eth card, ...)
# $named hostname resolution available
# $netdaemons all network daemons are running
# The $netdaemons pseudo service has been removed in LSB 1.2.
# For now, we still offer it for backward compatibility.
# These are new (LSB 1.2):
# $time the system time has been set correctly
# $portmap SunRPC portmapping service available
# UnitedLinux extensions:
# $ALL indicates that a script should be inserted
# at the end
# * The services specified in the stop tags
# (Required-Stop/Should-Stop)
# specify which services need to be still running when this service
# is shut down. Often the entries there are just copies or a subset
# from the respective start tag.
# * Should-Start/Stop are now part of LSB as of 2.0,
# formerly SUSE/Unitedlinux used X-UnitedLinux-Should-Start/-Stop.
# insserv does support both variants.
# * X-UnitedLinux-Default-Enabled: yes/no is used at installation time
# (%fillup_and_insserv macro in %post of many RPMs) to specify whether
# a startup script should default to be enabled after installation.
# It's not used by insserv.
#
# Note on runlevels:
# 0 - halt/poweroff 6 - reboot
# 1 - single user 2 - multiuser without network exported
# 3 - multiuser w/ network (text mode) 5 - multiuser w/ network and X11 (xdm)
#
# Note on script names:
# http://www.linuxbase.org/spec/refspecs/LSB_1.3.0/gLSB/gLSB/scrptnames.html
# A registry has been set up to manage the init script namespace.
# http://www.lanana.org/
# Please use the names already registered or register one or use a
# vendor prefix.
# Check for missing binaries (stale symlinks should not happen)
# Note: Special treatment of stop for LSB conformance
FOO_BIN=/usr/sbin/FOO
test -x $FOO_BIN || { echo "$FOO_BIN not installed";
if [ "$1" = "stop" ]; then exit 0;
else exit 5; fi; }
# Check for existence of needed config file and read it
FOO_CONFIG=/etc/sysconfig/FOO
test -r $FOO_CONFIG || { echo "$FOO_CONFIG not existing";
if [ "$1" = "stop" ]; then exit 0;
else exit 6; fi; }
# Read config
. $FOO_CONFIG
# Source LSB init functions
# providing start_daemon, killproc, pidofproc,
# log_success_msg, log_failure_msg and log_warning_msg.
# This is currently not used by UnitedLinux based distributions and
# not needed for init scripts for UnitedLinux only. If it is used,
# the functions from rc.status should not be sourced or used.
#. /lib/lsb/init-functions
# Shell functions sourced from /etc/rc.status:
# rc_check check and set local and overall rc status
# rc_status check and set local and overall rc status
# rc_status -v be verbose in local rc status and clear it afterwards
# rc_status -v -r ditto and clear both the local and overall rc status
# rc_status -s display "skipped" and exit with status 3
# rc_status -u display "unused" and exit with status 3
# rc_failed set local and overall rc status to failed
# rc_failed <num> set local and overall rc status to <num>
# rc_reset clear both the local and overall rc status
# rc_exit exit appropriate to overall rc status
# rc_active checks whether a service is activated by symlinks
. /etc/rc.status
# Reset status of this service
rc_reset
# Return values acc. to LSB for all commands but status:
# 0 - success
# 1 - generic or unspecified error
# 2 - invalid or excess argument(s)
# 3 - unimplemented feature (e.g. "reload")
# 4 - user had insufficient privileges
# 5 - program is not installed
# 6 - program is not configured
# 7 - program is not running
# 8--199 - reserved (8--99 LSB, 100--149 distrib, 150--199 appl)
#
# Note that starting an already running service, stopping
# or restarting a not-running service as well as the restart
# with force-reload (in case signaling is not supported) are
# considered a success.
case "$1" in
start)
echo -n "Starting FOO "
## Start daemon with startproc(8). If this fails
## the return value is set appropriately by startproc.
/sbin/startproc $FOO_BIN
# Remember status and be verbose
rc_status -v
;;
stop)
echo -n "Shutting down FOO "
## Stop daemon with killproc(8) and if this fails
## killproc sets the return value according to LSB.
/sbin/killproc -TERM $FOO_BIN
# Remember status and be verbose
rc_status -v
;;
try-restart|condrestart)
## Do a restart only if the service was active before.
## Note: try-restart is now part of LSB (as of 1.9).
## RH has a similar command named condrestart.
if test "$1" = "condrestart"; then
echo "${attn} Use try-restart ${done}(LSB)${attn} rather than condrestart ${warn}(RH)${norm}"
fi
$0 status
if test $? = 0; then
$0 restart
else
rc_reset # Not running is not a failure.
fi
# Remember status and be quiet
rc_status
;;
restart)
## Stop the service and regardless of whether it was
## running or not, start it again.
$0 stop
$0 start
# Remember status and be quiet
rc_status
;;
force-reload)
## Signal the daemon to reload its config. Most daemons
## do this on signal 1 (SIGHUP).
## If it does not support it, restart the service if it
## is running.
echo -n "Reload service FOO "
## if it supports it:
/sbin/killproc -HUP $FOO_BIN
#touch /var/run/FOO.pid
rc_status -v
## Otherwise:
#$0 try-restart
#rc_status
;;
reload)
## Like force-reload, but if daemon does not support
## signaling, do nothing (!)
# If it supports signaling:
echo -n "Reload service FOO "
/sbin/killproc -HUP $FOO_BIN
#touch /var/run/FOO.pid
rc_status -v
## Otherwise if it does not support reload:
#rc_failed 3
#rc_status -v
;;
status)
echo -n "Checking for service FOO "
## Check status with checkproc(8), if process is running
## checkproc will return with exit status 0.
# Return value is slightly different for the status command:
# 0 - service up and running
# 1 - service dead, but /var/run/ pid file exists
# 2 - service dead, but /var/lock/ lock file exists
# 3 - service not running (unused)
# 4 - service status unknown :-(
# 5--199 reserved (5--99 LSB, 100--149 distro, 150--199 appl.)
# NOTE: checkproc returns LSB compliant status values.
/sbin/checkproc $FOO_BIN
# NOTE: rc_status knows that we called this init script with
# "status" option and adapts its messages accordingly.
rc_status -v
;;
probe)
## Optional: Probe for the necessity of a reload, print out the
## argument to this init script which is required for a reload.
## Note: probe is not (yet) part of LSB (as of 1.9)
test /etc/FOO/FOO.conf -nt /var/run/FOO.pid && echo reload
;;
*)
echo "Usage: $0 {start|stop|status|try-restart|restart|force-reload|reload|probe}"
exit 1
;;
esac
rc_exit
http://www.novell.com/coolsolutions/feature/11256.html
http://www.ibm.com/developerworks/cn/linux/l-cn-run_parallel/index.html
查看文件/etc/init.d/skeleton,内容如下:
#!/bin/sh
#
# Template SUSE system startup script for example service/daemon FOO
# Copyright (C) 1995--2005 Kurt Garloff, SUSE / Novell Inc.
#
# This library is free software; you can redistribute it and/or modify it
# under the terms of the GNU Lesser General Public License as published by
# the Free Software Foundation; either version 2.1 of the License, or (at
# your option) any later version.
#
# This library is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public
# License along with this library; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307,
# USA.
#
# /etc/init.d/FOO
# and its symbolic link
# /(usr/)sbin/rcFOO
#
# Template system startup script for some example service/daemon FOO
#
# LSB compatible service control script; see http://www.linuxbase.org/spec/
#
# Note: This template uses functions rc_XXX defined in /etc/rc.status on
# UnitedLinux/SUSE/Novell based Linux distributions. If you want to base your
# script on this template and ensure that it works on non UL based LSB
# compliant Linux distributions, you either have to provide the rc.status
# functions from UL or change the script to work without them.
# See skeleton.compat for a template that works with other distros as well.
#
### BEGIN INIT INFO
# Provides: FOO
# Required-Start: $syslog $remote_fs
# Should-Start: $time ypbind sendmail
# Required-Stop: $syslog $remote_fs
# Should-Stop: $time ypbind sendmail
# Default-Start: 3 5
# Default-Stop: 0 1 2 6
# Short-Description: FOO XYZ daemon providing ZYX
# Description: Start FOO to allow XY and provide YZ
# continued on second line by '#<TAB>'
# should contain enough info for the runlevel editor
# to give admin some idea what this service does and
# what it's needed for ...
# (The Short-Description should already be a good hint.)
### END INIT INFO
#
# Any extensions to the keywords given above should be preceeded by
# X-VendorTag- (X-UnitedLinux- X-SuSE- for us) according to LSB.
#
# Notes on Required-Start/Should-Start:
# * There are two different issues that are solved by Required-Start
# and Should-Start
# (a) Hard dependencies: This is used by the runlevel editor to determine
# which services absolutely need to be started to make the start of
# this service make sense. Example: nfsserver should have
# Required-Start: $portmap
# Also, required services are started before the dependent ones.
# The runlevel editor will warn about such missing hard dependencies
# and suggest enabling. During system startup, you may expect an error,
# if the dependency is not fulfilled.
# (b) Specifying the init script ordering, not real (hard) dependencies.
# This is needed by insserv to determine which service should be
# started first (and at a later stage what services can be started
# in parallel). The tag Should-Start: is used for this.
# It tells, that if a service is available, it should be started
# before. If not, never mind.
# * When specifying hard dependencies or ordering requirements, you can
# use names of services (contents of their Provides: section)
# or pseudo names starting with a $. The following ones are available
# according to LSB (1.1):
# $local_fs all local file systems are mounted
# (most services should need this!)
# $remote_fs all remote file systems are mounted
# (note that /usr may be remote, so
# many services should Require this!)
# $syslog system logging facility up
# $network low level networking (eth card, ...)
# $named hostname resolution available
# $netdaemons all network daemons are running
# The $netdaemons pseudo service has been removed in LSB 1.2.
# For now, we still offer it for backward compatibility.
# These are new (LSB 1.2):
# $time the system time has been set correctly
# $portmap SunRPC portmapping service available
# UnitedLinux extensions:
# $ALL indicates that a script should be inserted
# at the end
# * The services specified in the stop tags
# (Required-Stop/Should-Stop)
# specify which services need to be still running when this service
# is shut down. Often the entries there are just copies or a subset
# from the respective start tag.
# * Should-Start/Stop are now part of LSB as of 2.0,
# formerly SUSE/Unitedlinux used X-UnitedLinux-Should-Start/-Stop.
# insserv does support both variants.
# * X-UnitedLinux-Default-Enabled: yes/no is used at installation time
# (%fillup_and_insserv macro in %post of many RPMs) to specify whether
# a startup script should default to be enabled after installation.
# It's not used by insserv.
#
# Note on runlevels:
# 0 - halt/poweroff 6 - reboot
# 1 - single user 2 - multiuser without network exported
# 3 - multiuser w/ network (text mode) 5 - multiuser w/ network and X11 (xdm)
#
# Note on script names:
# http://www.linuxbase.org/spec/refspecs/LSB_1.3.0/gLSB/gLSB/scrptnames.html
# A registry has been set up to manage the init script namespace.
# http://www.lanana.org/
# Please use the names already registered or register one or use a
# vendor prefix.
# Check for missing binaries (stale symlinks should not happen)
# Note: Special treatment of stop for LSB conformance
FOO_BIN=/usr/sbin/FOO
test -x $FOO_BIN || { echo "$FOO_BIN not installed";
if [ "$1" = "stop" ]; then exit 0;
else exit 5; fi; }
# Check for existence of needed config file and read it
FOO_CONFIG=/etc/sysconfig/FOO
test -r $FOO_CONFIG || { echo "$FOO_CONFIG not existing";
if [ "$1" = "stop" ]; then exit 0;
else exit 6; fi; }
# Read config
. $FOO_CONFIG
# Source LSB init functions
# providing start_daemon, killproc, pidofproc,
# log_success_msg, log_failure_msg and log_warning_msg.
# This is currently not used by UnitedLinux based distributions and
# not needed for init scripts for UnitedLinux only. If it is used,
# the functions from rc.status should not be sourced or used.
#. /lib/lsb/init-functions
# Shell functions sourced from /etc/rc.status:
# rc_check check and set local and overall rc status
# rc_status check and set local and overall rc status
# rc_status -v be verbose in local rc status and clear it afterwards
# rc_status -v -r ditto and clear both the local and overall rc status
# rc_status -s display "skipped" and exit with status 3
# rc_status -u display "unused" and exit with status 3
# rc_failed set local and overall rc status to failed
# rc_failed <num> set local and overall rc status to <num>
# rc_reset clear both the local and overall rc status
# rc_exit exit appropriate to overall rc status
# rc_active checks whether a service is activated by symlinks
. /etc/rc.status
# Reset status of this service
rc_reset
# Return values acc. to LSB for all commands but status:
# 0 - success
# 1 - generic or unspecified error
# 2 - invalid or excess argument(s)
# 3 - unimplemented feature (e.g. "reload")
# 4 - user had insufficient privileges
# 5 - program is not installed
# 6 - program is not configured
# 7 - program is not running
# 8--199 - reserved (8--99 LSB, 100--149 distrib, 150--199 appl)
#
# Note that starting an already running service, stopping
# or restarting a not-running service as well as the restart
# with force-reload (in case signaling is not supported) are
# considered a success.
case "$1" in
start)
echo -n "Starting FOO "
## Start daemon with startproc(8). If this fails
## the return value is set appropriately by startproc.
/sbin/startproc $FOO_BIN
# Remember status and be verbose
rc_status -v
;;
stop)
echo -n "Shutting down FOO "
## Stop daemon with killproc(8) and if this fails
## killproc sets the return value according to LSB.
/sbin/killproc -TERM $FOO_BIN
# Remember status and be verbose
rc_status -v
;;
try-restart|condrestart)
## Do a restart only if the service was active before.
## Note: try-restart is now part of LSB (as of 1.9).
## RH has a similar command named condrestart.
if test "$1" = "condrestart"; then
echo "${attn} Use try-restart ${done}(LSB)${attn} rather than condrestart ${warn}(RH)${norm}"
fi
$0 status
if test $? = 0; then
$0 restart
else
rc_reset # Not running is not a failure.
fi
# Remember status and be quiet
rc_status
;;
restart)
## Stop the service and regardless of whether it was
## running or not, start it again.
$0 stop
$0 start
# Remember status and be quiet
rc_status
;;
force-reload)
## Signal the daemon to reload its config. Most daemons
## do this on signal 1 (SIGHUP).
## If it does not support it, restart the service if it
## is running.
echo -n "Reload service FOO "
## if it supports it:
/sbin/killproc -HUP $FOO_BIN
#touch /var/run/FOO.pid
rc_status -v
## Otherwise:
#$0 try-restart
#rc_status
;;
reload)
## Like force-reload, but if daemon does not support
## signaling, do nothing (!)
# If it supports signaling:
echo -n "Reload service FOO "
/sbin/killproc -HUP $FOO_BIN
#touch /var/run/FOO.pid
rc_status -v
## Otherwise if it does not support reload:
#rc_failed 3
#rc_status -v
;;
status)
echo -n "Checking for service FOO "
## Check status with checkproc(8), if process is running
## checkproc will return with exit status 0.
# Return value is slightly different for the status command:
# 0 - service up and running
# 1 - service dead, but /var/run/ pid file exists
# 2 - service dead, but /var/lock/ lock file exists
# 3 - service not running (unused)
# 4 - service status unknown :-(
# 5--199 reserved (5--99 LSB, 100--149 distro, 150--199 appl.)
# NOTE: checkproc returns LSB compliant status values.
/sbin/checkproc $FOO_BIN
# NOTE: rc_status knows that we called this init script with
# "status" option and adapts its messages accordingly.
rc_status -v
;;
probe)
## Optional: Probe for the necessity of a reload, print out the
## argument to this init script which is required for a reload.
## Note: probe is not (yet) part of LSB (as of 1.9)
test /etc/FOO/FOO.conf -nt /var/run/FOO.pid && echo reload
;;
*)
echo "Usage: $0 {start|stop|status|try-restart|restart|force-reload|reload|probe}"
exit 1
;;
esac
rc_exit
Redhat下chkconfig添加启动脚本的方法。
[| 2008/06/23 13:07]
| 2008/06/23 13:07]
#!/bin/bash
# chkconfig: 35 99 05
# description: Test chkconfig
# file: /etc/init.d/foo
env > /tmp/ENVLOG
最上面三行都是必须的。第四行非必须的。
否则报错如下:
[root@kook init.d]# chkconfig --add foo
foo 服务不支持 chkconfig
[root@kook init.d]# chkconfig --add foo
service foo does not support chkconfig
解释一下chkconfig: 35 99 05
35:就是在哪种runlevel下启动。
99:在rc3.d和rc5.d下产生S99foo
05:在rc0.d、rc1.d、rc2.d、rc4.d、rc6.d下产生K05foo
S代表Start
K代表Kill
上面的对于SuSE不适用。SuSE下可以用chkconfig来添加,但是无法控制启动和关闭顺序,只能手工软链接来处理启动顺序。
SuSE会自己搞一个启动数字,不知道这个是怎么一个规律。
应用BT3的破解无线方法
[| 2008/06/06 00:25]
| 2008/06/06 00:25]
BT3(BackTrack 3)下载地址:
http://www.remote-exploit.org/backtrack_download.html
支持兼容的网卡列表:
http://wiki.remote-exploit.org/index.php/HCL:Wireless
支持兼容的笔记本列表:
http://wiki.remote-exploit.org/index.php/HCL:Laptops
可以做成是LiveCD,或是U盘。我比较喜欢U盘,这样比较节省介质,而且更新的时候不会浪费光盘。好像是一个意思。
当然破解软件不是非得下载BT3,主要是有aircrack套件就可以了。Ubuntu的源里面已经包含了吧?自己搜索一下吧。
经过测试也就能破解WEP方式的还差不多。WPA就不用想了。不过本人研究水平非常初级。也许高人可以,不过估计也得非常有时间才可以吧。
应用BT3破解步骤简要说明:
1:无线网卡MAC地址伪装
2:修改网卡模式为监听,启用并激活无线网卡。
3:获取无线路由的相关信息(MAC、SSID、Channel),可以通过Kismet,亦可用其他方式获取。
4:监听指定路由器,抓包
5:获取到足够多的数据包后(通常Wep的),进行破解。
由于对于原理不清楚,以下仅是傻瓜式的操作说明。
1:查询无线网卡的设备名(可能是eth,wlan,wifi,ath),总之在未启用的状态下修改它们。
首先用ifconfig -a查看一下无线网卡设备名,修改如下:
macchanger -m 00:11:22:33:44:55 wlan0
如果已经激活,请先down掉,再修改。
ifconfig wlan0 down
判断是否激活就是用ifconfig来查看,是否出现在列表。
未激活状态的设备wlan0,是不出现在ifconfig的显示里面。
但是可以出现在ifconfig -a菜单里面。
2:修改网卡监听模式,并启用。
如下命令:
iwconfig wlan0 mode monitor 或者用 airmon-ng start wlan0
修改模式后,用iwconfig检查mode是否改变。
iwconfig wlan0
经上述修改后,启用网卡
ifconfig wlan0 up
3:监听无线路由的相关信息MAC、SSID、Channel
三种方法:
A:Win下获取
B:iwlist wlan0 scanning
C:kismet
(提示:bssid其实就是无线路由的MAC地址。)
这里简要介绍一下Kismet的监听,使用。
使用Kismet命令,需要修改配置文件/usr/local/etc/kismet.conf
source=none,none,none
例如T61,用的4965的无线网卡。
source=iwl4965,wlan0,1
例如TP-link的atheros的无线网卡
source=ath5k,ath1,1
从上面可以看出一些端倪,
source=1,2,3
字段1:请参考http://www.kismetwireless.net/documentation.shtml
字段2:设备名
字段3:我不知道是什么,总之写1都没有出过错。
字段1我曾经以为就是无线网卡模块的名字,后来发现不是完全匹配的。不过至少可以尝试lsmod看看。然后去那个URL那里找。
4:上述准备充分后,就可以进行抓包的动作了。
用下面命令抓包
airodump-ng -w outfile --channel 11 --bssid 00:12:34:56:78:90 wlan0
上面的命令很容易理解,监听11频道,MAC地址为00:12:34:56:78:90的无线路由器。
-w outfile 是产生前缀为outfile的2个文件。当你第一次执行这个命令时,产生下面的2个文件
outfile-01.cap 和 outfile-01.*(忘记这个文件的扩展名了)
通常:
64-bit WEP “暴破”需要3W个包
128-bit WEP “暴破”需要10W个包
5:破解
aircrack-ng -x -f 2 outfile-01.cap
aircrack-ng -w dict.txt outfile-01.cap
因为对于无线加密这些原理没有深入的了解,所以这些操作仅存在于表面上。以后有时间自己再研究一下。
http://www.remote-exploit.org/backtrack_download.html
支持兼容的网卡列表:
http://wiki.remote-exploit.org/index.php/HCL:Wireless
支持兼容的笔记本列表:
http://wiki.remote-exploit.org/index.php/HCL:Laptops
可以做成是LiveCD,或是U盘。我比较喜欢U盘,这样比较节省介质,而且更新的时候不会浪费光盘。好像是一个意思。
当然破解软件不是非得下载BT3,主要是有aircrack套件就可以了。Ubuntu的源里面已经包含了吧?自己搜索一下吧。
经过测试也就能破解WEP方式的还差不多。WPA就不用想了。不过本人研究水平非常初级。也许高人可以,不过估计也得非常有时间才可以吧。
应用BT3破解步骤简要说明:
1:无线网卡MAC地址伪装
2:修改网卡模式为监听,启用并激活无线网卡。
3:获取无线路由的相关信息(MAC、SSID、Channel),可以通过Kismet,亦可用其他方式获取。
4:监听指定路由器,抓包
5:获取到足够多的数据包后(通常Wep的),进行破解。
由于对于原理不清楚,以下仅是傻瓜式的操作说明。
1:查询无线网卡的设备名(可能是eth,wlan,wifi,ath),总之在未启用的状态下修改它们。
首先用ifconfig -a查看一下无线网卡设备名,修改如下:
macchanger -m 00:11:22:33:44:55 wlan0
如果已经激活,请先down掉,再修改。
ifconfig wlan0 down
判断是否激活就是用ifconfig来查看,是否出现在列表。
未激活状态的设备wlan0,是不出现在ifconfig的显示里面。
但是可以出现在ifconfig -a菜单里面。
2:修改网卡监听模式,并启用。
如下命令:
iwconfig wlan0 mode monitor 或者用 airmon-ng start wlan0
修改模式后,用iwconfig检查mode是否改变。
iwconfig wlan0
经上述修改后,启用网卡
ifconfig wlan0 up
3:监听无线路由的相关信息MAC、SSID、Channel
三种方法:
A:Win下获取
B:iwlist wlan0 scanning
C:kismet
(提示:bssid其实就是无线路由的MAC地址。)
这里简要介绍一下Kismet的监听,使用。
使用Kismet命令,需要修改配置文件/usr/local/etc/kismet.conf
source=none,none,none
例如T61,用的4965的无线网卡。
source=iwl4965,wlan0,1
例如TP-link的atheros的无线网卡
source=ath5k,ath1,1
从上面可以看出一些端倪,
source=1,2,3
字段1:请参考http://www.kismetwireless.net/documentation.shtml
字段2:设备名
字段3:我不知道是什么,总之写1都没有出过错。
字段1我曾经以为就是无线网卡模块的名字,后来发现不是完全匹配的。不过至少可以尝试lsmod看看。然后去那个URL那里找。
4:上述准备充分后,就可以进行抓包的动作了。
用下面命令抓包
airodump-ng -w outfile --channel 11 --bssid 00:12:34:56:78:90 wlan0
上面的命令很容易理解,监听11频道,MAC地址为00:12:34:56:78:90的无线路由器。
-w outfile 是产生前缀为outfile的2个文件。当你第一次执行这个命令时,产生下面的2个文件
outfile-01.cap 和 outfile-01.*(忘记这个文件的扩展名了)
通常:
64-bit WEP “暴破”需要3W个包
128-bit WEP “暴破”需要10W个包
5:破解
aircrack-ng -x -f 2 outfile-01.cap
aircrack-ng -w dict.txt outfile-01.cap
因为对于无线加密这些原理没有深入的了解,所以这些操作仅存在于表面上。以后有时间自己再研究一下。
