Grundlegende Systemwartung, durch Installation, von aktuellen Paketen und Upgraden des Kernels.
# apt-get update
# apt-get -y upgrade
# apt-get -y dist-upgrade
# apt-get autoremove
Systemaktualisierung durch Shell-Skript, zu einem einzigen Command zusammenfassen.
# echo "PATH=$PATH:/usr/local/scripts export PATH" >> /root/.bashrc
# echo '#!/bin/bash apt-get update apt-get -y upgrade apt-get -y dist-upgrade apt-get -y autoremove ' > /usr/local/scripts/do_patchupdates
# chmod 755 /usr/local/scripts/do_patchupdates
# do_patchupdates
Eigene motd (Login-Nachricht), nach dem Aufbau einer neuen SSH-Verbindung anzeigen lassen:
Add description and serial number to motd:
# echo ' ############################################################################## # # # This is the admin-server of Michael Reber. # # # # ATTENTION: # # # # Unauthorized access to this system is prohibited ! # # # # This system is actively monitored and all connections may be logged. # # By accessing this system, you consent to this monitoring. # # # ############################################################################## ' > /etc/motd
Wichtige Tools, zum konfigurieren, abändern der System Einstellungen.
# dpkg-reconfigure console-data
Möglichkeiten, um das eigene System ein bisschen zu analisieren; Informationen abzurufen.
# uptime
11:09:46 up 81 days, 17:13, 1 user, load average: 0.04, 0.10, 0.08
# uname -a
Linux vstif2.pnet.ch 3.10.0-514.21.1.el7.x86_64 #1 SMP Sat Apr 22 02:41:35 EDT 2017 x86_64 x86_64 x86_64 GNU/Linux
# df -h
Filesystem Size Used Avail Use% Mounted on /dev/mapper/vgsys-root 8.0G 2.1G 6.0G 26% / devtmpfs 910M 0 910M 0% /dev tmpfs 920M 0 920M 0% /dev/shm tmpfs 920M 97M 824M 11% /run tmpfs 920M 0 920M 0% /sys/fs/cgroup /dev/mapper/vgsys-var 8.0G 2.1G 6.0G 26% /var /dev/mapper/vgsys-opt 9.5G 184M 9.3G 2% /opt /dev/mapper/vgsys-tmp 4.0G 33M 4.0G 1% /tmp /dev/mapper/vgsys-home 8.0G 7.1G 922M 89% /home /dev/vda1 509M 195M 315M 39% /boot tmpfs 184M 0 184M 0% /run/user/37198
Zeigt alle Disks an, auch welche die unpartitioniert sind, und nicht gemountet sind!
# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT sda 8:0 0 80G 0 disk ├─sda1 8:1 0 512M 0 part /boot └─sda2 8:2 0 79.5G 0 part ├─vgsys-root 253:0 0 8G 0 lvm / ├─vgsys-swap 253:1 0 2G 0 lvm [SWAP] ├─vgsys-opt 253:2 0 49.5G 0 lvm /opt ├─vgsys-tmp 253:3 0 4G 0 lvm /tmp ├─vgsys-home 253:4 0 8G 0 lvm /home └─vgsys-var 253:5 0 8G 0 lvm /var sdb 8:16 0 80G 0 disk └─vg_data01-lv_data01 253:6 0 80G 0 lvm /data01 sr0 11:0 1 1024M 0 rom
# netstat -napl
Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 1/systemd tcp 0 0 10.1.100.181:22 0.0.0.0:* LISTEN 900/sshd tcp 0 0 127.0.0.1:6010 0.0.0.0:* LISTEN 17361/sshd: rebermi tcp 0 64 10.1.100.181:22 10.224.204.222:31477 ESTABLISHED 17358/sshd: rebermi tcp 0 0 10.1.100.181:47656 172.27.130.12:61613 ESTABLISHED 17664/ruby tcp 0 0 10.1.100.181:43540 172.27.49.65:9997 ESTABLISHED 15129/splunkd tcp6 0 0 :::9000 :::* LISTEN 29798/nsrexecd tcp6 0 0 :::111 :::* LISTEN 1/systemd tcp6 0 0 :::9269 :::* LISTEN 29798/nsrexecd tcp6 0 0 ::1:6010 :::* LISTEN 17361/sshd: rebermi tcp6 0 0 :::7937 :::* LISTEN 29798/nsrexecd tcp6 0 0 :::7938 :::* LISTEN 29798/nsrexecd udp 0 0 0.0.0.0:111 0.0.0.0:* 6061/rpcbind udp 0 0 10.1.100.181:123 0.0.0.0:* 26924/ntpd udp 0 0 127.0.0.1:123 0.0.0.0:* 26924/ntpd udp 0 0 0.0.0.0:123 0.0.0.0:* 26924/ntpd udp 0 0 0.0.0.0:724 0.0.0.0:* 6061/rpcbind udp6 0 0 :::111 :::* 6061/rpcbind udp6 0 0 ::1:123 :::* 26924/ntpd udp6 0 0 :::123 :::* 26924/ntpd udp6 0 0 :::724 :::* 6061/rpcbind udp6 0 0 :::7938 :::* 29798/nsrexecd Active UNIX domain sockets (servers and established) Proto RefCnt Flags Type State I-Node PID/Program name Path unix 2 [ ACC ] STREAM LISTENING 11522 1/systemd /run/lvm/lvmetad.socket unix 2 [ ACC ] STREAM LISTENING 11275 1/systemd /run/systemd/private unix 2 [ ACC ] STREAM LISTENING 14389 649/gssproxy /run/gssproxy.sock unix 2 [ ACC ] STREAM LISTENING 30777543 17361/sshd: rebermi /tmp/ssh-v94wMvs2vd/agent.17361 unix 2 [ ACC ] STREAM LISTENING 14191 1/systemd /var/run/dbus/system_bus_socket unix 2 [ ACC ] STREAM LISTENING 14388 649/gssproxy /var/lib/gssproxy/default.sock unix 2 [ ACC ] STREAM LISTENING 14194 1/systemd /var/run/rpcbind.sock unix 2 [ ] DGRAM 6831 1/systemd /run/systemd/notify unix 2 [ ] DGRAM 6833 1/systemd /run/systemd/cgroups-agent unix 2 [ ACC ] STREAM LISTENING 6842 1/systemd /run/systemd/journal/stdout unix 2 [ ACC ] STREAM LISTENING 11451 1/systemd /run/lvm/lvmpolld.socket unix 5 [ ] DGRAM 6845 1/systemd /run/systemd/journal/socket unix 9 [ ] DGRAM 6847 1/systemd /dev/log unix 2 [ ] DGRAM 11466 1/systemd /run/systemd/shutdownd unix 2 [ ACC ] SEQPACKET LISTENING 11518 1/systemd /run/udev/control unix 2 [ ] DGRAM 14377 649/gssproxy unix 3 [ ] DGRAM 12481 494/systemd-udevd unix 3 [ ] STREAM CONNECTED 14366 459/systemd-journal /run/systemd/journal/stdout unix 3 [ ] DGRAM 12480 494/systemd-udevd unix 2 [ ] DGRAM 12461 494/systemd-udevd unix 3 [ ] STREAM CONNECTED 14365 647/dbus-daemon unix 2 [ ] DGRAM 30777608 17397/sudo unix 3 [ ] STREAM CONNECTED 14402 647/dbus-daemon unix 3 [ ] STREAM CONNECTED 14102 626/auditd unix 3 [ ] STREAM CONNECTED 14258 459/systemd-journal /run/systemd/journal/stdout unix 2 [ ] DGRAM 25345848 647/dbus-daemon unix 3 [ ] STREAM CONNECTED 12107 481/lvmetad unix 3 [ ] STREAM CONNECTED 2557415 459/systemd-journal /run/systemd/journal/stdout unix 3 [ ] STREAM CONNECTED 25694704 15129/splunkd unix 3 [ ] STREAM CONNECTED 2557414 29726/crond unix 2 [ ] DGRAM 15260 662/polkitd unix 2 [ ] DGRAM 27844357 26924/ntpd unix 3 [ ] DGRAM 25694716 15134/[splunkd pid= unix 3 [ ] STREAM CONNECTED 14376 1/systemd unix 3 [ ] STREAM CONNECTED 14758 661/systemd-logind unix 3 [ ] STREAM CONNECTED 14393 - unix 3 [ ] STREAM CONNECTED 14759 459/systemd-journal /run/systemd/journal/stdout unix 3 [ ] STREAM CONNECTED 14404 647/dbus-daemon /var/run/dbus/system_bus_socket unix 3 [ ] DGRAM 25694715 15129/splunkd unix 3 [ ] STREAM CONNECTED 16427 459/systemd-journal /run/systemd/journal/stdout unix 2 [ ] DGRAM 14793 661/systemd-logind unix 3 [ ] STREAM CONNECTED 25694714 15134/[splunkd pid= unix 2 [ ] DGRAM 2557417 29726/crond unix 3 [ ] STREAM CONNECTED 25694713 15129/splunkd unix 3 [ ] STREAM CONNECTED 25694705 15129/splunkd unix 3 [ ] STREAM CONNECTED 14395 649/gssproxy /run/gssproxy.sock unix 3 [ ] STREAM CONNECTED 12108 459/systemd-journal /run/systemd/journal/stdout unix 3 [ ] STREAM CONNECTED 18263 893/python unix 3 [ ] STREAM CONNECTED 30777525 17361/sshd: rebermi unix 3 [ ] STREAM CONNECTED 18264 647/dbus-daemon /var/run/dbus/system_bus_socket unix 3 [ ] STREAM CONNECTED 14812 661/systemd-logind unix 2 [ ] DGRAM 30777518 17358/sshd: rebermi unix 3 [ ] STREAM CONNECTED 14101 626/auditd unix 3 [ ] STREAM CONNECTED 30777526 17358/sshd: rebermi unix 2 [ ] DGRAM 14100 626/auditd unix 3 [ ] STREAM CONNECTED 14403 647/dbus-daemon unix 3 [ ] STREAM CONNECTED 14257 649/gssproxy unix 3 [ ] STREAM CONNECTED 14813 647/dbus-daemon /var/run/dbus/system_bus_socket unix 3 [ ] STREAM CONNECTED 16426 900/sshd unix 3 [ ] STREAM CONNECTED 16106 893/python unix 3 [ ] STREAM CONNECTED 12451 494/systemd-udevd unix 3 [ ] STREAM CONNECTED 15061 647/dbus-daemon /var/run/dbus/system_bus_socket unix 3 [ ] STREAM CONNECTED 12452 459/systemd-journal /run/systemd/journal/stdout unix 2 [ ] DGRAM 29758906 1/systemd unix 3 [ ] STREAM CONNECTED 16107 459/systemd-journal /run/systemd/journal/stdout unix 3 [ ] STREAM CONNECTED 15060 662/polkitd
# dpkg -l
||/ Name Version Description +++-==========================-==========================-==================================================================== ii acpid 1.0.4-5 Utilities for using ACPI power management ii adduser 3.102 Add and remove users and groups ii apt 0.6.46.4-0.1 Advanced front-end for dpkg ii apt-utils 0.6.46.4-0.1 APT utility programs ii aptitude 0.4.4-4 terminal-based apt frontend ii base-files 4 Debian base system miscellaneous files ii base-passwd 3.5.11 Debian base system master password and group files ii bash 3.1dfsg-8 The GNU Bourne Again SHell ii bsdmainutils 6.1.6 collection of more utilities from FreeBSD ii bsdutils 2.12r-19 Basic utilities from 4.4BSD-Lite ii busybox 1.1.3-4 Tiny utilities for small and embedded systems ii console-common 0.7.69 Basic infrastructure for text console configuration ii console-data 1.01-7 Keymaps, fonts, charset maps, fallback tables for console-tools ii console-tools 0.2.3dbs-65 Linux console and font utilities ii coreutils 5.97-5.3 The GNU core utilities ii cpio 2.6-17 GNU cpio -- a program to manage archives of files ii cron 3.0pl1-100 management of regular background processing ii debconf 1.5.11 Debian configuration management system ii debconf-i18n 1.5.11 full internationalization support for debconf ii debian-archive-keyring 2007.07.31~etch1 GnuPG archive keys of the Debian archive ii debianutils 2.17 Miscellaneous utilities specific to Debian ii dhcp3-client 3.0.4-13 DHCP Client ii dhcp3-common 3.0.4-13 Common files used by all the dhcp3* packages ii diff 2.8.1-11 File comparison utilities ii dmidecode 2.8-4 Dump Desktop Management Interface data ii dpkg 1.13.25 package maintenance system for Debian ii dselect 1.13.25 user tool to manage Debian packages ii e2fslibs 1.39+1.40-WIP-2006.11.14+d ext2 filesystem libraries ii e2fsprogs 1.39+1.40-WIP-2006.11.14+d ext2 file system utilities and libraries ii ed 0.2-20 The classic unix line editor ii eject 2.1.4-3 ejects CDs and operates CD-Changers under Linux ii findutils 4.2.28-1 utilities for finding files--find, xargs, and locate ii gcc-4.1-base 4.1.1-21 The GNU Compiler Collection (base package) ii gnupg 1.4.6-2 GNU privacy guard - a free PGP replacement ii gpgv 1.4.6-2 GNU privacy guard - signature verification tool ii grep 2.5.1.ds2-6 GNU grep, egrep and fgrep ii groff-base 1.18.1.1-12 GNU troff text-formatting system (base system components) ii grub 0.97-27 GRand Unified Bootloader ii gzip 1.3.5-15 The GNU compression utility ii hostname 2.93 utility to set/show the host name or domain name ii ifupdown 0.6.8 high level tools to configure network interfaces ii info 4.8.dfsg.1-4 Standalone GNU Info documentation browser ii initramfs-tools 0.85h tools for generating an initramfs ii initscripts 2.86.ds1-38 Scripts for initializing and shutting down the system ii installation-report 2.29 system installation report ii iptables 1.3.6.0debian1-5 administration tools for packet filtering and NAT ii iputils-ping 20020927-6 Tools to test the reachability of network hosts ii klibc-utils 1.4.34-1 small statically-linked utilities built with klibc ii klogd 1.4.1-18 Kernel Logging Daemon ii laptop-detect 0.12.1 attempt to detect a laptop ii libacl1 2.2.41-1 Access control list shared library ii libattr1 2.4.32-1 Extended attribute shared library ii libblkid1 1.39+1.40-WIP-2006.11.14+d block device id library ii libbz2-1.0 1.0.3-6 high-quality block-sorting file compressor library - runtime ii libc6 2.3.6.ds1-13etch2 GNU C Library: Shared libraries ii libcap1 1.10-14 support for getting/setting POSIX.1e capabilities ii libcomerr2 1.39+1.40-WIP-2006.11.14+d common error description library ii libconsole 0.2.3dbs-65 Shared libraries for Linux console and font manipulation ii libdb4.2 4.2.52+dfsg-2 Berkeley v4.2 Database Libraries [runtime] ii libdb4.3 4.3.29-8 Berkeley v4.3 Database Libraries [runtime] ii libdb4.4 4.4.20-8 Berkeley v4.4 Database Libraries [runtime] ii libdevmapper1.02 1.02.08-1 The Linux Kernel Device Mapper userspace library ii libedit2 2.9.cvs.20050518-2.2 BSD editline and history libraries ii libgcc1 4.1.1-21 GCC support library ii libgcrypt11 1.2.3-2 LGPL Crypto library - runtime library ii libgdbm3 1.8.3-3 GNU dbm database routines (runtime version) ii libgnutls13 1.4.4-3 the GNU TLS library - runtime library ii libgpg-error0 1.4-1 library for common error values and messages in GnuPG components ii libklibc 1.4.34-1 minimal libc subset for use with initramfs ii libkrb53 1.4.4-7etch4 MIT Kerberos runtime libraries ii libldap2 2.1.30-13.3 OpenLDAP libraries ii liblocale-gettext-perl 1.05-1 Using libc functions for internationalization in Perl ii liblzo1 1.08-3 data compression library (old version) ii libncurses5 5.5-5 Shared libraries for terminal handling ii libncursesw5 5.5-5 Shared libraries for terminal handling (wide character support) ii libnewt0.52 0.52.2-10 Not Erik's Windowing Toolkit - text mode windowing with slang ii libopencdk8 0.5.9-2 Open Crypto Development Kit (OpenCDK) (runtime) ii libpam-modules 0.79-4 Pluggable Authentication Modules for PAM ii libpam-runtime 0.79-4 Runtime support for the PAM library ii libpam0g 0.79-4 Pluggable Authentication Modules library ii libpopt0 1.10-3 lib for parsing cmdline parameters ii libreadline5 5.2-2 GNU readline and history libraries, run-time libraries ii libsasl2 2.1.22.dfsg1-8 Authentication abstraction library ii libsasl2-2 2.1.22.dfsg1-8 Authentication abstraction library ii libselinux1 1.32-3 SELinux shared libraries ii libsepol1 1.14-2 Security Enhanced Linux policy library for changing policy binaries ii libsigc++-2.0-0c2a 2.0.17-2 type-safe Signal Framework for C++ - runtime ii libslang2 2.0.6-4 The S-Lang programming library - runtime version ii libss2 1.39+1.40-WIP-2006.11.14+d command-line interface parsing library ii libssl0.9.8 0.9.8c-4etch1 SSL shared libraries ii libstdc++6 4.1.1-21 The GNU Standard C++ Library v3 ii libtasn1-3 0.3.6-2 Manage ASN.1 structures (runtime) ii libtext-charwidth-perl 0.04-4 get display widths of characters on the terminal ii libtext-iconv-perl 1.4-3 converts between character sets in Perl ii libtext-wrapi18n-perl 0.06-5 internationalized substitute of Text::Wrap ii libusb-0.1-4 0.1.12-5 userspace USB programming library ii libuuid1 1.39+1.40-WIP-2006.11.14+d universally unique id library ii libvolume-id0 0.105-4 libvolume_id shared library ii libwrap0 7.6.dbs-13 Wietse Venema's TCP wrappers library ii linux-image-2.6.18-5-amd64 2.6.18.dfsg.1-13etch4 Linux 2.6.18 image on AMD64 ii locales 2.3.6.ds1-13etch2 GNU C Library: National Language (locale) data [support] ii login 4.0.18.1-7 system login tools ii logrotate 3.7.1-3 Log rotation utility ii lsb-base 3.1-23.2etch1 Linux Standard Base 3.1 init script functionality ii lvm-common 1.5.20 The Logical Volume Manager for Linux (common files) ii lvm2 2.02.06-4 The Linux Logical Volume Manager ii makedev 2.3.1-83 creates device files in /dev ii man-db 2.4.3-6 The on-line manual pager ii manpages 2.39-1 Manual pages about using a GNU/Linux system ii mawk 1.3.3-11 a pattern scanning and text processing language ii mktemp 1.5-2 Makes unique filenames for temporary files ii module-init-tools 3.3-pre4-2 tools for managing Linux kernel modules ii mount 2.12r-19 Tools for mounting and manipulating filesystems ii nano 2.0.2-1etch1 free Pico clone with some new features ii ncurses-base 5.5-5 Descriptions of common terminal types ii ncurses-bin 5.5-5 Terminal-related programs and man pages ii net-tools 1.60-17 The NET-3 networking toolkit ii netbase 4.29 Basic TCP/IP networking system ii netcat 1.10-32 TCP/IP swiss army knife ii openbsd-inetd 0.20050402-6 The OpenBSD Internet Superserver ii openssh-client 4.3p2-9 Secure shell client, an rlogin/rsh/rcp replacement ii openssh-server 4.3p2-9 Secure shell server, an rshd replacement ii passwd 4.0.18.1-7 change and administer password and group data ii perl-base 5.8.8-7 The Pathologically Eclectic Rubbish Lister ii procps 3.2.7-3 /proc file system utilities ii readline-common 5.2-2 GNU readline and history libraries, common files ii sed 4.1.5-1 The GNU sed stream editor ii ssh 4.3p2-9 Secure shell client and server (transitional package) ii sudo 1.6.8p12-4 Provide limited super user privileges to specific users ii sysklogd 1.4.1-18 System Logging Daemon ii sysv-rc 2.86.ds1-38 System-V-like runlevel change mechanism ii sysvinit 2.86.ds1-38 System-V-like init utilities ii sysvinit-utils 2.86.ds1-38 System-V-like utilities ii tar 1.16-2 GNU tar ii tasksel 2.66 Tool for selecting tasks for installation on Debian systems ii tasksel-data 2.66 Official tasks used for installation of Debian systems ii tcpd 7.6.dbs-13 Wietse Venema's TCP wrapper utilities ii traceroute 1.4a12-21 traces the route taken by packets over a TCP/IP network ii tzdata 2007b-1 Time Zone and Daylight Saving Time Data ii udev 0.105-4 /dev/ and hotplug management daemon ii update-inetd 4.27-0.5 inetd.conf updater ii usbutils 0.72-7 USB console utilities ii util-linux 2.12r-19 Miscellaneous system utilities ii vim-common 7.0-122+1etch3 Vi IMproved - Common files ii vim-tiny 7.0-122+1etch3 Vi IMproved - enhanced vi editor - compact version ii wget 1.10.2-2 retrieves files from the web ii whiptail 0.52.2-10 Displays user-friendly dialog boxes from shell scripts ii zlib1g 1.2.3-13 compression library - runtime h034w5:~# dpkg -l | grep ^ii | wc -l 148
Setting HISTSIZE to a value less than zero causes the history list to be unlimited (setting it 0 zero disables the history list).
# vim /etc/bash.bashrc
# System-wide .bashrc file for interactive bash(1) shells. HISTSIZE=-1 HISTFILESIZE=-1