Rootop 服务器运维与web架构

2019-06-17
发表者 Venus
设置apache将html文件由php处理已关闭评论

设置apache将html文件由php处理

这么做的原因:html文件里嵌入了php代码,但是文件名还是.html,需要将html文件交由php处理。
PS:apache和php跑在fastcgi方式下。

首先修改apache将html请求转给php处理:
虚拟主机添加配置

<FilesMatch \.html$>
    SetHandler "proxy:unix:/tmp/php-cgi-56.sock|fcgi://localhost"
</FilesMatch>

重启apache测试。
访问网站报错 access deny

查apache虚拟主机错误日志发现:

AH01071: Got error 'Access to the script '/www/wwwroot/www.xxx.com/index.html'has been denied (see security.limit_extensions)\n'~

应该是php-fpm安全策略导致的。
查 security.limit_extensions 参数发现属于php-fpm.conf中配置
在php-fpm.conf 中[www]池配置段添加一句:

security.limit_extensions = .php .html

重启php-fpm即可。

2019-06-14
发表者 Venus
解决Mariadb10.1.37不需要密码就可以登录已关闭评论

解决Mariadb10.1.37不需要密码就可以登录

在Ubuntu下apt装了Mariadb后,改掉root密码后,发现不需要密码就可以进入控制台。
刚开始以为密码修改失败了。后来发现是Mariadb认证插件的原因。

官方解释:https://mariadb.com/kb/en/library/authentication-plugin-unix-socket/

mysql库user表中默认有一条root用户记录,这条记录plugin字段(用户认证)默认值是 unix_socket(在centos7 yum安装的为mariadb-server-5.5.60版本,默认这个字段是空的),如果是这种认证方式,则通过系统凭据认证,就跳过数据库的密码认证了。
所以出现不需要密码就可以登录。

# 改回数据库密码认证

root@simon-PC:/etc/mysql# mysql
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 5
Server version: 10.1.37-MariaDB-0+deb9u1 Debian 9.6

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> select user,plugin from mysql.user;
+------+-------------+
| user | plugin      |
+------+-------------+
| root | unix_socket |
+------+-------------+
1 rows in set (0.00 sec)

MariaDB [(none)]> use mysql;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A

Database changed
MariaDB [mysql]> update user set plugin = 'mysql_native_password' where user = 'root';
Query OK, 1 rows affected (0.00 sec)
Rows matched: 1  Changed: 1  Warnings: 0

MariaDB [mysql]> select user,plugin from mysql.user;
+------+-----------------------+
| user | plugin                |
+------+-----------------------+
| root | mysql_native_password |
+------+-----------------------+
1 rows in set (0.00 sec)

MariaDB [mysql]> exit
Bye

# 重启MariaDB数据库

root@simon-PC:/etc/mysql# systemctl restart mysql
root@simon-PC:/etc/mysql# mysql
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO)

上面提示没有带密码,拒绝登录了。

root@simon-PC:/etc/mysql# mysql -uroot -proot
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 3
Server version: 10.1.37-MariaDB-0+deb9u1 Debian 9.6
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]>

完成。

2019-05-27
发表者 Venus
mysql-sniffer安装报错 /usr/lib64/libpthread.so.0: error adding symbols: DSO missing from command line已关闭评论

mysql-sniffer安装报错 /usr/lib64/libpthread.so.0: error adding symbols: DSO missing from command line

系统:centos7.3
官方安装步骤:https://github.com/Qihoo360/mysql-sniffer
根据git上步骤安装mysql-sniffer报错:

/usr/lib64/libpthread.so.0: error adding symbols: DSO missing from command line
collect2: error: ld returned 1 exit status
make[2]: *** [bin/mysql-sniffer] Error 1
make[1]: *** [bin/CMakeFiles/mysql-sniffer.dir/all] Error 2
make: *** [all] Error 2

解决方法在:https://github.com/Qihoo360/mysql-sniffer/issues/30

步骤:
编辑文件:
vi mysql-sniffer/src/CMakeLists.txt
按图所示添加 libpthread.so.0

再次make即可。

2019-05-24
发表者 Venus
shell读取json字符串已关闭评论

shell读取json字符串

下载地址:https://github.com/stedolan/jq/releases

# 放到/usr/local/bin下并改名方便命令调用

[root@rootop logs]# cd /usr/local/bin/
[root@rootop logs]# wget -c https://github.com/stedolan/jq/releases/download/jq-1.6/jq-linux64
[root@rootop logs]# mv jq-linux64 jq

# 格式化json串,格式化后是带颜色的,很方便阅读。注意后面是跟的 点 .

[root@rootop logs]# tail -f www.rootop.org.log | jq .
{
  "remote_addr": "66.249.75.44",
  "remote_user": "-",
  "time_local": "24/May/2019:16:08:05 +0800",
  "request": "GET /pages/category/serversafe/page/2 HTTP/1.1",
  "status": "200",
  "body_bytes_sent": "8852",
  "http_referer": "-",
  "user_agent": "Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.96 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"
}

# 获取某个key的值,注意key前面有个点:

[root@rootop logs]# tail -f www.rootop.org.log | jq .user_agent
"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36"

# 比如要在shell脚本中调用json中的某个值:

ua=`cat json_file | jq .user_agent`
echo $ua
这样就可以调到user_agent的值了。

2019-05-22
发表者 Venus
error: db5 error(11) from dbenv->open: Resource temporarily unavailable已关闭评论

error: db5 error(11) from dbenv->open: Resource temporarily unavailable

# yum安装软件报错

[root@localhost wwwlogs]# yum install -y iptraf
error: db5 error(11) from dbenv->open: Resource temporarily unavailable
error: cannot open Packages index using db5 - Resource temporarily unavailable (11)
error: cannot open Packages database in /var/lib/rpm
CRITICAL:yum.main:

Error: rpmdb open failed

这个错误应该是rpm数据库有问题了,无法读取。很有可能是因为之前磁盘满了,加上操作yum,导致rpm数据库出问题。

# 把数据库文件删掉 __db.xxx开头的

[root@localhost wwwlogs]# cd /var/lib/rpm
[root@localhost rpm]# ll
total 56044
-rw-r--r--. 1 root root  3313664 May 21 20:25 Basenames
-rw-r--r--. 1 root root     8192 May  7 20:24 Conflictname
-rw-r--r--  1 root root        0 May 22 11:42 __db.001
-rw-r--r--. 1 root root  1220608 May 21 20:25 Dirnames
-rw-r--r--. 1 root root    16384 May 21 20:25 Group
-rw-r--r--. 1 root root    16384 May 21 20:25 Installtid
-rw-r--r--. 1 root root    36864 May 21 20:25 Name
-rw-r--r--. 1 root root    16384 May  7 20:24 Obsoletename
-rw-r--r--. 1 root root 50884608 May 21 20:25 Packages
-rw-r--r--. 1 root root  1564672 May 21 20:25 Providename
-rw-r--r--. 1 root root   176128 May 21 20:25 Requirename
-rw-r--r--. 1 root root    57344 May 21 20:25 Sha1header
-rw-r--r--. 1 root root    36864 May 21 20:25 Sigmd5
-rw-r--r--. 1 root root     8192 May  7 20:59 Triggername
[root@localhost rpm]# rm -f __db.001

# 重建

[root@localhost rpm]# rpm --rebuilddb
[root@localhost rpm]# yum clean all
Loaded plugins: fastestmirror
Cleaning repos: base epel extras updates
Cleaning up everything
Cleaning up list of fastest mirrors

再次yum install解决。