Linux 使用笔记(三)

1.系统迁移和备份

A:为了数据安全，我们需要对系统备份，换新电脑或者更换云服务时我们需要迁移系统。Linux 系统备份和迁移的方法很多，我这里打算使用 tar 。

系统备份

首先是根据自己的实际情况列出需要备份的目录，通常有：

• /etc/
• /home/
• /var/spool/mail/
• /var/spool/cron/
• /root
• /usr/local/bin

然后使用 tar 命令打包：

tar -jcv -f /backups/backup-system-20200902.tar.bz2 \
> --exclude=/root/*.bz2 --exclude=/root/*.gz --exclude=/home/loop* \
> /etc /home /var/spool/mail /var/spool/cron /root /usr/local/bin

系统恢复

首先可以将备份解压到 /tmp 目录，之后使用 rsync 命令复制到对应目录便可恢复。

tar -jxv -f /backups/backup-system-20200902.tar.bz2 -C /tmp
rsync -avuz /tmp/etc/ /etc
rsync -avuz /tmp/home/ /home
rsync -avuz /tmp/var/spool/mail/ /var/spool/mail
rsync -avuz /tmp/var/spool/cron/ /var/spool/cron
rsync -avuz /tmp/root/ /root
rsync -avuz /tmp/usr/local/bin/ /usr/local/bin

系统迁移

换新电脑或者更换云服务时我们可能不想要上面那么麻烦，而可能想直接迁移系统，至少我是这么想的，这时我们可以使用下面的方法：

# 全系统备份
tar --create --absolute-names --preserve-permissions --bzip2  --file=/media/sf_Windows10-shared-folder/virtual-box-centos-8.tar.bz2 --exclude=/dev --exclude=/media --exclude=/metainfo --exclude=/mnt --exclude=/proc --exclude=/run --exclude=/sys  --exclude=/tmp --exclude=/var --exclude=/@System.solv /

# 如有需要也可检查备份的文件
tar -tjpPvf /media/sf_Windows10-shared-folder/virtual-box-centos-8.tar.bz2 | less

# 将备份包放到 /tmp 下解压
tar -xjvf virtual-box-centos-8.tar.bz2

Reference:

• Migrate installation to new hardware
• How To Migrate to a New Linux Server

2.dnf list plugins command missing

A:The information is provided for nearly all command with “-v” option. See:

Loaded plugins: builddep, changelog, config-manager, copr, debug, debuginfo-install, download, generate_completion_cache, needs-restarting, playground, product-id, repoclosure, repodiff, repograph, repomanage, reposync, subscription-manager, uploadprofile Updating Subscription Management repositories.

Reference:

• dnf list plugins command missing

3.How to add startup application on CentOS 8?

A:We can add by gnome tweaks. Of course you should install it with Software.

Reference:

• Tweaking GNOME Desktop Environment on CentOS 8

4.开启 CentOS 8 上 tomcat 9 的注意事项

A:首先是安装 tomcat-native；其次是注意从日志文件中定位错误。我遇到了证书文件权限导致找不到文件的情况。

5.man: can’t set the locale; make sure $LC_* and $LANG are correct

A:问题是由于 ssh 终端的 locale 设置导致系统的 locale 设置出现问题，我关闭了 sshd_config 中 locale 相关的设置，使用系统的 locale 设置。

Reference:

• Locale
• How to change system locale on RHEL7?

6.在 CentOS 8 上使用 alternatives 设置默认的 java

A: 在 CentOS 8 上安装 java 包之后不知为什么 alternatives 中的配置居然不对，导致提示 java command not found，于是只好手动配置：

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51

# 初始情况如下 $ sudo alternatives --list libnssckbi.so.x86_64 auto /usr/lib64/pkcs11/p11-kit-trust.so python manual /usr/bin/python3 ifup auto /usr/libexec/nm-ifup cifs-idmap-plugin auto /usr/lib64/cifs-utils/cifs_idmap_sss.so python3 auto /usr/bin/python3.6 nmap auto /usr/bin/ncat java manual /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.262.b10-0.el8_2.x86_64/jre/bin/java jre_openjdk auto /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.262.b10-0.el8_2.x86_64/jre jre_1.8.0 auto /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.262.b10-0.el8_2.x86_64/jre jre_1.8.0_openjdk auto /usr/lib/jvm/jre-1.8.0-openjdk-1.8.0.262.b10-0.el8_2.x86_64 links manual /usr/bin/elinks javac auto /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.265.b01-0.el8_2.x86_64/bin/javac java_sdk_openjdk auto /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.265.b01-0.el8_2.x86_64 java_sdk_1.8.0 auto /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.265.b01-0.el8_2.x86_64 java_sdk_1.8.0_openjdk auto /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.265.b01-0.el8_2.x86_64 # 确认下正确设置的相关参数 $ alternatives --display java_sdk_openjdk java_sdk_openjdk - status is auto. link currently points to /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.265.b01-0.el8_2.x86_64 /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.265.b01-0.el8_2.x86_64 - family java-1.8.0-openjdk.x86_64 priority 1800265 Current `best' version is /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.265.b01-0.el8_2.x86_64. # 设置默认 java 相关功能的路径 sudo alternatives --install /usr/bin/java java /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.265.b01-0.el8_2.x86_64/jre/bin/java 1800265 --family java-1.8.0-openjdk.x86_64 sudo alternatives --install /usr/lib/jvm/jre_openjdk jre_openjdk /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.265.b01-0.el8_2.x86_64/jre 1800265 --family java-1.8.0-openjdk.x86_64 sudo alternatives --install /usr/lib/jvm/jre_1.8.0 jre_1.8.0 /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.265.b01-0.el8_2.x86_64/jre 1800265 --family java-1.8.0-openjdk.x86_64 sudo alternatives --install /usr/lib/jvm/jre_1.8.0_openjdk jre_1.8.0_openjdk /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.265.b01-0.el8_2.x86_64 1800265 --family java-1.8.0-openjdk.x86_64 # 确认设置结果 $ alternatives --list libnssckbi.so.x86_64 auto /usr/lib64/pkcs11/p11-kit-trust.so python manual /usr/bin/python3 ifup auto /usr/libexec/nm-ifup cifs-idmap-plugin auto /usr/lib64/cifs-utils/cifs_idmap_sss.so python3 auto /usr/bin/python3.6 nmap auto /usr/bin/ncat links manual /usr/bin/elinks javac auto /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.265.b01-0.el8_2.x86_64/bin/javac java_sdk_openjdk auto /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.265.b01-0.el8_2.x86_64 java_sdk_1.8.0 auto /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.265.b01-0.el8_2.x86_64 java_sdk_1.8.0_openjdk auto /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.265.b01-0.el8_2.x86_64 java auto /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.265.b01-0.el8_2.x86_64/jre/bin/java jre_openjdk auto /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.265.b01-0.el8_2.x86_64/jre jre_1.8.0 auto /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.265.b01-0.el8_2.x86_64/jre jre_1.8.0_openjdk auto /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.265.b01-0.el8_2.x86_64

另外我们还可以在 /etc/profile.d 目录下新建 java.sh 文件来设置 JAVA_HOME 和 JRE_HOME：

1 2 3

# /etc/profile.d/java.sh JAVA_HOME="/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.265.b01-0.el8_2.x86_64" JRE_HOME="/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.265.b01-0.el8_2.x86_64/jre"

Reference:

• Introduction to the alternatives command in Linux

7. chsh command not available on CentOS 8

A:

1 2 3 4 5 6 7 8 9 10 11 12 13

$ dnf provides '*/chsh' Last metadata expiration check: 8 days, 1:03:13 ago on Thu 01 Oct 2020 03:47:40 AM UTC. util-linux-user-2.32.1-22.el8.x86_64 : libuser based util-linux utilities Repo : BaseOS Matched from: Filename : /etc/pam.d/chsh Filename : /usr/bin/chsh Filename : /usr/share/bash-completion/completions/chsh $ rpm -q util-linux-user-2.32.1-22.el8.x86_64 package util-linux-user-2.32.1-22.el8.x86_64 is not installed $ sudo dnf install util-linux-user-2.32.1-22.el8.x86_64

• CentOS 8.0.1905 - ‘chsh’ : command not found

8. rsync 同步目录时产生了很多以 ~ 结尾的文件

A:原因是加上了 b 选项，会对文件做备份

1	rsync -avuzb treasure-workspace/dist/treasure/ treasure-lib-dist

Reference:

• What does the tilde (~) mean at the end of a filename?
• What is bitwise.c~?

9. systemd 服务停止后邮件通知管理员

A: 我们可以利用 ExecStopPost 设置，以 mysql 为例，先准备好邮件发送程序，这里我们可以参考 Arch linux 的做法：

/usr/local/bin/systemd-email
#!/bin/sh

/usr/bin/sendmail -t <<ERRMAIL
To: $1
From: systemd <root@$HOSTNAME>
Subject: $2
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset=UTF-8

$(systemctl status --full "$2")
ERRMAIL

/etc/systemd/system/status_email_user@.service
[Unit]
Description=status email for %i to user

[Service]
Type=oneshot
ExecStart=/usr/local/bin/systemd-email address %i
User=nobody
Group=systemd-journal

还要配置一下 mysql，还要给 mysql 加上合适执行权限

/etc/systemd/system/mysqld.service.d/override.conf
[Service]
ExecStopPost=/usr/bin/sudo systemctl start status_email_user@mysqld.service

/etc/sudoers
mysql           ALL = (ALL) NOPASSWD: ALL

这里应该对 msql 的权限作更小的限制，但是设置单个命令的 sudo 规则没有生效，限于时间关系先暂时这样配置。

Referece:

• How to send an email alert when a linux service has stopped?
• How to send an email if a systemd service is restarted?

10. error running non-shared postrotate script for

/var/log/mysql/mysqld.log of '/var/log/mysql/mysqld.log '

A:In case the root user has a password, then you have to create a /root/.my.cnf configuration file with the following content:

[mysqladmin]
password = <secret>
user= root

where "<secret>" is the password.

ATTENTION: The /root/.my.cnf file should be readable _ONLY_ by root !

Reference:

• CentOS 8.2: Error Running Non-shared Postrotate Script For /var/log/mysql/mysqld.log

11. 设置服务器上用户能打开的最大文件描述符数量

A:

// /etc/security/limits.d/100-limits.conf
# hard limit for max opened files for user
*      hard    nofile          65536
# soft limit for max opened files for user
*       soft    nofile         20480

Reference:

• How to set ulimit and file descriptors limit on Linux Servers