Linux 使用笔记(三)

1.系统迁移和备份

A:为了数据安全，我们需要对系统备份，换新电脑或者更换云服务时我们需要迁移系统。Linux 系统备份和迁移的方法很多，我这里打算使用 tar 。

系统备份

首先是根据自己的实际情况列出需要备份的目录，通常有：

/etc/
/home/
/var/spool/mail/
/var/spool/cron/
/root
/usr/local/bin

然后使用 tar 命令打包：

tar -jcv -f /backups/backup-system-20200902.tar.bz2 \
> --exclude=/root/*.bz2 --exclude=/root/*.gz --exclude=/home/loop* \
> /etc /home /var/spool/mail /var/spool/cron /root /usr/local/bin

系统恢复

首先可以将备份解压到 /tmp 目录，之后使用 rsync 命令复制到对应目录便可恢复。

tar -jxv -f /backups/backup-system-20200902.tar.bz2 -C /tmp
rsync -avuz /tmp/etc/ /etc
rsync -avuz /tmp/home/ /home
rsync -avuz /tmp/var/spool/mail/ /var/spool/mail
rsync -avuz /tmp/var/spool/cron/ /var/spool/cron
rsync -avuz /tmp/root/ /root
rsync -avuz /tmp/usr/local/bin/ /usr/local/bin

系统迁移

~~换新电脑或者更换云服务时我们可能不想要上面那么麻烦，而可能想直接迁移系统，至少我是这么想的，这时我们可以使用下面的方法：~~

# 全系统备份
tar --create --absolute-names --preserve-permissions --bzip2  --file=/media/sf_Windows10-shared-folder/virtual-box-centos-8.tar.bz2 --exclude=/dev --exclude=/media --exclude=/metainfo --exclude=/mnt --exclude=/proc --exclude=/run --exclude=/sys  --exclude=/tmp --exclude=/var --exclude=/@System.solv /

# 如有需要也可检查备份的文件
tar -tjpPvf /media/sf_Windows10-shared-folder/virtual-box-centos-8.tar.bz2 | less

# 将备份包放到 /tmp 下解压
tar -xjvf virtual-box-centos-8.tar.bz2

Reference:

2.dnf list plugins command missing

A:The information is provided for nearly all command with “-v” option. See:

Loaded plugins: builddep, changelog, config-manager, copr, debug, debuginfo-install, download, generate_completion_cache, needs-restarting, playground, product-id, repoclosure, repodiff, repograph, repomanage, reposync, subscription-manager, uploadprofile Updating Subscription Management repositories.

Reference:

dnf list plugins command missing

3.How to add startup application on CentOS 8?

A:We can add by gnome tweaks. Of course you should install it with Software.

Reference:

Tweaking GNOME Desktop Environment on CentOS 8

4.开启 CentOS 8 上 tomcat 9 的注意事项

A:首先是安装 tomcat-native；其次是注意从日志文件中定位错误。我遇到了证书文件权限导致找不到文件的情况。

5.man: can’t set the locale; make sure `$LC_*` and `$LANG` are correct

A:问题是由于 ssh 终端的 locale 设置导致系统的 locale 设置出现问题，我关闭了 sshd_config 中 locale 相关的设置，使用系统的 locale 设置。

Reference:

6.在 CentOS 8 上使用 alternatives 设置默认的 java

A: 在 CentOS 8 上安装 java 包之后不知为什么 alternatives 中的配置居然不对，导致提示 java command not found，于是只好手动配置：

# 初始情况如下
$ sudo alternatives  --list
libnssckbi.so.x86_64      auto    /usr/lib64/pkcs11/p11-kit-trust.so
python                    manual  /usr/bin/python3
ifup                      auto    /usr/libexec/nm-ifup
cifs-idmap-plugin         auto    /usr/lib64/cifs-utils/cifs_idmap_sss.so
python3                   auto    /usr/bin/python3.6
nmap                      auto    /usr/bin/ncat
java                      manual  /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.262.b10-0.el8_2.x86_64/jre/bin/java
jre_openjdk               auto    /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.262.b10-0.el8_2.x86_64/jre
jre_1.8.0                 auto    /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.262.b10-0.el8_2.x86_64/jre
jre_1.8.0_openjdk         auto    /usr/lib/jvm/jre-1.8.0-openjdk-1.8.0.262.b10-0.el8_2.x86_64
links                     manual  /usr/bin/elinks
javac                     auto    /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.265.b01-0.el8_2.x86_64/bin/javac
java_sdk_openjdk          auto    /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.265.b01-0.el8_2.x86_64
java_sdk_1.8.0            auto    /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.265.b01-0.el8_2.x86_64
java_sdk_1.8.0_openjdk    auto    /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.265.b01-0.el8_2.x86_64

# 确认下正确设置的相关参数
$ alternatives --display java_sdk_openjdk
java_sdk_openjdk - status is auto.
 link currently points to /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.265.b01-0.el8_2.x86_64
/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.265.b01-0.el8_2.x86_64 - family java-1.8.0-openjdk.x86_64 priority 1800265
Current `best' version is /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.265.b01-0.el8_2.x86_64.

# 设置默认 java 相关功能的路径
sudo alternatives --install /usr/bin/java java /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.265.b01-0.el8_2.x86_64/jre/bin/java 1800265 --family java-1.8.0-openjdk.x86_64

sudo alternatives --install /usr/lib/jvm/jre_openjdk jre_openjdk /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.265.b01-0.el8_2.x86_64/jre 1800265 --family java-1.8.0-openjdk.x86_64

sudo alternatives --install /usr/lib/jvm/jre_1.8.0 jre_1.8.0 /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.265.b01-0.el8_2.x86_64/jre 1800265 --family java-1.8.0-openjdk.x86_64

sudo alternatives --install /usr/lib/jvm/jre_1.8.0_openjdk jre_1.8.0_openjdk /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.265.b01-0.el8_2.x86_64 1800265 --family java-1.8.0-openjdk.x86_64 

# 确认设置结果
$ alternatives --list
libnssckbi.so.x86_64      auto    /usr/lib64/pkcs11/p11-kit-trust.so
python                    manual  /usr/bin/python3
ifup                      auto    /usr/libexec/nm-ifup
cifs-idmap-plugin         auto    /usr/lib64/cifs-utils/cifs_idmap_sss.so
python3                   auto    /usr/bin/python3.6
nmap                      auto    /usr/bin/ncat
links                     manual  /usr/bin/elinks
javac                     auto    /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.265.b01-0.el8_2.x86_64/bin/javac
java_sdk_openjdk          auto    /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.265.b01-0.el8_2.x86_64
java_sdk_1.8.0            auto    /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.265.b01-0.el8_2.x86_64
java_sdk_1.8.0_openjdk    auto    /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.265.b01-0.el8_2.x86_64
java                      auto    /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.265.b01-0.el8_2.x86_64/jre/bin/java
jre_openjdk               auto    /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.265.b01-0.el8_2.x86_64/jre
jre_1.8.0                 auto    /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.265.b01-0.el8_2.x86_64/jre
jre_1.8.0_openjdk         auto    /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.265.b01-0.el8_2.x86_64

另外我们还可以在 /etc/profile.d 目录下新建 java.sh 文件来设置 JAVA_HOME 和 JRE_HOME：

# /etc/profile.d/java.sh
JAVA_HOME="/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.265.b01-0.el8_2.x86_64"
JRE_HOME="/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.265.b01-0.el8_2.x86_64/jre"

Reference:

Introduction to the alternatives command in Linux

7. chsh command not available on CentOS 8

$ dnf provides '*/chsh'
Last metadata expiration check: 8 days, 1:03:13 ago on Thu 01 Oct 2020 03:47:40 AM UTC.
util-linux-user-2.32.1-22.el8.x86_64 : libuser based util-linux utilities
Repo        : BaseOS
Matched from:
Filename    : /etc/pam.d/chsh
Filename    : /usr/bin/chsh
Filename    : /usr/share/bash-completion/completions/chsh

$ rpm -q util-linux-user-2.32.1-22.el8.x86_64
package util-linux-user-2.32.1-22.el8.x86_64 is not installed

$ sudo dnf install util-linux-user-2.32.1-22.el8.x86_64

CentOS 8.0.1905 - ‘chsh’ : command not found

8. rsync 同步目录时产生了很多以 `~` 结尾的文件

A:原因是加上了 b 选项，会对文件做备份

rsync -avuzb treasure-workspace/dist/treasure/ treasure-lib-dist

Reference:

9. systemd 服务停止后邮件通知管理员

A: 我们可以利用 ExecStopPost 设置，以 mysql 为例，先准备好邮件发送程序，这里我们可以参考 Arch linux 的做法：

/usr/local/bin/systemd-email
#!/bin/sh

/usr/bin/sendmail -t <<ERRMAIL
To: $1
From: systemd <root@$HOSTNAME>
Subject: $2
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset=UTF-8

$(systemctl status --full "$2")
ERRMAIL

/etc/systemd/system/status_email_user@.service
[Unit]
Description=status email for %i to user

[Service]
Type=oneshot
ExecStart=/usr/local/bin/systemd-email address %i
User=nobody
Group=systemd-journal

还要配置一下 mysql，还要给 mysql 加上合适执行权限

/etc/systemd/system/mysqld.service.d/override.conf
[Service]
ExecStopPost=/usr/bin/sudo systemctl start status_email_user@mysqld.service

/etc/sudoers
mysql           ALL = (ALL) NOPASSWD: ALL

这里应该对 msql 的权限作更小的限制，但是设置单个命令的 sudo 规则没有生效，限于时间关系先暂时这样配置。

Referece:

10. error running non-shared postrotate script for

/var/log/mysql/mysqld.log of '/var/log/mysql/mysqld.log '

A:In case the root user has a password, then you have to create a /root/.my.cnf configuration file with the following content:

[mysqladmin]
password = <secret>
user= root

where "<secret>" is the password.

ATTENTION: The /root/.my.cnf file should be readable _ONLY_ by root !

Reference:

CentOS 8.2: Error Running Non-shared Postrotate Script For /var/log/mysql/mysqld.log

11. 设置服务器上用户能打开的最大文件描述符数量

// /etc/security/limits.d/100-limits.conf
# hard limit for max opened files for user
*      hard    nofile          65536
# soft limit for max opened files for user
*       soft    nofile         20480

Reference:

How to set ulimit and file descriptors limit on Linux Servers

Hello World

Here's where it all happens for me.